www.theenemy.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.theenemy.com.br/
Effective URL:
https://www.theenemy.com.br/
Submission: On December 08 via api (December 8th 2023, 1:05:58 pm UTC) from US — Scanned from DE

Summary HTTP 583 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 81 IPs in 12 countries across 66 domains to perform 583 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is www.theenemy.com.br.
TLS certificate: Issued by R3 on October 13th 2023. Valid for: 3 months.

This is the only time www.theenemy.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 118	179.191.182.65 179.191.182.65	52580 (Azion Tec...) (Azion Technologies Ltda.)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
8	2a02:26f0:480... 2a02:26f0:480:3::210:ee92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.118.167 146.75.118.167	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:df3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700:303... 2606:4700:3033::6815:325a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2 4	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
7	185.86.138.122 185.86.138.122	201081 (SMARTADSE...) (SMARTADSERVER)
1 7	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
8	52.222.253.136 52.222.253.136	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4005:801::2003	15169 (GOOGLE) (GOOGLE)
10	141.94.219.171 141.94.219.171	16276 (OVH) (OVH)
1	162.19.56.86 162.19.56.86	16276 (OVH) (OVH)
4 24	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2016	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
11 35	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2.19.216.243 2.19.216.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2	162.19.96.32 162.19.96.32	16276 (OVH) (OVH)
50	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
14	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
19	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1 2	52.212.68.218 52.212.68.218	16509 (AMAZON-02) (AMAZON-02)
1 4	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	3.123.203.242 3.123.203.242	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:211... 2600:9000:211e:7200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
3 4	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1 6	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
5 5	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	2.19.217.66 2.19.217.66	16625 (AKAMAI-AS) (AKAMAI-AS)
3	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
3	2600:9000:238... 2600:9000:238d:1a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
3	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2 4	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
2	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
3	3.11.198.160 3.11.198.160	16509 (AMAZON-02) (AMAZON-02)
3 6	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
2 2	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
3	23.199.221.167 23.199.221.167	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	81.17.55.109 81.17.55.109	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
11	2600:1f13:800... 2600:1f13:800:7781:6f80:690b:cb6e:6bb0	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:11b1:8ae0:b180:1e1	16509 (AMAZON-02) (AMAZON-02)
3	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
3	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
6	3.10.29.13 3.10.29.13	16509 (AMAZON-02) (AMAZON-02)
2	35.236.21.45 35.236.21.45	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	179.191.181.65 179.191.181.65	52580 (Azion Tec...) (Azion Technologies Ltda.)
1	206.41.74.3 206.41.74.3	4455 (BSO) (BSO)
583	81

118 179.191.182.65 (Offenbach, Germany) 3 redirects

ASN52580 (Azion Technologies Ltda., BR)

www.theenemy.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ome.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
client.azionrum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rum.azion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
530001a.ha.azioncdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f9c0ee4d-4a15-4178-841e-44917a694fbf.rsv.azioncdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f9c0ee4d-4a15-4178-841e-44917a694fbf.rum.azioncdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
478d81f566ccd664e6f1f83927d96c5c14da1d44.rum.azioncdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:480:3::210:ee92 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

i.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.167 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:df3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
experiences.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4005:801::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 141.94.219.171 (France)

ASN16276 (OVH, FR)
PTR: haproxy06.cl13.ovh.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.56.86 (France)

ASN16276 (OVH, FR)
PTR: haproxy01.cl13.ovh.mrf.io

marfeelexperimentsexperienceengine.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.181.226 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.216.243 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-243.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.96.32 (France)

ASN16276 (OVH, FR)
PTR: haproxy05.cl13.ovh.mrf.io

compassdata.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.72 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 144.76.238.55 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.68.218 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-68-218.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.149 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

hal90009.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.123.203.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-203-242.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.228 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.86.98 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 138.201.63.117 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.228.174.117 (United Kingdom) 5 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.217.66 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-66.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:238d:1a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:d0a:2321::2 (Frankfurt am Main, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.11.198.160 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.38 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.23.99.218 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.199.221.167 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-221-167.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.17.55.109 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:1f13:800:7781:6f80:690b:cb6e:6bb0 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:11b1:8ae0:b180:1e1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.10.29.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.236.21.45 (Los Angeles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 45.21.236.35.bc.googleusercontent.com

rum.azion.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 179.191.181.65 (Paris, France)

ASN52580 (Azion Technologies Ltda., BR)

fa7d057471c13251cd5e25bbfa8d091e8620d65a.rum.azioncdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.41.74.3 (United Kingdom)

ASN4455 (BSO, GB)

6f41c7e53d4ec762a5708e2f13b37c2b98086ac1.rum.azioncdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
109	ome.lt cdn.ome.lt	6 MB
83	googlesyndication.com 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ade.googlesyndication.com — Cisco Umbrella Rank: 293	500 KB
76	doubleclick.net 18 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422	386 KB
34	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	4 MB
27	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37721 hal90009.redintelligence.net — Cisco Umbrella Rank: 205785 hal90003.redintelligence.net — Cisco Umbrella Rank: 218779 hal90007.redintelligence.net — Cisco Umbrella Rank: 268469	669 KB
25	gstatic.com www.gstatic.com fonts.gstatic.com	326 KB
21	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 jnn-pa.googleapis.com — Cisco Umbrella Rank: 203	165 KB
19	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	314 KB
17	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2693 play.google.com Failed adservice.google.com — Cisco Umbrella Rank: 93	80 KB
16	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	105 KB
11	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	73 KB
10	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 7439	3 KB
9	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	56 KB
9	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 47317 medialead.de — Cisco Umbrella Rank: 46843	3 KB
9	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1657 ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	4 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	683 KB
8	scdn.co i.scdn.co — Cisco Umbrella Rank: 1518	317 KB
8	teads.tv 1 redirects a.teads.tv — Cisco Umbrella Rank: 1466 at.teads.tv — Cisco Umbrella Rank: 4890 sync.teads.tv — Cisco Umbrella Rank: 1299	5 KB
7	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 9391 marfeelexperimentsexperienceengine.mrf.io — Cisco Umbrella Rank: 28254 compassdata.mrf.io — Cisco Umbrella Rank: 46456 experiences.mrf.io — Cisco Umbrella Rank: 10349	65 KB
6	azioncdn.net b82a9e08-62e7-47d9-a5a6-e6ce5a77d089.rum.azioncdn.net Failed 530001a.ha.azioncdn.net f9c0ee4d-4a15-4178-841e-44917a694fbf.rsv.azioncdn.net f9c0ee4d-4a15-4178-841e-44917a694fbf.rum.azioncdn.net 478d81f566ccd664e6f1f83927d96c5c14da1d44.rum.azioncdn.net fa7d057471c13251cd5e25bbfa8d091e8620d65a.rum.azioncdn.net 6f41c7e53d4ec762a5708e2f13b37c2b98086ac1.rum.azioncdn.net	5 KB
5	openx.net us-u.openx.net — Cisco Umbrella Rank: 491 rtb.openx.net — Cisco Umbrella Rank: 695	844 B
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	319 KB
5	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1240 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
5	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 32696 usr.navdmp.com — Cisco Umbrella Rank: 37984 cdn.navdmp.com — Cisco Umbrella Rank: 20813 sync2.navdmp.com — Cisco Umbrella Rank: 60002	6 KB
4	retailads.net 2 redirects cdn.retailads.net — Cisco Umbrella Rank: 164531	11 KB
4	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 714	1 KB
4	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	9 KB
4	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	215 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	178 KB
3	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	4 KB
3	awin1.com www.awin1.com — Cisco Umbrella Rank: 13930	2 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	5 KB
3	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 128498	3 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 546	2 KB
3	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 793	248 B
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	1 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	436 B
3	google.de www.google.de — Cisco Umbrella Rank: 6765	579 B
3	rubiconproject.com 2 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 pixel.rubiconproject.com — Cisco Umbrella Rank: 339	6 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	theenemy.com.br 1 redirects www.theenemy.com.br	36 KB
2	azion.net rum.azion.net
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	651 B
2	futalis.de futalis.de — Cisco Umbrella Rank: 305788	801 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	1 KB
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 1618	571 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	816 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	79 B
1	azion.com rum.azion.com	4 KB
1	azionrum.net client.azionrum.net	733 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	707 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	465 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	608 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 638	575 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	586 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	238 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11353	1 KB
1	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1808	418 B
1	twitch.tv player.twitch.tv — Cisco Umbrella Rank: 35633	8 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
583	66

	Domain	Requested by
109	cdn.ome.lt	www.theenemy.com.br cdn.ome.lt
50	pagead2.googlesyndication.com	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.theenemy.com.br www.googletagservices.com securepubads.g.doubleclick.net
35	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
34	www.youtube.com	www.theenemy.com.br www.youtube.com sdk.mrf.io
23	tpc.googlesyndication.com	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.theenemy.com.br securepubads.g.doubleclick.net
19	s0.2mdn.net	www.theenemy.com.br s0.2mdn.net 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
19	googleads.g.doubleclick.net	4 redirects www.googletagmanager.com www.youtube.com 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com pagead2.googlesyndication.com
16	jnn-pa.googleapis.com	www.youtube.com
16	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
14	hal9000.redintelligence.net	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com hal90009.redintelligence.net hal90003.redintelligence.net hal90007.redintelligence.net
12	www.google.com	www.theenemy.com.br www.youtube.com 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com tpc.googlesyndication.com
11	dt.adsafeprotected.com	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
10	events.newsroom.bi	sdk.mrf.io
9	www.gstatic.com	www.theenemy.com.br www.youtube.com www.gstatic.com
9	www.googletagmanager.com	www.theenemy.com.br www.googletagmanager.com adv.office-partner.de
8	aax.amazon-adsystem.com	c.amazon-adsystem.com
8	i.scdn.co	www.theenemy.com.br
7	pv.medialead.de	hal90009.redintelligence.net 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com hal90003.redintelligence.net hal90007.redintelligence.net
7	prg.smartadserver.com	cdn.ome.lt
6	api.webgains.io	analytics.webgains.io
6	5994599.fls.doubleclick.net	3 redirects www.theenemy.com.br 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
6	hal90003.redintelligence.net	1 redirects 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com hal90003.redintelligence.net
6	sync.teads.tv	1 redirects googleads.g.doubleclick.net 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
6	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
5	fonts.googleapis.com	cdn.ome.lt hal90009.redintelligence.net hal90003.redintelligence.net hal90007.redintelligence.net
4	ade.googlesyndication.com
4	cdn.retailads.net	2 redirects futalis.de
4	googleads4.g.doubleclick.net	www.theenemy.com.br
4	onetag-sys.com	3 redirects 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
4	hal90009.redintelligence.net	1 redirects 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com hal90009.redintelligence.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	yt3.ggpht.com	www.youtube.com
4	i.ytimg.com	www.youtube.com
4	static.doubleclick.net	www.youtube.com
4	connect.facebook.net	www.theenemy.com.br connect.facebook.net
3	cdn.track.production.webgains.team	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
3	analytics.webgains.io	track.webgains.com
3	adservice.google.com	5994599.fls.doubleclick.net
3	www.awin1.com	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com hal90007.redintelligence.net
3	track.webgains.com	www.theenemy.com.br 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
3	adv.office-partner.de	hal90009.redintelligence.net hal90003.redintelligence.net hal90007.redintelligence.net
3	static.adsafeprotected.com	fw.adsafeprotected.com 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
3	hal90007.redintelligence.net	hal9000.redintelligence.net 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com hal90007.redintelligence.net
3	sync.1rx.io	3 redirects
3	image6.pubmatic.com	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
3	eb2.3lift.com	3 redirects
3	x.bidswitch.net	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
3	ad.doubleclick.net	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
3	ups.analytics.yahoo.com	www.theenemy.com.br googleads.g.doubleclick.net
3	www.google.de	www.theenemy.com.br
3	ib.adnxs.com	1 redirects cdn.ome.lt googleads.g.doubleclick.net
3	sdk.mrf.io	www.theenemy.com.br sdk.mrf.io
3	www.google-analytics.com	www.theenemy.com.br www.google-analytics.com
3	securepubads.g.doubleclick.net	www.theenemy.com.br securepubads.g.doubleclick.net
3	www.theenemy.com.br	1 redirects cdn.ome.lt
2	rum.azion.net	www.theenemy.com.br
2	ssbsync.smartadserver.com	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
2	pixel.rubiconproject.com	2 redirects
2	d5p.de17a.com	2 redirects
2	medialead.de	2 redirects
2	futalis.de	hal90009.redintelligence.net hal90003.redintelligence.net
2	sync.targeting.unrulymedia.com	2 redirects
2	tr.blismedia.com	1 redirects 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
2	sync-tm.everesttech.net	2 redirects
2	c1.adform.net	2 redirects
2	fw.adsafeprotected.com	1 redirects www.theenemy.com.br
2	compassdata.mrf.io	sdk.mrf.io
2	www.facebook.com	connect.facebook.net www.theenemy.com.br
2	region1.analytics.google.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	tag.navdmp.com	www.theenemy.com.br tag.navdmp.com
2	c.amazon-adsystem.com	www.theenemy.com.br c.amazon-adsystem.com
1	6f41c7e53d4ec762a5708e2f13b37c2b98086ac1.rum.azioncdn.net	www.theenemy.com.br
1	fa7d057471c13251cd5e25bbfa8d091e8620d65a.rum.azioncdn.net	www.theenemy.com.br
1	478d81f566ccd664e6f1f83927d96c5c14da1d44.rum.azioncdn.net	www.theenemy.com.br
1	f9c0ee4d-4a15-4178-841e-44917a694fbf.rum.azioncdn.net
1	f9c0ee4d-4a15-4178-841e-44917a694fbf.rsv.azioncdn.net	1 redirects
1	530001a.ha.azioncdn.net	1 redirects
1	rum.azion.com	client.azionrum.net
1	client.azionrum.net	www.theenemy.com.br
1	experiences.mrf.io	sdk.mrf.io
1	secure.adnxs.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
1	r.turn.com	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	rtb.openx.net	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	tags.bluekai.com	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	s.ad.smaato.net	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
1	dis.criteo.com	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
1	match.adsrvr.org	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
1	m.exactag.com	669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
1	cms.analytics.yahoo.com	1 redirects
1	pixel.mathtag.com	www.theenemy.com.br
1	sync2.navdmp.com	www.theenemy.com.br
1	cdn.navdmp.com	tag.navdmp.com
1	usr.navdmp.com	tag.navdmp.com
1	marfeelexperimentsexperienceengine.mrf.io	sdk.mrf.io
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	at.teads.tv	a.teads.tv
1	fastlane.rubiconproject.com	cdn.ome.lt
1	player.twitch.tv	www.theenemy.com.br
1	a.teads.tv	www.theenemy.com.br
0	b82a9e08-62e7-47d9-a5a6-e6ce5a77d089.rum.azioncdn.net Failed
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
0	play.google.com Failed	www.youtube.com
583	111

This site contains links to these domains. Also see Links.

Domain
www.twitch.tv
www.youtube.com
www.facebook.com
www.instagram.com
twitter.com
discord.gg
open.spotify.com
apple.co
www.omeletecompany.com
omelete.com.br
www.ccxp.com.br
www.gaules.gg
www.bigfestival.com.br
twitch.tv
www.gamexp.com.br

Subject Issuer	Validity	Valid
*.theenemy.com.br R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
*.ome.lt R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.scdn.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-19`	a year	crt.sh
twitch.tv GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-01` - `2024-10-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-16` - `2023-12-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ssl03.cert.cl13.k8s.mrf.io R3	`2023-11-24` - `2024-02-22`	3 months	crt.sh
ssl01.cert.cl13.k8s.mrf.io R3	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
ssl02.cert.cl13.k8s.mrf.io R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2023-08-22` - `2024-09-15`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.futalis.de R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
azion.com GlobalSign ECC CloudSSL CA - SHA384 - G3	`2023-11-28` - `2024-12-29`	a year	crt.sh

This page contains 44 frames:

Primary Page: https://www.theenemy.com.br/
Frame ID: 40BA00DEF6788D430B583072D9618D73
Requests: 211 HTTP requests in this frame

Frame: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1
Frame ID: 78147C821CA56FAADD181725EFE7968E
Requests: 43 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1
Frame ID: 9ABBAB7C052092E879BEF81DEE9A6A8C
Requests: 42 HTTP requests in this frame

Frame: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BE5AAEB19257975584DCEE5D97EE997C
Requests: 1 HTTP requests in this frame

Frame: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 219FAE6B39D9E9C884DB332D723A7E0D
Requests: 22 HTTP requests in this frame

Frame: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0ACBDE3F6B3B2F0EEC88438046269A7D
Requests: 36 HTTP requests in this frame

Frame: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0D5D2C92F8E70FB0CEEF55A1DF883652
Requests: 23 HTTP requests in this frame

Frame: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 548D33484499C4C8804A2158D6DBF2C3
Requests: 21 HTTP requests in this frame

Frame: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E80C20BD65B2FB2E5A2121DDA7D042E4
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUmMNAu3waGv9difKvdoeLbdie405QPMU5NjNe7BwcDn0quAHIfJjjQVAWUOe32N0xAohl9Mp4BVbaa0DQ91dOnO-Nd3AYwLHJjRq6fgguYNGv18n4rWQ7WJk4cWjmVHXPYqK9ezyqni-gYvAb0lDWCxFqFNJfVQp32qpr855x0Z7xSBrk
Frame ID: E1C31CC2550745FEAF450D7D461C1E71
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPHxmIACMAE&v=APEucNU-Ue8yMoOkHNLSLciOn5Fa8iIpimgt9Qrb7rl74KS-Y4cKVbsMkgnTZEyiHJumTHmSyBmLYQvV0Jai3PM_fmNQZrvIccdbl_zOdTm9QfxD9WXODb-_s0l52q4WiAJgXnF6TbIVns_RGlb4c4aFkLQXndWQvFYtn2kVCMXl-NWVLco1UYk
Frame ID: 35041F54486A52440DB26621BFC607F5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNVoQVhaciwiBZFJS1etFVgwVt1Oopg7tonpPt8CEAnCuM2uyySmLjW4HynnNBub2bINhD64VZHt4JCOK88SX_qRRgE6dEGRdEt0SlKet9QFTrqnsYvYPzuRe2NpV0rmdvMbxr2IbaOsMd5OTf_iloR3yIFnY_OBT_uIOZSYSOlc2eIZ7t8
Frame ID: 5D23870ED96E0770939F4DB21BC1461E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKCEht4BMAE&v=APEucNUIa1wb6_bsJWrvpD7ABOfE1mezAGQe3Edp3xZntz-hHgUhvprhncNOW-upd4eEpjLERjpBPREdtIbq-U8lSwYkiQAcY9zvtECxyMTFIoiJtHzyxqJJS1zdF3IQVH2qs8W4O83yf9CpkKv5uXI017mWhwbQP52HfMW7hgRKBP_y0389iiA
Frame ID: 53E2D51FC910B574DC956A687CBFB8D9
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNXN-2sc6GWVmvkRjoO7ikpat4687-DFuonF0Vkiuun2kG34ISc4aLoRXnVZb5cD0gpN0s0d4Aoe9Xo_7CBaEm9ipWg3l_kcwWN5YTNe53-HNIl51CySN3H1cRF4pG9ysmFEtpB8ezuk-JHh5G5SheyywERNeiBd2z9498w34a_drW_ctPo
Frame ID: 789F1377868FF74EE54E77F1A4339A37
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D6E008D0F19D8CD385D02BFC326242B1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2039E16B06CBEFCE78DF5AB29C9099D2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 289EE93FB1477D5F6BEB0032C66177A9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: EB50CF4CA0E7BEF34847791B0D988153
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BB29470E07E17487B4094C4F6F0E009E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4836042240BEB03DB06088E1F1D8B0BA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/index.html?ev=01_250
Frame ID: 1E439BD75F425F33A1AB792EE4B097F6
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/index.html?ev=01_250
Frame ID: A9C1BBBC7F838CB112A5A5E4D6B814D2
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AE61F74DDCFD336BD3403758C61FB490
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=55692500086365404444990012532009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: FD149562B35281F5345BA4884E03A095
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: E236C1387B3716FB0BA020A596EB82CE
Requests: 3 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3371125725
Frame ID: 024D8D9DCBF0E8A125D74FF6DA7749E5
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ-4v-nz_4IDFbDHOwIdqmMNUg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9700838007636.314
Frame ID: 3B915D224F05B6116F4710F0AABEF047
Requests: 2 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=55692500086365404444990012532009&a=a021c2a0
Frame ID: BF39F211D57E178ED5DC4A4418AB41F3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E1B4723B75C89C1721563B9EF492E7D3
Requests: 9 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=47445800082620104444990012532003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: B2AF2F301BD8E35AEF6BA488D2F3B7E7
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 3992AC2C7C1231CAE20874866AAA7B9C
Requests: 3 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3371125726
Frame ID: B1F430B98147BF2C77479E845330CFDF
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJC7v-nz_4IDFRzBOwIdxI8Luw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=49979420186.161415
Frame ID: D28C61F58364AF982C7470EF3B7503DF
Requests: 2 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=47445800082620104444990012532003&a=029bc3fe
Frame ID: 6E1973A1ACD4BD18E4B04A6BF7143990
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8FB8761587D3D453CF74EC041F53A129
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 72C3AFE717E0F0809B526E58629AC165
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=60009900089143504444978012532007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 332509EA9E6707C374C7D5E38E7BACC0
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 3FC753A22E678315FCE575C6D5B17FD1
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOJ4Onz_4IDFRPMmgodvaEDfQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4042926430978.3643
Frame ID: 1C51E1D256C9A45F1483C6719CBA13E4
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=60009900089143504444978012532007&a=b4bd6c63
Frame ID: D54EB80128E412F7E487DD0F63779BFF
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7DC6D6DFFB9A29278A60867795310D58
Requests: 9 HTTP requests in this frame

Frame: https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Frame ID: A3D37A46C44D709EBDFCEC41D3B685C7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 086C77B385F2E14DE9D04C958BA17347
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E9B63EE86E41DF1E3FB65BFE22B96CC1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Enemy - A maior plataforma de games do Brasil

Page URL History Show full URLs

http://www.theenemy.com.br/ HTTP 301
https://www.theenemy.com.br/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

583
Requests

91 %
HTTPS

38 %
IPv6

66
Domains

111
Subdomains

81
IPs

12
Countries

14686 kB
Transfer

30990 kB
Size

61
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.twitch.tv/theenemybr

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TheEnemyBR

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheEnemyBR

Search URL Search Domain Scan URL

URL: https://www.instagram.com/TheEnemyBR/

Search URL Search Domain Scan URL

URL: https://twitter.com/TheEnemyBR

Search URL Search Domain Scan URL

URL: https://discord.gg/hG463uZ

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/7f7RhuX8u47W3HeYVDvFw4

Search URL Search Domain Scan URL

URL: https://apple.co/48rO9Cv
Title: APPLETV+: CLIQUE AQUI E EXPERIMENTE GRÁTIS POR 7 DIAS

Search URL Search Domain Scan URL

URL: https://open.spotify.com/episode/31Crb8eYZ2nfouITO1rM9C

Search URL Search Domain Scan URL

URL: https://open.spotify.com/episode/4xpdWWZbhAvJWdn4HWXJ1N

Search URL Search Domain Scan URL

URL: https://open.spotify.com/episode/7lSWIo9457yDdtWCVErbhW

Search URL Search Domain Scan URL

URL: https://www.omeletecompany.com/politica-privacidade
Title: Política de privacidade

Search URL Search Domain Scan URL

URL: https://omelete.com.br/

Search URL Search Domain Scan URL

URL: https://www.ccxp.com.br/

Search URL Search Domain Scan URL

URL: https://www.gaules.gg/

Search URL Search Domain Scan URL

URL: https://www.bigfestival.com.br/

Search URL Search Domain Scan URL

URL: https://twitch.tv/baiano

Search URL Search Domain Scan URL

URL: https://www.gamexp.com.br/

Search URL Search Domain Scan URL

URL: https://www.omeletecompany.com/termos-e-condicoes
Title: Política de Privacidade

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.theenemy.com.br/ HTTP 301
https://www.theenemy.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 188

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 190

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 250

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 252

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 273

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=84911266044 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=84911266044&google_gid=CAESEJJ3563uMIx__aQWAg00CmY&google_cver=1

Request Chain 275

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Request Chain 323

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzn45KjSvTHniJE2yfso7k&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzn45KjSvTHniJE2yfso7k&google_cver=1&C=1

Request Chain 324

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXMUmj3ueRvVuXiWtIGQLgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzn45KjSvTHniJE2yfso7k&google_cver=1

Request Chain 325

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJA5QZ_o6p8mG9UraKqeDtU&google_cver=1

Request Chain 326

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU5NjAwNDUxMDg0NjU2MzA2

Request Chain 329

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECX_zQQNYoZWjM1WywIscfk&google_cver=1

Request Chain 331

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEEMkCq8mFpO0YaUNWzE-kKI&google_cver=1

Request Chain 333

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECX_zQQNYoZWjM1WywIscfk&google_cver=1

Request Chain 335

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEEMkCq8mFpO0YaUNWzE-kKI&google_cver=1

Request Chain 343

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGnTw1ZwxbJZpYL8fJ_zQLI&google_cver=1

Request Chain 346

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGnTw1ZwxbJZpYL8fJ_zQLI&google_cver=1

Request Chain 380

https://hal90009.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=f06f2ec8b4&subid=&uid=ebce8839f517614c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu8lwmRRzZd2VK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0AyIJtCtVB9Qjwu-p29_Nhj27pBXHosV7PGRZy9idDqnDfvaJA_VDXNB4GTuRB6KaJsxx0Vx6fBu1iZ958YXbWLWJsFmOfPIz9QHuZ6YSFKqD29ADQXRrbxFzx2kpWV6fdqnR4PzWIrr5OJYoC-ofwDNEzz7Z27Jg7ATAVGMkwPERfd2bTEZdlA78dG9pheilHb7lZfzxLN6IZO53T7nomVabl3hM9xHi27GoakNED-h7MJBJAjQagZ8j-y-PTmaigkXNXmiOjivzL0BXGpFG1CxSPipKwVYhqCajqKKmQudcEdj6zMuHkHy-rJ61tqqYuera_B3v_P1z2eP1xBV3ZQaT-leDRaWcc_HyRwuNXF5e14argBSOe0S-IT4SYaE_-5zhZRX0cAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIp_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_05Y94UlYrgkMStRBv1neiKUbc5Ng%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BEG6qTYIrbVp8y9ujXFbM1y5r-4TnLlz0Nfznoqih2VM0jJDizwNFya05cXtYgl994oYC1n9eGt5mzyoJknrP5GSv-0LRK6zxv75ss5bGZ25jL3eYwYmtLC3ryGbaJg5IAiTnc4UDvX7jop2R9SRzojR_BUzaI1HYBOARJEXsOTY9yZqU%26cry%3D1%26dbm_d%3DAKAmf-DS2ggjLYJnSI3UDBbmtXg3BbTcfhVgS4rr9kuf40eIedeIxo6_55JUsmiKk9rARSF-1b9X2yO_-NSn1VGMEs_R4FVO0-LDOz9j5y2FYCQOzI9HFeslmbcyPwNAMK2fDefREYup_I0CT7vzp5mu00wvqRs3Vm-nMUWRifz1WwumweeQJqUGsgKye0G1nEB1UldwFeWd2gSeJPJJ7TMY6dLJ5iq40z1FsO5kV0G-OTQaJwcQoeCDekGp1Wnpmds-v9705Xk-VzrQiYudpSOx5mq3oyI1zovW4sLoa4CLuHdY7aDzGsbf2nMVt4Rx87QBsUEsN6XiuAca23mcsrPdh-4pHGHjo_u7LOqtXJZuR1XXvnMKTSvUkMOu0qy2qwOzMeuLMK52D8PE5C_whXCbRDT2TZoaHm6kN3bF8XT-BqE6Yx2akZ7DDM-eXJRm5wutfYMO5gNNrGzveLO41-6in87mUktyYDHf5ED_s47LLD903tsq9Op3Tv9_aKaMmGiBOM0t0bTYHS3zkbbLSJ-agQ7EWGEtCIrKdZXbNfnXK7RfiEw8SY4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=2973323777324&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90009.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=f06f2ec8b4&subid=&uid=ebce8839f517614c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu8lwmRRzZd2VK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0AyIJtCtVB9Qjwu-p29_Nhj27pBXHosV7PGRZy9idDqnDfvaJA_VDXNB4GTuRB6KaJsxx0Vx6fBu1iZ958YXbWLWJsFmOfPIz9QHuZ6YSFKqD29ADQXRrbxFzx2kpWV6fdqnR4PzWIrr5OJYoC-ofwDNEzz7Z27Jg7ATAVGMkwPERfd2bTEZdlA78dG9pheilHb7lZfzxLN6IZO53T7nomVabl3hM9xHi27GoakNED-h7MJBJAjQagZ8j-y-PTmaigkXNXmiOjivzL0BXGpFG1CxSPipKwVYhqCajqKKmQudcEdj6zMuHkHy-rJ61tqqYuera_B3v_P1z2eP1xBV3ZQaT-leDRaWcc_HyRwuNXF5e14argBSOe0S-IT4SYaE_-5zhZRX0cAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIp_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_05Y94UlYrgkMStRBv1neiKUbc5Ng%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BEG6qTYIrbVp8y9ujXFbM1y5r-4TnLlz0Nfznoqih2VM0jJDizwNFya05cXtYgl994oYC1n9eGt5mzyoJknrP5GSv-0LRK6zxv75ss5bGZ25jL3eYwYmtLC3ryGbaJg5IAiTnc4UDvX7jop2R9SRzojR_BUzaI1HYBOARJEXsOTY9yZqU%26cry%3D1%26dbm_d%3DAKAmf-DS2ggjLYJnSI3UDBbmtXg3BbTcfhVgS4rr9kuf40eIedeIxo6_55JUsmiKk9rARSF-1b9X2yO_-NSn1VGMEs_R4FVO0-LDOz9j5y2FYCQOzI9HFeslmbcyPwNAMK2fDefREYup_I0CT7vzp5mu00wvqRs3Vm-nMUWRifz1WwumweeQJqUGsgKye0G1nEB1UldwFeWd2gSeJPJJ7TMY6dLJ5iq40z1FsO5kV0G-OTQaJwcQoeCDekGp1Wnpmds-v9705Xk-VzrQiYudpSOx5mq3oyI1zovW4sLoa4CLuHdY7aDzGsbf2nMVt4Rx87QBsUEsN6XiuAca23mcsrPdh-4pHGHjo_u7LOqtXJZuR1XXvnMKTSvUkMOu0qy2qwOzMeuLMK52D8PE5C_whXCbRDT2TZoaHm6kN3bF8XT-BqE6Yx2akZ7DDM-eXJRm5wutfYMO5gNNrGzveLO41-6in87mUktyYDHf5ED_s47LLD903tsq9Op3Tv9_aKaMmGiBOM0t0bTYHS3zkbbLSJ-agQ7EWGEtCIrKdZXbNfnXK7RfiEw8SY4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=2973323777324&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 387

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEORrkB7LWdooJGfW_p6DLH0&google_cver=1&google_push=AXcoOmQsfJV-c5t7qwTNGKx0hYoNpX-_S4Y-mGrxi-yydaZhNLHs8kmHQnpzRoSqExY1QGDYDGdhv8nWesiLMcaq0gm9XiVgNeY HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEORrkB7LWdooJGfW_p6DLH0&google_cver=1&google_push=AXcoOmQsfJV-c5t7qwTNGKx0hYoNpX-_S4Y-mGrxi-yydaZhNLHs8kmHQnpzRoSqExY1QGDYDGdhv8nWesiLMcaq0gm9XiVgNeY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE0NDA4NjY5MDYwMTQyMDI4Mw&google_push=AXcoOmQsfJV-c5t7qwTNGKx0hYoNpX-_S4Y-mGrxi-yydaZhNLHs8kmHQnpzRoSqExY1QGDYDGdhv8nWesiLMcaq0gm9XiVgNeY

Request Chain 390

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBZjRYlVGLeeFVXit-TGN1o&google_cver=1&google_push=AXcoOmRpZukRkd74MjF6I1YFj2f6fswWxOGElppTybEHfI6iQkxLNj-HysmVWB5_58CF6LFvNeeS-xkIHzUvf0PvnE3wP8cqrtVJ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRpZukRkd74MjF6I1YFj2f6fswWxOGElppTybEHfI6iQkxLNj-HysmVWB5_58CF6LFvNeeS-xkIHzUvf0PvnE3wP8cqrtVJ&google_gid=CAESEBZjRYlVGLeeFVXit-TGN1o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4ODYxNDA0OTA2OTE1MDcyNTMwMA%3D%3D&google_push=AXcoOmRpZukRkd74MjF6I1YFj2f6fswWxOGElppTybEHfI6iQkxLNj-HysmVWB5_58CF6LFvNeeS-xkIHzUvf0PvnE3wP8cqrtVJ

Request Chain 391

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAnV8puUNoVCTjKIgrwcjuw&google_cver=1&google_push=AXcoOmSWdz4nW7Z-_hIRiGtIDRBRrKaFZECchIUYGa4R-_ByMkKPvP_0vYeZUBIdvc1nZLZL7TrvjjbO10aoRfqwGC0d-bX6W4fwUg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSWdz4nW7Z-_hIRiGtIDRBRrKaFZECchIUYGa4R-_ByMkKPvP_0vYeZUBIdvc1nZLZL7TrvjjbO10aoRfqwGC0d-bX6W4fwUg HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 393

https://hal90003.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=820972cc0a&subid=&uid=0534883079166214&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-6-VmRRzZeCVK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0KtPNLZYKnAy7zj32f20epEqdVL5T_yAnkpCRfIYRh2LqiABMx4ho-bO7DQV4wRG3QrMdYKf373mSaw2WfYtDq1mjdahdwVMEemSrmJ0ItfJ1K9BHqEO0kkuBjLWlSzOLJSH7iPB3HgXaNf-UPv_I7Re7dnXKGk78uOgpLH9kRSTHa0Dtxtgh1eGgdsqYW-R2PA0Xu1Re8HWMn-v_hkek5XqLgGtLfz2hNecDNjctXT9FZiodPmZSUE40EsLzZuO9Jc2XSHKGfw5yiwFuGvbsEecIeDho3v8o09XnhUuFmnrMHftQMhkiwjr3upk6jR6fTd_j54cmWreHugL00GPTFBhv6RvLO3YiHcWdxJdgzu0VsIRfDFmrEgw1igr2519rzz9lVVdk8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIq_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_3jXszsTY7fYLqtjwD1e3vUnjZ0Yw%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BGmK5v2Dte-zm43pnizFE6wsLpdMTQN0M0Z3zllF9iqOlqEyxO_rQeM0Suh9xWbni3a7N730ffXQsqQ49qsLX4DFZJzS7rb4j_U24NNYaDcjqcEBZknHpbkFemQhDMdBYBNLlXKK-_o3eZCU3_fQomsSl38Xdy9R25qBmxddaECsbCL6M%26cry%3D1%26dbm_d%3DAKAmf-Bc4yH_0gQJGK75zDTVnxOzg-QPz7eaNj92AmdQKi_Clh_mkkIbZeBTdMV-OgGAYPAtUiawXjRBiUYChvxhWEmHVKwSmr66StZJUWYSnhkAdTocaG9Nh5dKIWIjpe5lkSX80i8bw3pYqNjc0zNLJRTNOaa4xm-A7CvxwUB9OOybTQkJbIqeVGnK1kPiNHssDvdKPe2ARSnIPZiFxU55kMsBioCY-5auPnxBOqEe4Lm7ko9M-_PlgJXgWbZr2yuFhsOmKJBROM0CEQiOkZhwcfhFzKc3dYYWGZn2npOhLgZuimc_cEihdmgLDOkdsEX1-X636SgzWTV67d55-lN1hYwNmVO05lvHk9XMF_e5GIjTPqn3X4u8tjRAlvSl46R_IoZyg83HUy0dqnb8xtDR8aAtHm2TMw4WY7C9eKQfHL3E-eFYYky2XBsjhAHJ_XbWI7UOTCpCTjz7wEgorZlNydsNJkzrbg41mIKXc2QNJ4q-kDvmSp34xp6aT3YzktsH7wJCgiUHSVD4ngfmcudzEUvi3skQ0x4QMTard-FtKkrKve_ATN4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=733063580157&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90003.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=820972cc0a&subid=&uid=0534883079166214&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-6-VmRRzZeCVK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0KtPNLZYKnAy7zj32f20epEqdVL5T_yAnkpCRfIYRh2LqiABMx4ho-bO7DQV4wRG3QrMdYKf373mSaw2WfYtDq1mjdahdwVMEemSrmJ0ItfJ1K9BHqEO0kkuBjLWlSzOLJSH7iPB3HgXaNf-UPv_I7Re7dnXKGk78uOgpLH9kRSTHa0Dtxtgh1eGgdsqYW-R2PA0Xu1Re8HWMn-v_hkek5XqLgGtLfz2hNecDNjctXT9FZiodPmZSUE40EsLzZuO9Jc2XSHKGfw5yiwFuGvbsEecIeDho3v8o09XnhUuFmnrMHftQMhkiwjr3upk6jR6fTd_j54cmWreHugL00GPTFBhv6RvLO3YiHcWdxJdgzu0VsIRfDFmrEgw1igr2519rzz9lVVdk8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIq_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_3jXszsTY7fYLqtjwD1e3vUnjZ0Yw%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BGmK5v2Dte-zm43pnizFE6wsLpdMTQN0M0Z3zllF9iqOlqEyxO_rQeM0Suh9xWbni3a7N730ffXQsqQ49qsLX4DFZJzS7rb4j_U24NNYaDcjqcEBZknHpbkFemQhDMdBYBNLlXKK-_o3eZCU3_fQomsSl38Xdy9R25qBmxddaECsbCL6M%26cry%3D1%26dbm_d%3DAKAmf-Bc4yH_0gQJGK75zDTVnxOzg-QPz7eaNj92AmdQKi_Clh_mkkIbZeBTdMV-OgGAYPAtUiawXjRBiUYChvxhWEmHVKwSmr66StZJUWYSnhkAdTocaG9Nh5dKIWIjpe5lkSX80i8bw3pYqNjc0zNLJRTNOaa4xm-A7CvxwUB9OOybTQkJbIqeVGnK1kPiNHssDvdKPe2ARSnIPZiFxU55kMsBioCY-5auPnxBOqEe4Lm7ko9M-_PlgJXgWbZr2yuFhsOmKJBROM0CEQiOkZhwcfhFzKc3dYYWGZn2npOhLgZuimc_cEihdmgLDOkdsEX1-X636SgzWTV67d55-lN1hYwNmVO05lvHk9XMF_e5GIjTPqn3X4u8tjRAlvSl46R_IoZyg83HUy0dqnb8xtDR8aAtHm2TMw4WY7C9eKQfHL3E-eFYYky2XBsjhAHJ_XbWI7UOTCpCTjz7wEgorZlNydsNJkzrbg41mIKXc2QNJ4q-kDvmSp34xp6aT3YzktsH7wJCgiUHSVD4ngfmcudzEUvi3skQ0x4QMTard-FtKkrKve_ATN4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=733063580157&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 397

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPvCGgPrO5O7vGpboK7uQDU&google_cver=1&google_push=AXcoOmQFDcv4hbADZe30ZOq7vCiueGqeasyiC9hfjs9Mo05TvcEy_uH60POH5eiO0S7G5kWNe4Wz83qSsVrL1r0KLESmq9PUy0q6Og HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPvCGgPrO5O7vGpboK7uQDU&google_push=AXcoOmQFDcv4hbADZe30ZOq7vCiueGqeasyiC9hfjs9Mo05TvcEy_uH60POH5eiO0S7G5kWNe4Wz83qSsVrL1r0KLESmq9PUy0q6Og

Request Chain 399

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECqo-GhB-js_xASuqfleiA0&google_cver=1&google_push=AXcoOmRoEst8HGbzVJ6H_BKnMfKcrrxtjY2nDv_C1Z6zGByHb3hRa8VTIsM5BjOcemEOeg4SKqpGlEomvT-SXET-KaImZErP1bPjiA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDIwOTI3NjEwNzk0NjEzOQ%3D%3D&google_push=AXcoOmRoEst8HGbzVJ6H_BKnMfKcrrxtjY2nDv_C1Z6zGByHb3hRa8VTIsM5BjOcemEOeg4SKqpGlEomvT-SXET-KaImZErP1bPjiA

Request Chain 401

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAnV8puUNoVCTjKIgrwcjuw&google_cver=1&google_push=AXcoOmTiH6v999V2HWb3xeqOZ2qodESDlZAyChQYbEt0RuT1KzE0snhaAToZ4O2tIElX5p0zzzJtwl6lZzLMWuG9FVS-aaqoVPBX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTiH6v999V2HWb3xeqOZ2qodESDlZAyChQYbEt0RuT1KzE0snhaAToZ4O2tIElX5p0zzzJtwl6lZzLMWuG9FVS-aaqoVPBX

Request Chain 402

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKAyZX0Fc7Y9d3dzait8CS8&google_cver=1&google_push=AXcoOmRpXGq2Eb0wPKEfN3lHV7SpfT9mwjoyha2YamGiC4-2c4JESNbEBS_-IBL-JVSubtpkzi7NP7qwBHR1YrxX100V2EAW2O88OA HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRpXGq2Eb0wPKEfN3lHV7SpfT9mwjoyha2YamGiC4-2c4JESNbEBS_-IBL-JVSubtpkzi7NP7qwBHR1YrxX100V2EAW2O88OA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1702040731135 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-6c1845b1-96cd-456d-8172-8e84b920dd48-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRpXGq2Eb0wPKEfN3lHV7SpfT9mwjoyha2YamGiC4-2c4JESNbEBS_-IBL-JVSubtpkzi7NP7qwBHR1YrxX100V2EAW2O88OA%26google_hm%3DA2wYRbGWzUVtgXKOhLkg3Ug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRpXGq2Eb0wPKEfN3lHV7SpfT9mwjoyha2YamGiC4-2c4JESNbEBS_-IBL-JVSubtpkzi7NP7qwBHR1YrxX100V2EAW2O88OA&google_hm=A2wYRbGWzUVtgXKOhLkg3Ug

Request Chain 435

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=55692500086365404444990012532009&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3371125725

Request Chain 437

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9700838007636.314 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ-4v-nz_4IDFbDHOwIdqmMNUg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9700838007636.314

Request Chain 439

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=55692500086365404444990012532009&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=55692500086365404444990012532009&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 447

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=47445800082620104444990012532003&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3371125726

Request Chain 449

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=49979420186.161415 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJC7v-nz_4IDFRzBOwIdxI8Luw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=49979420186.161415

Request Chain 451

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47445800082620104444990012532003&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47445800082620104444990012532003&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 461

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKcia8l-xSDCZzB0MdC7B-I&google_cver=1&google_push=AXcoOmTp4LeycZCwx7bu5aqiqBnnJqe8UjnxLpc4p3Wt_FwcDS-2h2Kmn-AdFQGyn0sKXdD7a-j97AsaBS4iikW0HBHmwbYtyZfqiQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTp4LeycZCwx7bu5aqiqBnnJqe8UjnxLpc4p3Wt_FwcDS-2h2Kmn-AdFQGyn0sKXdD7a-j97AsaBS4iikW0HBHmwbYtyZfqiQ&google_hm=-JEN1n3YTkuJdnisSsCdyBQ

Request Chain 462

https://d5p.de17a.com/cookies/google?google_gid=CAESEPspatzx1ksMyzqHJOAM8Uo&google_cver=1&google_push=AXcoOmRb_mNl2B7h4Go2n-sL6TZB28JAc9pfUp0e-ZOrxJtcqw-ryMTXbwRcMLjICAsfxy0FON7IKKwQCzSLaDAyyqyUJtggcfVoFg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPspatzx1ksMyzqHJOAM8Uo&google_cver=1&google_push=AXcoOmRb_mNl2B7h4Go2n-sL6TZB28JAc9pfUp0e-ZOrxJtcqw-ryMTXbwRcMLjICAsfxy0FON7IKKwQCzSLaDAyyqyUJtggcfVoFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRb_mNl2B7h4Go2n-sL6TZB28JAc9pfUp0e-ZOrxJtcqw-ryMTXbwRcMLjICAsfxy0FON7IKKwQCzSLaDAyyqyUJtggcfVoFg

Request Chain 464

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJk0HDmgb01l-SLPoA_6HT4&google_cver=1&google_push=AXcoOmR-3fFcHUevGbj2YjbIx5BQevQvdHE-nQ2v7_v8XTsV2q8pKGq3PD4QAMm_8DWWvVNO83ispPN_4iURGwiJ4ZGfkHbLiBL_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXTjNSTlAtTS0yNE01&google_push=AXcoOmR-3fFcHUevGbj2YjbIx5BQevQvdHE-nQ2v7_v8XTsV2q8pKGq3PD4QAMm_8DWWvVNO83ispPN_4iURGwiJ4ZGfkHbLiBL_

Request Chain 466

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPXfu4eHYunY2xVj1APJshY&google_cver=1&google_push=AXcoOmShM2f9zXYKkhR5pbalw5l_w8-kCauu_wfaN8a-Yy0iYqqllGiQYfRvfWx6Hz6_i8YNE6Dh9DaPYBS1wsONk0cy7fVKRU7fNMI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmShM2f9zXYKkhR5pbalw5l_w8-kCauu_wfaN8a-Yy0iYqqllGiQYfRvfWx6Hz6_i8YNE6Dh9DaPYBS1wsONk0cy7fVKRU7fNMI HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 470

https://fw.adsafeprotected.com/rfw/st/1863459/76904395/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014994355&ias_pubId=pub-1403787016703043&ias_chanId=1&ias_placementId=20821116200&bidurl=https://www.theenemy.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hwA36ZxKopAIZJSMp41tfl&adsafe_url=https%3A%2F%2Fwww.theenemy.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.theenemy.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:81d2e783-60a0-abcb-83c4-16e7bc29e91c,c:wdk5Gz,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765b799994-k56gj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:198,mot:0,app:0,maw:0,fm:tXQVs5K+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C16*.1863459-76904395%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C183%7C184%7C191%7C1921,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:231,oid:77329561-95ca-11ee-8c0d-66fb94b0bf97,v:19.8.464,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=

Request Chain 493

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDMtr5BqcCmAhE7hyGgjcpw&google_cver=1&google_push=AXcoOmQN9tnXYN4FArJ9z86XJGtE0Yo6z-vnxaHZ6AeFbqNuatW3ClAA4A0wb8HegpSMCYfdQ2VSR90TqNZGOWFaeZIiNPpgD9g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg4NDUxMTI3NTExNTI2NzcxNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMtr5BqcCmAhE7hyGgjcpw&google_cver=1

Request Chain 495

https://um.simpli.fi/gp_match?google_gid=CAESEDYkdIgrJtMTRP5yNiksv6s&google_cver=1&google_push=AXcoOmQ8spuo6DS-R5AdrUcGAcvVI00TKOLKxFZ0eNVt_FW-inp3f8AXXhXoIPtziOoWZQaxRLOSRa7mOoBlEOJB20d7vsUMfeo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A0202FE2E52544E0AAB09019150C705C&google_push=AXcoOmQ8spuo6DS-R5AdrUcGAcvVI00TKOLKxFZ0eNVt_FW-inp3f8AXXhXoIPtziOoWZQaxRLOSRa7mOoBlEOJB20d7vsUMfeo

Request Chain 496

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJKfVHHpidveh7C_TlcabmI&google_cver=1&google_push=AXcoOmSrs_HesBaVAI5XNjZ2NYUpB6zJxgRBWKUf_9ODtggsDf5tkf9ehHGWVjJUmYC9sTCYp7xuodwFyaS2UbyCDdS2ixHlKx4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSrs_HesBaVAI5XNjZ2NYUpB6zJxgRBWKUf_9ODtggsDf5tkf9ehHGWVjJUmYC9sTCYp7xuodwFyaS2UbyCDdS2ixHlKx4V&google_hm=eS1Cb1Y0TDVWRTJwSGhRaTdsXzhRLmR1YjlDRFRfUGM5aX5B

Request Chain 498

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKAyZX0Fc7Y9d3dzait8CS8&google_cver=1&google_push=AXcoOmSBPpY7bpQQSPHqnFbek6mdwarTMBv9dJBzIBdzbXAdwzNqiOcto2_P_8WdINUCBQdfAgHAT-yHD-0iie4z1CIX95yiKi64 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-6c1845b1-96cd-456d-8172-8e84b920dd48-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSBPpY7bpQQSPHqnFbek6mdwarTMBv9dJBzIBdzbXAdwzNqiOcto2_P_8WdINUCBQdfAgHAT-yHD-0iie4z1CIX95yiKi64%26google_hm%3DA2wYRbGWzUVtgXKOhLkg3Ug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSBPpY7bpQQSPHqnFbek6mdwarTMBv9dJBzIBdzbXAdwzNqiOcto2_P_8WdINUCBQdfAgHAT-yHD-0iie4z1CIX95yiKi64&google_hm=A2wYRbGWzUVtgXKOhLkg3Ug

Request Chain 499

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBZjRYlVGLeeFVXit-TGN1o&google_cver=1&google_push=AXcoOmRpkO732bTyWo8zPrb2I0TwJnOAOX3wy4Z1IlmcLujWXLU5QBLYLKgEV8lZ1h_eqJdCjIUGtfi_jrOcjDXhxA_dnW1AQA8o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4ODYxNDA0OTA2OTE1MDcyNTMwMA%3D%3D&google_push=AXcoOmRpkO732bTyWo8zPrb2I0TwJnOAOX3wy4Z1IlmcLujWXLU5QBLYLKgEV8lZ1h_eqJdCjIUGtfi_jrOcjDXhxA_dnW1AQA8o

Request Chain 517

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4042926430978.3643 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOJ4Onz_4IDFRPMmgodvaEDfQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4042926430978.3643

Request Chain 521

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPvCGgPrO5O7vGpboK7uQDU&google_cver=1&google_push=AXcoOmTTdrHixL4BMOMu9Uik6SU-V_NGF6Vq7PuHwt8Ywisg9fX4aBW7vWgIqfYFABhgo9G3lkTzDfPqy-ETLg8qXH9yFo3uiYPv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlhNVW13QUZhdkFTYmdCSA==&google_gid=CAESEPvCGgPrO5O7vGpboK7uQDU&google_cver=1&google_push=AXcoOmTTdrHixL4BMOMu9Uik6SU-V_NGF6Vq7PuHwt8Ywisg9fX4aBW7vWgIqfYFABhgo9G3lkTzDfPqy-ETLg8qXH9yFo3uiYPv

Request Chain 522

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBFbsfgQTXlCPt10QzlA06k&google_cver=1&google_push=AXcoOmQ7xpE0LgoxzyR42fG_SxOIJwBknPCe15EimBHaD7aPrTKhmrqmDBqE2wpVijc9tHpvJ54f2_S5m3vzml3XoyHXCv06h2Tqow HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQ7xpE0LgoxzyR42fG_SxOIJwBknPCe15EimBHaD7aPrTKhmrqmDBqE2wpVijc9tHpvJ54f2_S5m3vzml3XoyHXCv06h2Tqow&google_hm=hmVzFJt4tTBJA3bIEQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6573149B78B530490376C811BLIS

Request Chain 524

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJk0HDmgb01l-SLPoA_6HT4&google_cver=1&google_push=AXcoOmSrUZWUrS1ynFvK-DGs5UoxzaVw-O15pu0It10qIFkF28T45CZMaEGwIKwCjLfR159IIiVD-cLnEoHcL8FDlBNOOpw_rSClcg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXTjNSTlAtTS0yNE01&google_push=AXcoOmSrUZWUrS1ynFvK-DGs5UoxzaVw-O15pu0It10qIFkF28T45CZMaEGwIKwCjLfR159IIiVD-cLnEoHcL8FDlBNOOpw_rSClcg

Request Chain 525

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAnV8puUNoVCTjKIgrwcjuw&google_cver=1&google_push=AXcoOmTeEOKqjSdNRZfUnYLgb5gdgm4D1rj8GDq6hQ7pLqv_LJQ6M7gtLYYOS792VdbRdzFOtIjsVyNxsT4w2h70_BGl0XwbcvrOwA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTeEOKqjSdNRZfUnYLgb5gdgm4D1rj8GDq6hQ7pLqv_LJQ6M7gtLYYOS792VdbRdzFOtIjsVyNxsT4w2h70_BGl0XwbcvrOwA

Request Chain 527

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGpj49D7BtPCUHubRR8W-vo&google_cver=1&google_push=AXcoOmQEyrEiMtqhTzkEiNqhdGFRmd2eU2MxJnWYt7eL-2JRuwAAdV-NMOok4Ldo15lSwaG4_y8HljQXqbGu71TVgJvOZOtLdftSFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDU5NjAwNDUxMDg0NjU2MzA2&google_gid=CAESEGpj49D7BtPCUHubRR8W-vo&google_cver=1&google_push=AXcoOmQEyrEiMtqhTzkEiNqhdGFRmd2eU2MxJnWYt7eL-2JRuwAAdV-NMOok4Ldo15lSwaG4_y8HljQXqbGu71TVgJvOZOtLdftSFg

Request Chain 577

https://rum.azion.com/probes?netinfo=true HTTP 302
https://b82a9e08-62e7-47d9-a5a6-e6ce5a77d089.rsv.azioncdn.net/probes?netinfo=true HTTP 302
https://b82a9e08-62e7-47d9-a5a6-e6ce5a77d089.rum.azioncdn.net/probes?netinfo=true

Request Chain 579

https://530001a.ha.azioncdn.net/probes?netinfo=true HTTP 302
https://f9c0ee4d-4a15-4178-841e-44917a694fbf.rsv.azioncdn.net/probes?netinfo=true HTTP 302
https://f9c0ee4d-4a15-4178-841e-44917a694fbf.rum.azioncdn.net/probes?netinfo=true

583 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.theenemy.com.br/
Redirect Chain

http://www.theenemy.com.br/
https://www.theenemy.com.br/

210 KB
36 KB

547ms
507ms

Document
text/html

179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: adad200d0ccf26355027731577d4587291fe22f6e0f25429fdacbf5f4b9f85b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: http://dev.tribotomajor.com.br
cache-control: max-age=30
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 08 Dec 2023 13:05:27 GMT
expires: Fri, 08 Dec 2023 13:05:57 GMT
server: nginx/1.12.1
vary: Origin

Redirect headers

Cache-Control: max-age=30
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 08 Dec 2023 13:05:27 GMT
Expires: Fri, 08 Dec 2023 13:05:57 GMT
Location: https://www.theenemy.com.br/
Server: azion webserver

GET
H2 200 style.min.css
cdn.ome.lt/static/theenemy/css/ 240 KB
49 KB 892ms
19ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/theenemy/css/style.min.css?v=ae933
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c7aff346825b25ac576063bb0f6da52d3dfdc648033daaca9c73b61e75b123d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 19:43:37 GMT
server: AmazonS3
x-amz-request-id: 7K0GNNZA2TAN9K7A
etag: W/"eb412fa321833aad72335176069e3ab4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: uwiqzNFnYck4llgIID+cYx8c3uS/qjns8EF5PF2Gm+gYYGM8yXXddGS6eO2F0O5DQ1LgdDDt3kA=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 prebid5.20.4-2023-03-16.js Show response
cdn.ome.lt/static/theenemy/js/vendor/ 208 KB
77 KB 913ms
41ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/theenemy/js/vendor/prebid5.20.4-2023-03-16.js
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bda70acd8cade0b42ffd2d57af39ca2594da5567d62e52807b2c483bffa00dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:27 GMT
server: AmazonS3
x-amz-request-id: XWXN90QRAMQYPXSR
etag: W/"b3227fff46c39becbe1c1355a416e505"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: g4cB8y5E6tWs081GHMDOlmh5lq8lKgkxBSeo7mAwGwE+GWdSvww9fz1oRsoA+mJL41jJp+UeA8E=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 swiper.min.css
cdn.ome.lt/static/theenemy/css/vendor/ 19 KB
4 KB 912ms
40ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/theenemy/css/vendor/swiper.min.css?v=ae933
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c161dae3ec1c4a337b2531ea815565f6a2dc7bc787aaa074490ac483274371c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 19:43:37 GMT
server: AmazonS3
x-amz-request-id: TD8M51T8TM00ET4X
etag: W/"1a1424b0f9a102a7c2bbc06871d4e4f9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: lrySHDFOyYCU/nOc4SRN1VHU6gIfTH+uOVZiXjeDurVtptrBTXxnp423GJc/Vbd3I0ybFMfUSwE=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 swiper.min.js Show response
cdn.ome.lt/static/theenemy/js/vendor/ 126 KB
40 KB 21ms
21ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/theenemy/js/vendor/swiper.min.js
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 19:43:38 GMT
server: AmazonS3
x-amz-request-id: CWYFXFH6QAZR9DP8
etag: W/"2ac19265b38d14235141d184bca54d9a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: fBppZ06/MMkk6lFvgm8/1KjqQGjNz5ETmHTkQK2K6Q0inJyLHkR0MLqHzHKTtUbKO78/tnNN2O8=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 realtimeScript.min.js Show response
cdn.ome.lt/static/theenemy/js/ 957 B
945 B 20ms
19ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/theenemy/js/realtimeScript.min.js?v=ae933
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9ff39d4844628bc09106fcd7b618bef2f9f52363f6af3273a66b18162790dbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 19:43:38 GMT
server: AmazonS3
x-amz-request-id: CWYD250ZP79JZC02
etag: W/"2c5f83ae60cdab5d8555c52f93ba75e7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: ATgIETK9qhKkrYIzrCKZcS3ErLFUjsLiFEuVafu9m1sCVHnlAiQ7Z6Vw9L54zOyXaCZLKYJPOUE=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 timelineScript.min.js Show response
cdn.ome.lt/static/theenemy/js/ 3 KB
2 KB 46ms
27ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/theenemy/js/timelineScript.min.js?v=ae933
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d67eafaa2f6e8bbd0b3e33b19943c4a4bb93689843cab67700c6afd7a48ec341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 19:43:38 GMT
server: AmazonS3
x-amz-request-id: PYSKZW044N89Z7JE
etag: W/"15c514448b41ce1ea9350bd5ed039199"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: fpVOOeNh2/uRC9YNp2Cj0HfuC2LQufnbZrSILQsuPBlHaPkbCajDocaVZJX+q/uroQDNoqkQTEw=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 123ms
29ms Script
text/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: br
last-modified: Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id: DW6CS3GRFDYFAPE5
etag: "ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3418
x-amz-id-2: kjfwGafZWJoh+7JvZO6u91SkNxsQKboqL8MqaF7LxOPoGFUYjHU8LWnb8yNVWKQ7mNuG8J6C0NU=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
57 KB 137ms
76ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1062127218

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d97f72162a520a2395146595fb29bd45c182753467f36089720c598a07680f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58055
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Dec 2023 13:05:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 202ms
133ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8043f5c065dc69bd1ebdef225df0cee8d2eaeb27714ee151f476f90d206c5129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29101
x-xss-protection: 0
server: cafe
etag: 460 / 19699 / 31080021 / config-hash: 18357547353528918854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 13:05:29 GMT

GET
H2 200 adsRoutine.min.js Show response
cdn.ome.lt/static/theenemy/js/ 15 KB
5 KB 47ms
28ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/theenemy/js/adsRoutine.min.js?v=ae933
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 736f5e1c309015e4605c7160e394f7062b8fcdf21c0ba8c9f1d572be29e5b737

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 19:43:38 GMT
server: AmazonS3
x-amz-request-id: XTB10ZYQMYYET230
etag: W/"1e55c19c34b3fd4bc6bed437a006c7e0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: KFC8OFX+jLtC5MPVhmYG9YTt8L4+0EMO5FJSqPms3M+II/iIIzLMe1m3f6zSl07gUlMrW5VDHvU=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 logo-horizontal.svg
cdn.ome.lt/static/theenemy/img/global/ 1 KB
1 KB 849ms
62ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo-horizontal.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34a1700cc30b602ef67f9733dd1a2964caa8f7ae335159dbf9e41ec3d1682d26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2XWEKVB72W4QY3
etag: W/"ff62894d038ba56b23d0e98e3d28091d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: aonq9GMWfVXj+7dCegLlInBQA0/zr6y4sV5oydQzR02814StQs8I2srtMxWkerlEOEQHu6qfDqA=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 logo-small.svg
cdn.ome.lt/static/theenemy/img/global/ 448 B
737 B 847ms
60ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo-small.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5ac5de2b1320bacf6faf6bcc7fee0aff325ceed946ff9b0d0928a36029edf33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2MRBZE35CD93J1
etag: W/"6ff93afb7dcd4b9ed7eaadb97f9d76d9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: HAFedbBYH6yLjtZB9/d9+T2xB4czeMZtYh5C9qpWClfNupq62kVoGwRBuKJ2XTYKkm3iQJCCkBk=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 twitch.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 379 B
682 B 24ms
19ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/twitch.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb49a0475587c65910beee583c9efcaafb9b879413e90ae480f4139319f871f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2MADQSFAK8BHVY
etag: W/"23f97e8b04d0de1b9a7cac949d9eb5ad"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: v1HCzoZsnoZUpxwFavE9Dr/buDwR7tEGxEg3qdH2VGCBsutAh911s5qBQES2BLOsB6kF8bSDp2Q=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 youtube.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 637 B
831 B 25ms
20ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/youtube.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bffdfea157f4029b71cc2910979fd69cc9617814fbf01147beb66aa46179092

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2SH08JCFTCXHVP
etag: W/"83987f9ed7d322ccf4eb7dc5a8881ceb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: MOqeiAU0EY9R+w9E9uURCBMREHz4KBTda29Gc2mL2e74S7ydQNAnPL7Nf4H8gQMOM43qwlo4kUTSY3nCz+yPwGL0Tfvrg30SH6TqgEAuc3Q=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 facebook.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 314 B
695 B 19ms
19ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/facebook.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a17cce79dd4a0147fd6c622324c2bac69be712c91a9f374a7978ba6ebd66d33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2Q8TVCF894Z811
etag: W/"f13bb8d03590bfb3448203f34aa5de29"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: DLIUtRI0VJI7E8trsffMUSoVX17GsHirJc1B+2s2NHAEJoQDbdE8sOal0PoPspX1qx6DfZCpPW3snuIJeLQQ9UljBrvGSF3Nqd8LqVfXcuc=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 instagram.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 2 KB
1 KB 41ms
23ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/instagram.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1391be70ba54dae8119a0ffb80b847e389f74d0c5397835f51e72270844b811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2KYH14CGZ020SE
etag: W/"dcfd3364b96cd70f5ff925c150dd9b56"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: AKmSubEPQyZzkdm+vnyQJH3k+gOWPdSCrdCPWyYnoCJhnmSHwmaXgWCQzQYew2CRVD/Mk6W1iIzvdMkvRk1Zw5HJmgwcqJl43jJJvIv6fdk=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 x.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 388 B
713 B 39ms
21ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/x.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c78e7cb2867da49b4f010b576398cbc4e20b588ca4f2ce82b5a29cc7afea94bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 15:46:46 GMT
server: AmazonS3
x-amz-request-id: 9B0EZ26RKDAGM6ZX
etag: W/"805b6ac09975d68762a4ecb1dc7c552d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: Zr4Z0KPAaxrOBraGQzpEsE31e/8MGw//gA1uXUxQhRZpiOTcw3YXer/aBe5UCWbUqgBlNAXy+H0=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 discord.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 1021 B
968 B 40ms
22ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/discord.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b92decc9e727f7606ea5c95da71eb9085f53bf8bc5588aa052fb687ed4b7669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2ZK17YPSY4CHH5
etag: W/"a783a6c5c6c0a07f0332eb979714aab2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: RsUsMGy52T7l7v50kvnsjbfroOy8wDob7ytkVFCF0052X4fPxs/Q/512LgC2EdAxaXEVsyqNdWY=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 ping.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 1 KB
1 KB 43ms
25ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/ping.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ecd239de9c5af5a96cfb5e068a6982d9299ec92ed30a415f2f588fbe309ce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2GJXSEYY06FVSQ
etag: W/"bc1955e1e1aaba718044914549377cdf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: qwl9TtGNtGimhX8IOcTEXSUTy4Y0937hQhOgoRUc+aCD3n34MEq8WDd7nTCmSGdCtWc/8+FQFa8=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 logo-small-gray.svg
cdn.ome.lt/static/theenemy/img/global/ 476 B
727 B 47ms
29ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo-small-gray.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 609248866a07c585475ca587be1b2c4c3a7478657f99dad2781789d447441942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2SAFKJ152QADDY
etag: W/"5ecd76f545c0cfef69e7fa72a44971cd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: LjLXO4wVouV0J73PMf4FA0/nd7gjdBzxZPREKCYIm3TSTwhOpzoX/JU1hpBW9SPYOwsKKC0LaY8=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 destiny-cenario.jpg
cdn.ome.lt/tnoqIlSVL5fVJFs1Pj8Vy17yaXU=/200x200/smart/filer_public/0a/4a/0a4a0d0e-354b-467d-9773-b23bd625b2e9/ 8 KB
9 KB 48ms
30ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/tnoqIlSVL5fVJFs1Pj8Vy17yaXU=/200x200/smart/filer_public/0a/4a/0a4a0d0e-354b-467d-9773-b23bd625b2e9/destiny-cenario.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: b3c66e9e7c1866c3a5f2b5232b5a07021b09c97d9834eaf9d28159a825092f70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "b1cbee666ff78eb48ad9a2672a6d92f56cd1ec00"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 8675
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 trailer_1_illustration_16x9.png
cdn.ome.lt/dO72hTNIIRoFaw4flU6VrlJHpTU=/200x200/smart/filer_public/a7/1b/a71b7888-1e74-44f4-b919-c2a19c8dfbed/ 72 KB
73 KB 49ms
31ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/dO72hTNIIRoFaw4flU6VrlJHpTU=/200x200/smart/filer_public/a7/1b/a71b7888-1e74-44f4-b919-c2a19c8dfbed/trailer_1_illustration_16x9.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 84ae428702e4fc11e671f55c8ab64e586cd6d292b7f21c25fe074b2658233e87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "dc50b83ee91d9e78876d1c4455ab5ebe159afd16"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 74099
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 samsung_odyssey_g8_monitor_capa_recorte.jpg
cdn.ome.lt/md-wweOhJv_ppX0lchZcsUpIruQ=/200x200/smart/filer_public/da/e2/dae2b5e1-ec2e-46f1-a2eb-d2effcbd0b6a/ 5 KB
5 KB 50ms
33ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/md-wweOhJv_ppX0lchZcsUpIruQ=/200x200/smart/filer_public/da/e2/dae2b5e1-ec2e-46f1-a2eb-d2effcbd0b6a/samsung_odyssey_g8_monitor_capa_recorte.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: ae4b7ac136381ec7282a2e506bda40ace8762dadb40fcd530e506de0a761d79a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "bbe9eec3cc8ae3e584cbaeb91abadd70f6eea834"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 5099
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 games-microsoft-activision-blizzard-539921976.webp
cdn.ome.lt/GTNGrrdlD8CI7LuPLHOgFkVQO10=/200x200/smart/filer_public/9e/8f/9e8f37ad-42c2-429e-aac7-8b33c625b078/ 3 KB
4 KB 51ms
34ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/GTNGrrdlD8CI7LuPLHOgFkVQO10=/200x200/smart/filer_public/9e/8f/9e8f37ad-42c2-429e-aac7-8b33c625b078/games-microsoft-activision-blizzard-539921976.webp
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 31703a5222232442b11a9289100e020151c45c5f93631c654b562c691d53588e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "a8f706623d1c652bc8895998c8122efdc149f1b5"
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-length: 3394
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 icon-chevron.svg
cdn.ome.lt/static/theenemy/img/global/ 209 B
614 B 41ms
24ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/icon-chevron.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca921a32c82e4bf20e7a6123536cbac2d409f88c5dd86ac4c4f5039bdfa0aa15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2Z9X5N7FT00NJ6
etag: W/"c712f29084eae2d7c43dffe7d86fb54c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: kmAVWP280E9VdMCafIvlJFvUeYRoOqooyvjeRrzL4EWfE1wcDfbX6m/IVdZagQlISOfwkS9w/9w=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 ripple.svg
cdn.ome.lt/static/theenemy/img/global/ 873 B
772 B 54ms
37ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/ripple.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6468e85639dd72c15d5a04311fe0a83a9b8ca00278d316cf9ec1a98e76510321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2K82AXRX9MVH4H
etag: W/"7e1ad7b67b59e157da279a12ee4281be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: Ae9Egypm8zTtu7z1bPH7AIg4IVWk6PXcrhWpu52kB13uICrautdu7c4cyF4owk6WG39zzLG80fI=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 baldurs_gate_3_goty.png
cdn.ome.lt/kU_dR8YGm39YFDPQ7XTW4MikgR8=/356x0/smart/uploads/momentos/ 214 KB
214 KB 55ms
38ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/kU_dR8YGm39YFDPQ7XTW4MikgR8=/356x0/smart/uploads/momentos/baldurs_gate_3_goty.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 5f33d6b93ca23ba19a18fb973ac90c412ded639bf2d11ffdbccd98ba84ef6505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "66bc94a2e2b4e337864634a710f70b73a45d126c"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 218860
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 mh_wilds.png
cdn.ome.lt/PDjRBNYlcvADj1O4iF4mCwkGYAE=/356x0/smart/uploads/momentos/ 128 KB
128 KB 62ms
45ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/PDjRBNYlcvADj1O4iF4mCwkGYAE=/356x0/smart/uploads/momentos/mh_wilds.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 35f753de7141e0418b84ea608d307677b90cd2267c27d0a80d4820d68c472783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "fca8ba91a7f82563d301ffc35fb214d86afe39cd"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 130571
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 malrang.jpg
cdn.ome.lt/ZmqGg5k1cN-bDr_F6m1byK-NUsc=/100x100/smart/extras/conteudos/ 3 KB
4 KB 423ms
406ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/ZmqGg5k1cN-bDr_F6m1byK-NUsc=/100x100/smart/extras/conteudos/malrang.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: b06fbf68e3dc7f87c88659f0fc9339cd3c633e1793916ab688c7c2d08bafc58b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
server: nginx/1.12.1
etag: "7c2a90fad94c68865c3de8ce5747741cc61af170"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 3467
expires: Sat, 09 Dec 2023 13:05:29 GMT

GET
H2 200 icon-timer.svg
cdn.ome.lt/static/theenemy/img/global/icons/ 302 B
670 B 73ms
56ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/icons/icon-timer.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02bb83b7b7e8d2a52abca25504e3a68cbb06117b98b324ce3647efd694f34b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2KNXCENT4SDAAF
etag: W/"ac3ad2025274d5289ba5f8eca862746c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: tVSupLXmpfODN6sw8boGp5xc7vfmegJvqQYQcykeqTKJvaufNzJWqy4naWb10UQhzAndoyIIeLTmrSyWplXWfOfkC+iqasirvRW6zVcrxZU=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 dead-by-daylight-cadaver_BtHgHKw.jpg
cdn.ome.lt/JMABFjOMbciH6Ms1gjL5JY8iloI=/100x100/smart/extras/conteudos/ 2 KB
3 KB 74ms
58ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/JMABFjOMbciH6Ms1gjL5JY8iloI=/100x100/smart/extras/conteudos/dead-by-daylight-cadaver_BtHgHKw.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 12f2fc2866f13662d8bf55dba50a1d059dc07af84986b4b652acedd7a6477b90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "eda71981082ea081a1c4026aabc5f527d0d1aa42"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 2318
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 baldurs-gate-3-mulher.jpg
cdn.ome.lt/FeC0tq65btFOx62W6ubyRcCTCm0=/100x100/smart/extras/conteudos/ 3 KB
3 KB 75ms
59ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/FeC0tq65btFOx62W6ubyRcCTCm0=/100x100/smart/extras/conteudos/baldurs-gate-3-mulher.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: e6f5d3568633fc6a8c1a74e4d21b919366a6b33bfb83ee12c3680395f8ea7cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "447a99a7bc18337b6162fc2823e369e2cc850c60"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 2729
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 thegameawards_-_Monster_Hunter_Wilds_World_Premiere_Trailer_at_The_Game_Awards_2023_O3syM4tV8Xw_-_951x535_-_1m22s.png
cdn.ome.lt/4svviq65iKubTLsmt5CcaPBLubk=/100x100/smart/extras/conteudos/ 20 KB
21 KB 76ms
60ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/4svviq65iKubTLsmt5CcaPBLubk=/100x100/smart/extras/conteudos/thegameawards_-_Monster_Hunter_Wilds_World_Premiere_Trailer_at_The_Game_Awards_2023_O3syM4tV8Xw_-_951x535_-_1m22s.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 44bbba2224d66500b9f17796315678c50abc00168255798f508d56390a81c480

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "a11b7a95af171ff9def5d86e3668c51fe4f103d1"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 20778
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 thegameawards_-_THE_GAME_AWARDS_2023_Official_4K_Livestream_TODAY_at_730p_ET430p_PT1230a_GMT_Zu2z5M4gmno_-_951x535_-_3h06m17s.png
cdn.ome.lt/VaIkwvk2S7a4LJ9swiZepj9cBc0=/100x100/smart/extras/conteudos/ 22 KB
22 KB 77ms
61ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/VaIkwvk2S7a4LJ9swiZepj9cBc0=/100x100/smart/extras/conteudos/thegameawards_-_THE_GAME_AWARDS_2023_Official_4K_Livestream_TODAY_at_730p_ET430p_PT1230a_GMT_Zu2z5M4gmno_-_951x535_-_3h06m17s.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: c75df0adc58b68bf3a79ad371f5c1302e736ab8448dd973a2cf7808bd1509b1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "da501d7459875d2648f5d93b41e43721da6bef0e"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 22071
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 The_First_Descendant_The_Game_Awards_2023_Trailer_Screenshot_15.png
cdn.ome.lt/n890joledc6x2PHStbt6tXHvmzE=/100x100/smart/extras/conteudos/ 23 KB
23 KB 77ms
63ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/n890joledc6x2PHStbt6tXHvmzE=/100x100/smart/extras/conteudos/The_First_Descendant_The_Game_Awards_2023_Trailer_Screenshot_15.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: d6893d34e8f2325b36f0ea24cf19bf86e5e0b808ceda83bd68f03d5df17edda9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "a077d669cf96dcb39b51bb294cae119ff90fc6e4"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 23771
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 exoborne-personagem.png
cdn.ome.lt/ocCNQvigoSDzKrcNkNyg24FcQx0=/100x100/smart/extras/conteudos/ 23 KB
23 KB 78ms
64ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/ocCNQvigoSDzKrcNkNyg24FcQx0=/100x100/smart/extras/conteudos/exoborne-personagem.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: fc7db9a2caaab5cb80239aacf4aa717862d2c67cdd16843fa6990fed990586cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "eaaf3d3c6dc464410e5f3558e6bde4ad5d928617"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 23650
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 last_sentinel.png
cdn.ome.lt/xtRcpRwy2w__6DQjeQ63XhiNZjg=/100x100/smart/extras/conteudos/ 20 KB
21 KB 80ms
66ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/xtRcpRwy2w__6DQjeQ63XhiNZjg=/100x100/smart/extras/conteudos/last_sentinel.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: d0212745136b26b2a052568c229cb681498b932d00549b1e0ea8c1384fd5607a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "fdbc5256d63192af492b2969ef9893c76915fbee"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 20777
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 ffxvi-clive_dE22mOV.jpg
cdn.ome.lt/xIwWGX5D39PTc_T7_Ew6HL7-Jt4=/100x100/smart/extras/conteudos/ 4 KB
4 KB 81ms
67ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/xIwWGX5D39PTc_T7_Ew6HL7-Jt4=/100x100/smart/extras/conteudos/ffxvi-clive_dE22mOV.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: f79a7eb97f030c0fbcc71ac0b3c282a7211f6f60b49734a7f6676d87bd5d0158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "06af78461ab2b81857b86d6952a4d2cef7fc3340"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 3640
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 malrang.jpg
cdn.ome.lt/XJP5s4xm6ttxmwjZ4CiehxXlEos=/576x576/smart/extras/conteudos/ 44 KB
45 KB 417ms
403ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/XJP5s4xm6ttxmwjZ4CiehxXlEos=/576x576/smart/extras/conteudos/malrang.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 735b71e3f1348f934ba9579e5f5453f11b3fea297b814326827aa8db96e949be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
server: nginx/1.12.1
etag: "2925d71f9aab6ba02b4ee87476a8b7a715823456"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 45550
expires: Sat, 09 Dec 2023 13:05:29 GMT

GET
H2 200 dead-by-daylight-cadaver_BtHgHKw.jpg
cdn.ome.lt/rxw_kfGuSx_zHb2szKO3iaFEEJc=/576x576/smart/extras/conteudos/ 38 KB
39 KB 82ms
68ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/rxw_kfGuSx_zHb2szKO3iaFEEJc=/576x576/smart/extras/conteudos/dead-by-daylight-cadaver_BtHgHKw.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: ba0725b73b0c096e58d60b6ff36e46400b1736542c25d1525690817279f71f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "5da632751cfcb0703efba13d1c353bdd9f92779c"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 39325
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 baldurs-gate-3-mulher.jpg
cdn.ome.lt/V7puBt3Px0GJURTVzqOHxAwkDqs=/576x576/smart/extras/conteudos/ 35 KB
35 KB 85ms
71ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/V7puBt3Px0GJURTVzqOHxAwkDqs=/576x576/smart/extras/conteudos/baldurs-gate-3-mulher.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 49846b6d3651e7aca747d099504d2c437db3db49e88c21ce6f35203d2a7f0948

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "81e081608c679b8a764fb23721bb99b4579d0707"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 35833
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 thegameawards_-_Monster_Hunter_Wilds_World_Premiere_Trailer_at_The_Game_Awards_2023_O3syM4tV8Xw_-_951x535_-_1m22s.png
cdn.ome.lt/xe3mVkVSTPYyroumVAHXI7lEhhQ=/576x576/smart/extras/conteudos/ 515 KB
516 KB 88ms
74ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/xe3mVkVSTPYyroumVAHXI7lEhhQ=/576x576/smart/extras/conteudos/thegameawards_-_Monster_Hunter_Wilds_World_Premiere_Trailer_at_The_Game_Awards_2023_O3syM4tV8Xw_-_951x535_-_1m22s.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 49d497e7fe1fd4a3636a85dd4d8fb94992de503c944924b6f5a984b586566814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "3769a2ed62c8e02a41670d16dc8e88968b736f47"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 527584
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 thegameawards_-_THE_GAME_AWARDS_2023_Official_4K_Livestream_TODAY_at_730p_ET430p_PT1230a_GMT_Zu2z5M4gmno_-_951x535_-_3h06m17s.png
cdn.ome.lt/DomzuEcD3F_I5ZRA2IlfNDSP7Vs=/576x576/smart/extras/conteudos/ 416 KB
417 KB 93ms
79ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/DomzuEcD3F_I5ZRA2IlfNDSP7Vs=/576x576/smart/extras/conteudos/thegameawards_-_THE_GAME_AWARDS_2023_Official_4K_Livestream_TODAY_at_730p_ET430p_PT1230a_GMT_Zu2z5M4gmno_-_951x535_-_3h06m17s.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: ec4d241363b30a11ca6438d7cf98694b25816b2d5ed37ec09ac99b4fe48b8bae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "89e5320a812912922e34a5099a80835dd7f7dc59"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 426152
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 The_First_Descendant_The_Game_Awards_2023_Trailer_Screenshot_15.png
cdn.ome.lt/FSQUWmJ9983ImioZYXDFOvbX3Vs=/576x576/smart/extras/conteudos/ 464 KB
464 KB 117ms
104ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/FSQUWmJ9983ImioZYXDFOvbX3Vs=/576x576/smart/extras/conteudos/The_First_Descendant_The_Game_Awards_2023_Trailer_Screenshot_15.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 31c38edc2db68aa9c98181c19073a61e1eaff95da16fc523c35b11eb825d4e84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "4fa076bce8d06ce97297a09b5f459ea0dc60a9b4"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 474812
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 exoborne-personagem.png
cdn.ome.lt/dp_cQ-2Y6VBGGru_Oo17FORLvgI=/576x576/smart/extras/conteudos/ 562 KB
563 KB 124ms
111ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/dp_cQ-2Y6VBGGru_Oo17FORLvgI=/576x576/smart/extras/conteudos/exoborne-personagem.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: d8c227003724d8d59d5b7b23dc44f32c9b31401719b69454aa0f583701962034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "9c51c98e1b6d63c67f7c0417bcc46b267c68bc23"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 575595
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 last_sentinel.png
cdn.ome.lt/7Q5d_W7gMhtu6GfSJPjLKjsgruk=/576x576/smart/extras/conteudos/ 398 KB
398 KB 127ms
114ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/7Q5d_W7gMhtu6GfSJPjLKjsgruk=/576x576/smart/extras/conteudos/last_sentinel.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 2dc58391d9b89c37e4e98ff9270085d7d43e21a83b844a687c6f24a01223abf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "d1bd4131e04bc49f6c503182855803a892b87fff"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 407178
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 ffxvi-clive_dE22mOV.jpg
cdn.ome.lt/XILeuy13eoGvFQfcsH-T4_0BIpc=/576x576/smart/extras/conteudos/ 51 KB
51 KB 134ms
122ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/XILeuy13eoGvFQfcsH-T4_0BIpc=/576x576/smart/extras/conteudos/ffxvi-clive_dE22mOV.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 859eea31141a904ce5de7a480430ac7a3885424bdf21624969e50f7ce5098f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "61f4cd03fee309a0ae8a4083af1aed569c9719d7"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 52384
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 blade-marvel.png
cdn.ome.lt/R6L8SL18D3h76eEPBUzYR5l34EA=/576x576/smart/extras/conteudos/ 263 KB
263 KB 135ms
122ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/R6L8SL18D3h76eEPBUzYR5l34EA=/576x576/smart/extras/conteudos/blade-marvel.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 128c7c4a9f37521c3964e8d147213c2e11dc7391c6b64aabbef3c9e05e638087

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "bc1e21c0441bb8ba329f6ca37898ed8037dae3a3"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 269038
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 thegameawards_-_THE_GAME_AWARDS_2023_Official_4K_Livestream_TODAY_at_730p_ET430p_PT1230a_GMT_Zu2z5M4gmno_-_951x535_-_2h04m35s.png
cdn.ome.lt/I3F8xNabPvF7ZYYYEGc0knIA6QU=/576x576/smart/extras/conteudos/ 376 KB
377 KB 136ms
124ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/I3F8xNabPvF7ZYYYEGc0knIA6QU=/576x576/smart/extras/conteudos/thegameawards_-_THE_GAME_AWARDS_2023_Official_4K_Livestream_TODAY_at_730p_ET430p_PT1230a_GMT_Zu2z5M4gmno_-_951x535_-_2h04m35s.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: cc36f5b61e53c7b27d18da69856f20230f0819a1e004b45622793bad343cd61f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "70660d5daff96ff5f52127216fe3eebcd54811de"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 385507
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 lost-records-menina.png
cdn.ome.lt/yTp02AN9ru2LQIFPDiyNc6ZrIMY=/576x576/smart/extras/conteudos/ 337 KB
337 KB 140ms
128ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/yTp02AN9ru2LQIFPDiyNc6ZrIMY=/576x576/smart/extras/conteudos/lost-records-menina.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 428b6016d531ad595e2c21d92bb897f46f5c262779b4ec013f7cd079cc15e3b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "231a883e022e2eea2edc945ec046d01a6e62ff15"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 344879
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 black-myth-wukong-arte_oH179Te.jpg
cdn.ome.lt/GfPcCzUOzOV0BL9Gng7N2C-7vPs=/576x576/smart/extras/conteudos/ 71 KB
72 KB 144ms
131ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/GfPcCzUOzOV0BL9Gng7N2C-7vPs=/576x576/smart/extras/conteudos/black-myth-wukong-arte_oH179Te.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 8b039ac807d6fbd6687e33b4766f52a2e6747afa6c2861943d087a395b7e902c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "a7a394655788a355f1e7b261533e7cdcbcfb6b3e"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 73113
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 jurassic-park-atriz.png
cdn.ome.lt/eAONxLvY2HM4KyAYwfTLH7_BMAQ=/576x576/smart/extras/conteudos/ 227 KB
228 KB 145ms
132ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/eAONxLvY2HM4KyAYwfTLH7_BMAQ=/576x576/smart/extras/conteudos/jurassic-park-atriz.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 2f2dc0f79582a5e98a211b6c745c71b7cf7cc92330f77fc68b517272cffd54b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "53e1edcaaa655338bb08959eae44c420e2899a9c"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 232479
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 od_kojima_hunter_schafer.png
cdn.ome.lt/HqqMRop-MV7i1QkJ0KIcsZtKEuA=/576x576/smart/extras/conteudos/ 335 KB
335 KB 152ms
140ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/HqqMRop-MV7i1QkJ0KIcsZtKEuA=/576x576/smart/extras/conteudos/od_kojima_hunter_schafer.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 023bb6e45ba849319cff8cb3dd2e2e62e7d4b8450f23dd0c87472ba3ca2f8460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "095503eb1318835423fe5f82db5e7cb7ce663dd1"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 342822
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 jgo_terror_tga.png
cdn.ome.lt/-pLX14Mzi9dXyDl1bVlbC0UlKXY=/576x576/smart/extras/conteudos/ 540 KB
541 KB 159ms
147ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/-pLX14Mzi9dXyDl1bVlbC0UlKXY=/576x576/smart/extras/conteudos/jgo_terror_tga.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 74a32a7bd43ec04ced348765d939c63c31252b119993e21c193f7d06e22454c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "6e15e62a7a292e3ab3f5d09707d74d03449d1ad9"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 553403
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 80f8db3d33fdae16150ad74049373a801f956d17
i.scdn.co/image/ 29 KB
30 KB 335ms
54ms Image
image/jpeg 2a02:26f0:480:3::210:ee92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/80f8db3d33fdae16150ad74049373a801f956d17
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:3::210:ee92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0842c5ecc37061ec567a20b5224e880b9cce32867d650636682a029f4f44f7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
last-modified: Mon, 20 Jan 2020 21:41:24 GMT
etag: "efeeff7cd95215d0a7edaeed6c663634"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=15780000
x-amz-checksum-crc32c: ro1DXw==
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: range
content-length: 29936
expires: Sat, 08 Jun 2024 04:25:29 GMT

GET
H2 200 ab67656300005f1f581bf12aa8f6789d814e5ae4
i.scdn.co/image/ 43 KB
43 KB 308ms
27ms Image
image/jpeg 2a02:26f0:480:3::210:ee92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/ab67656300005f1f581bf12aa8f6789d814e5ae4
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:3::210:ee92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 07d1d12dabe3ba3d534215e8ed1d3113b034b7a0bc350487cc3fe0b5c198ff57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
last-modified: Wed, 06 Dec 2023 22:03:29 GMT
etag: "7d1e0911c33a4493c703120da603f6fb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=15780000
x-amz-checksum-crc32c: qEtb9w==
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: range
content-length: 43800
expires: Sat, 08 Jun 2024 04:25:29 GMT

GET
H2 200 play-orange.svg
cdn.ome.lt/static/theenemy/img/global/icons/ 383 B
689 B 172ms
161ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/icons/play-orange.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78547bfd866cbc2a798d866c9d3c9cdd49ce056968a4cbeab4653d063b8bcc2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: S5VBASV57KQAY104
etag: W/"cd853dd4a896aae65480867f9a411ff7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: jCqROHz/4GBF6ZOllCAidv798tBjlSm5n2izduP73ZcQSKt5mOSAPrUfOMF6jRIQC838NoNy6CQ=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 ab67656300005f1f5823fcb643e1596d139551d8
i.scdn.co/image/ 34 KB
35 KB 334ms
53ms Image
image/jpeg 2a02:26f0:480:3::210:ee92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/ab67656300005f1f5823fcb643e1596d139551d8
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:3::210:ee92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a8867358520eeca66a25176cd83311f217bdc331713d85cdb9f9a48eaf046a8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
last-modified: Sat, 02 Dec 2023 17:03:59 GMT
etag: "c27938130a8d086299f5df4c4dca6231"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=15780000
x-amz-checksum-crc32c: 9McK9g==
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: range
content-length: 35279
expires: Sat, 08 Jun 2024 04:25:29 GMT

GET
H2 200 ab67656300005f1feba53f740dd805ffb6d6803c
i.scdn.co/image/ 51 KB
51 KB 357ms
76ms Image
image/jpeg 2a02:26f0:480:3::210:ee92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/ab67656300005f1feba53f740dd805ffb6d6803c
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:3::210:ee92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c4941dc686234cf50fa38cf4fa068de74febb7b44d85268a5e47870991b15abd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
last-modified: Thu, 30 Nov 2023 20:01:27 GMT
etag: "6f3db9db1a7449826c4d3738ffca1240"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=15780000
x-amz-checksum-crc32c: iAPhqA==
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: range
content-length: 52260
expires: Sat, 08 Jun 2024 04:25:29 GMT

GET
H2 200 icon-arrow-newsletter.svg
cdn.ome.lt/static/theenemy/img/global/ 588 B
783 B 172ms
161ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/icon-arrow-newsletter.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e6b69db295a362329fae317ae549293e0d215dfeba49adc86245237937fc33c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2NDTWMFS61QBT3
etag: W/"91363c7e4ac6628271804708fd0da13b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: g3D/SjQ89EzXcE8hxP65z+1VG9Z1voki0zsTk1u5EzHEJzRwfgzVWJdh5AZDxJ/O8v5lN9GeUK6/6ynsJWMW1fLoR8TOWDot9qNrOqaLVDc=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 icon-calendar.svg
cdn.ome.lt/static/theenemy/img/global/ 667 B
802 B 173ms
162ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/icon-calendar.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04d6e634f436c7531571d6ba121d01527cc4058a582a050973bef36a9ac154da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2TPS0ZEM0P12SM
etag: W/"50c0f1bc9a9e87b38db28d69603c7b77"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: /cOel+Duf7JElHQgd7aOSYacDXDK8+jhsZ678rgSpRa4dQSpyV81l683R9eHVgsOQoB8ulcBRrVHUlOYDMOBvqgZTWo69iRD8/Kw57YP02M=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 icon-warning.svg
cdn.ome.lt/static/theenemy/img/ 390 B
670 B 174ms
163ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/icon-warning.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03d570589a4e10536726675d4c97a786e40f1fadbba9ce027e64ccc0cb868a62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2S26G4GC574ATC
etag: W/"0d5917ec2aba3ac83ab04d55a3e833af"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: YhmV2ajycvIcqBjhGpmS0DNPUiCbF/0aQNTQAfe7QSoKfGhExrhYSwuAIKHK9dQ2bGfc8pZgIms=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 icon-success.svg
cdn.ome.lt/static/theenemy/img/ 421 B
688 B 175ms
164ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/icon-success.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcca6eb64772c71530c29965d52edac46f8e00d728d73d01091bba6413a1537c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2VZ3EJD3SG1J1Y
etag: W/"f29d85dd77f6eecf9f00ea52d30ba71d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: SUecbeFbmxB/ofvy49ZfAoriyM2vsf/jKglfDOoc9vJmujUG9jWjDldBKlokpC4TCVRRr9rOk6w=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 jogo-da-clarissa.jpg
cdn.ome.lt/evtpZZ2ax8o7YFLPkXwPAr7G5ZA=/100x100/smart/extras/conteudos/ 4 KB
4 KB 175ms
165ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/evtpZZ2ax8o7YFLPkXwPAr7G5ZA=/100x100/smart/extras/conteudos/jogo-da-clarissa.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: c61aa55d44e6949f0554bfc06a7658cfcbef961dbb57270d88daa5f1c1136e84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "50cf96581a7ae1623abce4c3b129a46ae0ad5579"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 3749
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 samsung_galaxy_s23_review.jpg
cdn.ome.lt/ZYTSvhj0e-aXHNZj3-tEmmhKBjc=/100x100/smart/extras/conteudos/ 2 KB
2 KB 176ms
166ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/ZYTSvhj0e-aXHNZj3-tEmmhKBjc=/100x100/smart/extras/conteudos/samsung_galaxy_s23_review.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: ca97e155d659db24f3c4da113cd82a97f468b57aac9734ddc5a232ff2f61e734

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "7287760dc6a3a46362a48aa832e62c7569f30f6c"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 2206
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 3_Nz3LRdp.jpg
cdn.ome.lt/UlIxWri6U9fOEsKUYGSEon3MaCI=/100x100/smart/extras/conteudos/ 3 KB
4 KB 177ms
167ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/UlIxWri6U9fOEsKUYGSEon3MaCI=/100x100/smart/extras/conteudos/3_Nz3LRdp.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 3b5a43448ccee7c689f8ba5f70533b2e07b1c8e50bf9bf4508c6435438b4ab4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "eedfc7c5aee5d479c2cb4b9e607a3805b323e6e2"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 3561
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 naruto-x-boruto-time-7.jpg
cdn.ome.lt/5pOL7BD5O2l_NAfvfcKlxZWIvD4=/100x100/smart/extras/conteudos/ 3 KB
3 KB 178ms
168ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/5pOL7BD5O2l_NAfvfcKlxZWIvD4=/100x100/smart/extras/conteudos/naruto-x-boruto-time-7.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 7306acd306559a232e4e88d5060e4856115de0b9e565e736c9b1488872787807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "ca7541311b402b48405e800ac11d5716f56e3071"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 2930
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 super_mario_rpg_peach_assustada.jpg
cdn.ome.lt/FWtlux8BeCei0pOhFbUYVLv9bjg=/100x100/smart/extras/conteudos/ 3 KB
4 KB 178ms
169ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/FWtlux8BeCei0pOhFbUYVLv9bjg=/100x100/smart/extras/conteudos/super_mario_rpg_peach_assustada.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 6070ede0ee7c9b444c8c8c9f6e38dd80baae1e6b97d84f8dda9d5b90fd40762c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "0a2742b3feea9f235d1393111c45c2e74d0b683d"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 3342
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 alan_wake_2_saga_e_alan_artwork_KYQhP67.png
cdn.ome.lt/-7vjjlgnr2TvBKciwMZ3LLv9ueE=/100x100/smart/extras/conteudos/ 12 KB
12 KB 179ms
170ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/-7vjjlgnr2TvBKciwMZ3LLv9ueE=/100x100/smart/extras/conteudos/alan_wake_2_saga_e_alan_artwork_KYQhP67.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 4171ca1536fb5ac0ca4aa6bf2e48a53e05d86eba0b7690415535475e9d4a7c34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "9db26f2ffa2a05c0d774c98fb37a03df4b2d5cf8"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 12431
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 icon-footer-mobile.svg
cdn.ome.lt/static/theenemy/img/global/ 588 B
758 B 180ms
171ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/icon-footer-mobile.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e6b69db295a362329fae317ae549293e0d215dfeba49adc86245237937fc33c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2VNTCJ9VZGD90D
etag: W/"91363c7e4ac6628271804708fd0da13b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: vXsZkZwdxvHmnljSeeXWIU2vbGwDWHVrcD3NzpfY94yh+w1jyVaf4ewPErFfXU21AAMq9IDRtl8=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 omelete.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 2 KB
1 KB 181ms
171ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/omelete.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3650035e92645f57658ad332a57cb9698e01377559332e97f728a45c154ca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2XNEV8GYZ2R8X9
etag: W/"d6d10d07c49532068f231a61c40c61b2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: K0Qgy3+Nk14qJOuLI80XZ9qgUvJ4tQrtH6/RHE+0HBRAb7uT+6HLiVMHp6rPq5ZNSdk+8We+ZO0=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 ccxp.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 382 B
721 B 181ms
172ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/ccxp.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99a105320b3ffee719b135858fd7f6e46e4daee7b3361b0d1c2275cc571a5d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2R7SGRF3RNYFE5
etag: W/"7e67ebe3450165b4be848950da6c662c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: DyCmfXgpi3E82OP9W10lgiuUifjuvaInVD6+3lUh7yRckg0iA3mFiZKh+nfk87C9EKen/GcACGJ0JT/kHB7kqsJryuBwCyoUdSysWkAObN0=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 gaules.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 3 KB
2 KB 182ms
173ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/gaules.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2281afa9450ecb8fea2d98a7771aaa3798422183d1d6f17f052a65b4bf0fafca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2JZH6MZQM83N00
etag: W/"0604de51f525ee0209d8a884e1fd062c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: dc9cDvTqPrDwxHPGPQFjI7s4tFkT7SluD8sxGbIlFYl6Sa2pXSbTwTJVtzPCPU7poiW4tZWZ0jeNVNJVUUnURbvmycD20jzPkmlRssY1Pbk=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 theenemy.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 1 KB
1 KB 182ms
174ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/theenemy.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6788654596cbffd1766579fa98b46b18664e0725b345e61e22ac857d8e33eee1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2X1JVRXB7J0MKN
etag: W/"6ab8e6886bec19d9aa32b8b6ffeb59b8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: YSZ5t8wC1wLECM7VEcGEtO4DnFbu2Kj2TMsXeAieRfjwd0pGk/mJaRg7NN/ITGblLRFHO3Bi4MC60WenSZoUVF5xRx/lb2LGMTDiTMU5jwI=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 logo-big-festival.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 8 KB
3 KB 183ms
174ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/logo-big-festival.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d31c7823120af450b13a77841ec9209f008f9046d1efb466914639c2d25656a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2W6MPK27RNX7HN
etag: W/"aa0e9d7ceca32478416580bb0efd7b98"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: Z3eAZ3WrlTNfFpY1oFo//ZJs7zhI3YXQz/HHYUIW0XeQsjIWEsnSUSMVOpz8pp8SHv3mfYEG9go=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 logo-baiano.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 3 KB
2 KB 188ms
180ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/logo-baiano.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d20f9b978321480ecf47d67771656d15034e663b48fd579ca46dd16cebfb2672

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2Q65RGNN7KPH1X
etag: W/"088286e83bfab77817e38277a1cd7669"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: 8CURcIJMVdCAauGr9Gpuo8CD5HMX7ytrUeHFak0n83x8ux3X+HU6mTE7bsAVzPjMOIa6zygn7HE=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 gamexp.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 16 KB
7 KB 189ms
181ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/gamexp.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2887cb728b33a9adac1b6b6f643017d8acbc6fdd01418a8cc198dba02c945ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 15:46:46 GMT
server: AmazonS3
x-amz-request-id: 4P0JY805REZY5NWH
etag: W/"83cd0241e1823c58f95a69e142e0b5b9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: Ch2sWOZrbaZjaeAXFBnCMvw6IR6qt+8I/nWvLV5+bzAIjPdy2TC8Dt7ibxWVefUQA6A9Ha7ebSnRvBa4ITduBnSgsgY9Ct1+
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H/1.1 200
OK v1.js Show response
player.twitch.tv/js/embed/ 26 KB
8 KB 114ms
34ms Script
application/x-javascript 146.75.118.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.twitch.tv/js/embed/v1.js

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ca6036d3633634cadd9195fc8789a2c970ea069922adbfa4dbdd13386aae472f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 08 Dec 2023 13:05:28 GMT
Via: 1.1 varnish
X-Cache: MISS
Connection: keep-alive
Content-Length: 7944
X-XSS-Protection: 1; mode=block
X-Served-By: cache-fra-eddf8230034-FRA
Server: Kestrel
X-Timer: S1702040729.748022,VS0,VE2
ETag: "8c09b32559172f8e785d06bfc76fb525"
Vary: Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
Content-Type: application/x-javascript
Release-Type: release
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 scripts.min.js Show response
cdn.ome.lt/static/theenemy/js/ 184 KB
68 KB 22ms
22ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/theenemy/js/scripts.min.js?v=ae933
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da53db0ee1502bb46183d63732f43b1d071bcd6aaac208af62eeb537a9b3a69b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 19:43:38 GMT
server: AmazonS3
x-amz-request-id: J7J9Q3FG5VH62JK8
etag: W/"964eeaf81c24f875b0bf0e30f005cb2c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: MZULLcBflQQTZc6vKFlf5wmtSuH2yFP4zqlPPk3aUIZvb6mha77wGeeKHbb/0mTuul9Z8jMLD8sNKuoWBEwrGg==
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.2.9/ 20 KB
7 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.2.9/firebase-app.js

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92923e7ea94444b385afba025c7848d21f243be8358d35dc293275553863d97a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6528
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 21:12:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 01:57:17 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.2.9/ 40 KB
11 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.2.9/firebase-messaging.js

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f921ad528f18411472daf5a169f99678086aec6ac4a71f00730575a092621f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10867
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 21:12:55 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:38:09 GMT

GET
H2 200 push-config-production.min.js Show response
cdn.ome.lt/static/theenemy/js/push-notification/ 522 B
806 B 22ms
22ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/theenemy/js/push-notification/push-config-production.min.js
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb92bf41253e86222df249324a6a9e8474afe58fb43b27f309e496234f240edb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:27 GMT
server: AmazonS3
x-amz-request-id: HE2MK6Q6DTJ3N3GV
etag: W/"21da946c2c17c5b7dd872b524f9d75c2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: XJfFXwV4XPt0y8ljFxiE+NVmxhUj8+uMcsxzgA+M6hAlRGe9fttIy6jZPHEJqY/8ajlyr9NX/Oln2IOkhpmEsbN7S1Qsi67jluJ9L0MGnmc=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 push-notification.min.js Show response
cdn.ome.lt/static/theenemy/js/push-notification/ 14 KB
4 KB 21ms
21ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ome.lt/static/theenemy/js/push-notification/push-notification.min.js?v=ae933
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 760802e88fde37fce039f875d18d98432685cbc671f63bc1aec4261b0ad0fdb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 19:43:38 GMT
server: AmazonS3
x-amz-request-id: 7K0XAR17T5FFF287
etag: W/"74911eb6fdf9cd9504080eddb9579255"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: ixiZABhbbkb9jouvHuwX8/FAH4lLSkISEyvbthHuT2eBRuFsf7dbkBE7h7ihslwKh1Ejw823mgs=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
799 B 218ms
168ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&family=Sora:wght@400;500;600;700&display=swap

Requested by

Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/theenemy/css/style.min.css?v=ae933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec6a9a84f60fd103479cea277e6124378c6127ebd51b111c9f0ce5d0c8604900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ome.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 13:05:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 13:05:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 230 B
660 B 78ms
29ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Catamaran&text=%E2%80%9C%3C%3Ex

Requested by

Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/theenemy/css/style.min.css?v=ae933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7634f03562aaf45da02ffa5432ba79dedcbb913b7e308fec2816fa527eea781f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ome.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 13:05:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 13:05:28 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 270 KB
66 KB 134ms
51ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:50:29 GMT
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 22:47:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 900
x-amz-server-side-encryption: AES256
etag: W/"aaba284d2b2910b9a4f56befae1e2e69"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: w1VGTaGMwT1R9wghe7-4DJsL3BWBr8E3xWdPHiMINv6n6ti1XjGp0w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 77ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 11:41:48 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5020
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 08 Dec 2023 13:41:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
78 KB 93ms
42ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CCJPG4

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1070630d9a850013eec8b6337cba1962de2d0f337b9e9744494c93015d7c26cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79481
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Dec 2023 13:05:28 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 101ms
32ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 1043
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8325385c592c71d0-FRA
expires: Fri, 08 Dec 2023 13:48:05 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 71ms
25ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 08 Dec 2023 13:05:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: IFnnmIhppOJ3n3hn0OJPAPpqQERuH4Ek1ZA80CBwZZbbchTqoOzegnLQZ/e4f/8vPegIYTcRwsn0gAZpyKe2Pg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 155 KB
45 KB 149ms
88ms Script
application/javascript 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41de0823999e3321a77262cfcd3dd03ffa0d9a518b757042b0cde85300fe7d54

Request headers

Referer: https://www.theenemy.com.br/
Origin: https://www.theenemy.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time: 1ms
date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 08 Dec 2023 12:24:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-envoy-upstream-service-time: 7
accept-ranges: bytes
cf-ray: 8325385bb82139d9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 45878

GET
H2 200 logo-small.svg
cdn.ome.lt/static/theenemy/img/global/ 448 B
737 B 189ms
181ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo-small.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5ac5de2b1320bacf6faf6bcc7fee0aff325ceed946ff9b0d0928a36029edf33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2MRBZE35CD93J1
etag: W/"6ff93afb7dcd4b9ed7eaadb97f9d76d9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: HAFedbBYH6yLjtZB9/d9+T2xB4czeMZtYh5C9qpWClfNupq62kVoGwRBuKJ2XTYKkm3iQJCCkBk=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 destiny-cenario.jpg
cdn.ome.lt/tnoqIlSVL5fVJFs1Pj8Vy17yaXU=/200x200/smart/filer_public/0a/4a/0a4a0d0e-354b-467d-9773-b23bd625b2e9/ 8 KB
9 KB 189ms
182ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/tnoqIlSVL5fVJFs1Pj8Vy17yaXU=/200x200/smart/filer_public/0a/4a/0a4a0d0e-354b-467d-9773-b23bd625b2e9/destiny-cenario.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: b3c66e9e7c1866c3a5f2b5232b5a07021b09c97d9834eaf9d28159a825092f70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "b1cbee666ff78eb48ad9a2672a6d92f56cd1ec00"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 8675
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 trailer_1_illustration_16x9.png
cdn.ome.lt/dO72hTNIIRoFaw4flU6VrlJHpTU=/200x200/smart/filer_public/a7/1b/a71b7888-1e74-44f4-b919-c2a19c8dfbed/ 72 KB
73 KB 190ms
183ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/dO72hTNIIRoFaw4flU6VrlJHpTU=/200x200/smart/filer_public/a7/1b/a71b7888-1e74-44f4-b919-c2a19c8dfbed/trailer_1_illustration_16x9.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 84ae428702e4fc11e671f55c8ab64e586cd6d292b7f21c25fe074b2658233e87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "dc50b83ee91d9e78876d1c4455ab5ebe159afd16"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 74099
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 twitch.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 379 B
682 B 193ms
186ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/twitch.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb49a0475587c65910beee583c9efcaafb9b879413e90ae480f4139319f871f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2MADQSFAK8BHVY
etag: W/"23f97e8b04d0de1b9a7cac949d9eb5ad"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: v1HCzoZsnoZUpxwFavE9Dr/buDwR7tEGxEg3qdH2VGCBsutAh911s5qBQES2BLOsB6kF8bSDp2Q=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 youtube.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 637 B
831 B 194ms
187ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/youtube.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bffdfea157f4029b71cc2910979fd69cc9617814fbf01147beb66aa46179092

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2SH08JCFTCXHVP
etag: W/"83987f9ed7d322ccf4eb7dc5a8881ceb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: MOqeiAU0EY9R+w9E9uURCBMREHz4KBTda29Gc2mL2e74S7ydQNAnPL7Nf4H8gQMOM43qwlo4kUTSY3nCz+yPwGL0Tfvrg30SH6TqgEAuc3Q=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 facebook.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 314 B
695 B 194ms
188ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/facebook.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a17cce79dd4a0147fd6c622324c2bac69be712c91a9f374a7978ba6ebd66d33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2Q8TVCF894Z811
etag: W/"f13bb8d03590bfb3448203f34aa5de29"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: DLIUtRI0VJI7E8trsffMUSoVX17GsHirJc1B+2s2NHAEJoQDbdE8sOal0PoPspX1qx6DfZCpPW3snuIJeLQQ9UljBrvGSF3Nqd8LqVfXcuc=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 instagram.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 2 KB
1 KB 195ms
188ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/instagram.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1391be70ba54dae8119a0ffb80b847e389f74d0c5397835f51e72270844b811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2KYH14CGZ020SE
etag: W/"dcfd3364b96cd70f5ff925c150dd9b56"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: AKmSubEPQyZzkdm+vnyQJH3k+gOWPdSCrdCPWyYnoCJhnmSHwmaXgWCQzQYew2CRVD/Mk6W1iIzvdMkvRk1Zw5HJmgwcqJl43jJJvIv6fdk=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 x.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 388 B
713 B 195ms
189ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/x.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c78e7cb2867da49b4f010b576398cbc4e20b588ca4f2ce82b5a29cc7afea94bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 15:46:46 GMT
server: AmazonS3
x-amz-request-id: 9B0EZ26RKDAGM6ZX
etag: W/"805b6ac09975d68762a4ecb1dc7c552d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: Zr4Z0KPAaxrOBraGQzpEsE31e/8MGw//gA1uXUxQhRZpiOTcw3YXer/aBe5UCWbUqgBlNAXy+H0=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 discord.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 1021 B
968 B 195ms
190ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/discord.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b92decc9e727f7606ea5c95da71eb9085f53bf8bc5588aa052fb687ed4b7669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2ZK17YPSY4CHH5
etag: W/"a783a6c5c6c0a07f0332eb979714aab2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: RsUsMGy52T7l7v50kvnsjbfroOy8wDob7ytkVFCF0052X4fPxs/Q/512LgC2EdAxaXEVsyqNdWY=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 ping.svg
cdn.ome.lt/static/theenemy/img/global/logo/ 1 KB
1 KB 196ms
190ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/logo/ping.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ecd239de9c5af5a96cfb5e068a6982d9299ec92ed30a415f2f588fbe309ce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2GJXSEYY06FVSQ
etag: W/"bc1955e1e1aaba718044914549377cdf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: qwl9TtGNtGimhX8IOcTEXSUTy4Y0937hQhOgoRUc+aCD3n34MEq8WDd7nTCmSGdCtWc/8+FQFa8=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 icon-chevron.svg
cdn.ome.lt/static/theenemy/img/global/ 209 B
614 B 31ms
26ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/icon-chevron.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca921a32c82e4bf20e7a6123536cbac2d409f88c5dd86ac4c4f5039bdfa0aa15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2Z9X5N7FT00NJ6
etag: W/"c712f29084eae2d7c43dffe7d86fb54c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: kmAVWP280E9VdMCafIvlJFvUeYRoOqooyvjeRrzL4EWfE1wcDfbX6m/IVdZagQlISOfwkS9w/9w=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 sprite.png
cdn.ome.lt/static/theenemy/img/global/ 31 KB
32 KB 25ms
20ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/sprite.png
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/theenemy/css/style.min.css?v=ae933
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74cf226adbff17485304cb68054926b87f7e7eb74714d07b9c46bb38d4e62d83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ome.lt/static/theenemy/css/style.min.css?v=ae933
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
x-amz-request-id: HE2XWV05EJJ55TD2
x-amz-server-side-encryption: AES256
content-disposition: inline
content-length: 31873
x-amz-id-2: TQz/fZTxzf0NpBBU+HWjBjbg5lW125uqMQoAZLh9N1qh8CyNNBnGj1OPcB2XDMKILOdhVTto/NQ=
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
etag: "ed42c84e0630a4e9c88bc7f59b940434"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2
fonts.gstatic.com/s/sora/v12/ 24 KB
25 KB 75ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sora/v12/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&family=Sora:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34f389410a7c00bca7ca2822478e236e1b5f388c49519ef8147bf035b2e20417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theenemy.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:48:32 GMT
x-content-type-options: nosniff
age: 62216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25064
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:16:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:48:32 GMT

GET
H2 200 nAtoaDv-tWQ Show response
www.youtube.com/embed/ Frame 7814 94 KB
41 KB 205ms
150ms Document
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4920adb1ba457d48249e67e616ebba8b423d86f25a3acd58a2e361a0e5902bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theenemy.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jQdFe0Wiugw Show response
www.youtube.com/embed/ Frame 9ABB 93 KB
41 KB 179ms
126ms Document
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f774eb038bce5333e2b1b74ea2d48c5edb0d59a224c59f9044e4233e4fe417a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theenemy.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 icon-timer.svg
cdn.ome.lt/static/theenemy/img/global/icons/ 302 B
670 B 194ms
191ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/icons/icon-timer.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02bb83b7b7e8d2a52abca25504e3a68cbb06117b98b324ce3647efd694f34b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2KNXCENT4SDAAF
etag: W/"ac3ad2025274d5289ba5f8eca862746c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: tVSupLXmpfODN6sw8boGp5xc7vfmegJvqQYQcykeqTKJvaufNzJWqy4naWb10UQhzAndoyIIeLTmrSyWplXWfOfkC+iqasirvRW6zVcrxZU=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 ripple.svg
cdn.ome.lt/static/theenemy/img/global/ 873 B
772 B 195ms
192ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/ripple.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6468e85639dd72c15d5a04311fe0a83a9b8ca00278d316cf9ec1a98e76510321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2K82AXRX9MVH4H
etag: W/"7e1ad7b67b59e157da279a12ee4281be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: Ae9Egypm8zTtu7z1bPH7AIg4IVWk6PXcrhWpu52kB13uICrautdu7c4cyF4owk6WG39zzLG80fI=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 play-orange.svg
cdn.ome.lt/static/theenemy/img/global/icons/ 383 B
689 B 192ms
188ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/icons/play-orange.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78547bfd866cbc2a798d866c9d3c9cdd49ce056968a4cbeab4653d063b8bcc2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: S5VBASV57KQAY104
etag: W/"cd853dd4a896aae65480867f9a411ff7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: jCqROHz/4GBF6ZOllCAidv798tBjlSm5n2izduP73ZcQSKt5mOSAPrUfOMF6jRIQC838NoNy6CQ=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 icon-calendar.svg
cdn.ome.lt/static/theenemy/img/global/ 667 B
802 B 193ms
189ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/icon-calendar.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04d6e634f436c7531571d6ba121d01527cc4058a582a050973bef36a9ac154da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2TPS0ZEM0P12SM
etag: W/"50c0f1bc9a9e87b38db28d69603c7b77"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: /cOel+Duf7JElHQgd7aOSYacDXDK8+jhsZ678rgSpRa4dQSpyV81l683R9eHVgsOQoB8ulcBRrVHUlOYDMOBvqgZTWo69iRD8/Kw57YP02M=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 icon-warning.svg
cdn.ome.lt/static/theenemy/img/ 390 B
670 B 193ms
190ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/icon-warning.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03d570589a4e10536726675d4c97a786e40f1fadbba9ce027e64ccc0cb868a62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2S26G4GC574ATC
etag: W/"0d5917ec2aba3ac83ab04d55a3e833af"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: YhmV2ajycvIcqBjhGpmS0DNPUiCbF/0aQNTQAfe7QSoKfGhExrhYSwuAIKHK9dQ2bGfc8pZgIms=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 malrang.jpg
cdn.ome.lt/ZmqGg5k1cN-bDr_F6m1byK-NUsc=/100x100/smart/extras/conteudos/ 3 KB
4 KB 537ms
534ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/ZmqGg5k1cN-bDr_F6m1byK-NUsc=/100x100/smart/extras/conteudos/malrang.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: b06fbf68e3dc7f87c88659f0fc9339cd3c633e1793916ab688c7c2d08bafc58b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
server: nginx/1.12.1
etag: "7c2a90fad94c68865c3de8ce5747741cc61af170"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 3467
expires: Sat, 09 Dec 2023 13:05:29 GMT

GET
H2 200 dead-by-daylight-cadaver_BtHgHKw.jpg
cdn.ome.lt/JMABFjOMbciH6Ms1gjL5JY8iloI=/100x100/smart/extras/conteudos/ 2 KB
3 KB 193ms
190ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/JMABFjOMbciH6Ms1gjL5JY8iloI=/100x100/smart/extras/conteudos/dead-by-daylight-cadaver_BtHgHKw.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 12f2fc2866f13662d8bf55dba50a1d059dc07af84986b4b652acedd7a6477b90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "eda71981082ea081a1c4026aabc5f527d0d1aa42"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 2318
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 baldurs-gate-3-mulher.jpg
cdn.ome.lt/FeC0tq65btFOx62W6ubyRcCTCm0=/100x100/smart/extras/conteudos/ 3 KB
3 KB 194ms
191ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/FeC0tq65btFOx62W6ubyRcCTCm0=/100x100/smart/extras/conteudos/baldurs-gate-3-mulher.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: e6f5d3568633fc6a8c1a74e4d21b919366a6b33bfb83ee12c3680395f8ea7cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "447a99a7bc18337b6162fc2823e369e2cc850c60"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 2729
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 thegameawards_-_Monster_Hunter_Wilds_World_Premiere_Trailer_at_The_Game_Awards_2023_O3syM4tV8Xw_-_951x535_-_1m22s.png
cdn.ome.lt/4svviq65iKubTLsmt5CcaPBLubk=/100x100/smart/extras/conteudos/ 20 KB
21 KB 195ms
192ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/4svviq65iKubTLsmt5CcaPBLubk=/100x100/smart/extras/conteudos/thegameawards_-_Monster_Hunter_Wilds_World_Premiere_Trailer_at_The_Game_Awards_2023_O3syM4tV8Xw_-_951x535_-_1m22s.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 44bbba2224d66500b9f17796315678c50abc00168255798f508d56390a81c480

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "a11b7a95af171ff9def5d86e3668c51fe4f103d1"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 20778
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 thegameawards_-_THE_GAME_AWARDS_2023_Official_4K_Livestream_TODAY_at_730p_ET430p_PT1230a_GMT_Zu2z5M4gmno_-_951x535_-_3h06m17s.png
cdn.ome.lt/VaIkwvk2S7a4LJ9swiZepj9cBc0=/100x100/smart/extras/conteudos/ 22 KB
22 KB 197ms
194ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/VaIkwvk2S7a4LJ9swiZepj9cBc0=/100x100/smart/extras/conteudos/thegameawards_-_THE_GAME_AWARDS_2023_Official_4K_Livestream_TODAY_at_730p_ET430p_PT1230a_GMT_Zu2z5M4gmno_-_951x535_-_3h06m17s.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: c75df0adc58b68bf3a79ad371f5c1302e736ab8448dd973a2cf7808bd1509b1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "da501d7459875d2648f5d93b41e43721da6bef0e"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 22071
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 The_First_Descendant_The_Game_Awards_2023_Trailer_Screenshot_15.png
cdn.ome.lt/n890joledc6x2PHStbt6tXHvmzE=/100x100/smart/extras/conteudos/ 23 KB
23 KB 198ms
195ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/n890joledc6x2PHStbt6tXHvmzE=/100x100/smart/extras/conteudos/The_First_Descendant_The_Game_Awards_2023_Trailer_Screenshot_15.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: d6893d34e8f2325b36f0ea24cf19bf86e5e0b808ceda83bd68f03d5df17edda9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "a077d669cf96dcb39b51bb294cae119ff90fc6e4"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 23771
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 exoborne-personagem.png
cdn.ome.lt/ocCNQvigoSDzKrcNkNyg24FcQx0=/100x100/smart/extras/conteudos/ 23 KB
23 KB 202ms
199ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/ocCNQvigoSDzKrcNkNyg24FcQx0=/100x100/smart/extras/conteudos/exoborne-personagem.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: fc7db9a2caaab5cb80239aacf4aa717862d2c67cdd16843fa6990fed990586cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "eaaf3d3c6dc464410e5f3558e6bde4ad5d928617"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 23650
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 last_sentinel.png
cdn.ome.lt/xtRcpRwy2w__6DQjeQ63XhiNZjg=/100x100/smart/extras/conteudos/ 20 KB
21 KB 202ms
200ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/xtRcpRwy2w__6DQjeQ63XhiNZjg=/100x100/smart/extras/conteudos/last_sentinel.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: d0212745136b26b2a052568c229cb681498b932d00549b1e0ea8c1384fd5607a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "fdbc5256d63192af492b2969ef9893c76915fbee"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 20777
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 80f8db3d33fdae16150ad74049373a801f956d17
i.scdn.co/image/ 29 KB
30 KB 189ms
53ms Image
image/jpeg 2a02:26f0:480:3::210:ee92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/80f8db3d33fdae16150ad74049373a801f956d17
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:3::210:ee92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0842c5ecc37061ec567a20b5224e880b9cce32867d650636682a029f4f44f7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
last-modified: Mon, 20 Jan 2020 21:41:24 GMT
etag: "efeeff7cd95215d0a7edaeed6c663634"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=15780000
x-amz-checksum-crc32c: ro1DXw==
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: range
content-length: 29936
expires: Sat, 08 Jun 2024 04:25:29 GMT

GET
H2 200 ab67656300005f1f581bf12aa8f6789d814e5ae4
i.scdn.co/image/ 43 KB
43 KB 147ms
27ms Image
image/jpeg 2a02:26f0:480:3::210:ee92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/ab67656300005f1f581bf12aa8f6789d814e5ae4
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:3::210:ee92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 07d1d12dabe3ba3d534215e8ed1d3113b034b7a0bc350487cc3fe0b5c198ff57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
last-modified: Wed, 06 Dec 2023 22:03:29 GMT
etag: "7d1e0911c33a4493c703120da603f6fb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=15780000
x-amz-checksum-crc32c: qEtb9w==
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: range
content-length: 43800
expires: Sat, 08 Jun 2024 04:25:29 GMT

GET
H2 200 ab67656300005f1f5823fcb643e1596d139551d8
i.scdn.co/image/ 34 KB
35 KB 73ms
73ms Image
image/jpeg 2a02:26f0:480:3::210:ee92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/ab67656300005f1f5823fcb643e1596d139551d8
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:3::210:ee92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a8867358520eeca66a25176cd83311f217bdc331713d85cdb9f9a48eaf046a8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
last-modified: Sat, 02 Dec 2023 17:03:59 GMT
etag: "c27938130a8d086299f5df4c4dca6231"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=15780000
x-amz-checksum-crc32c: 9McK9g==
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: range
content-length: 35279
expires: Sat, 08 Jun 2024 04:25:29 GMT

GET
H2 200 ab67656300005f1feba53f740dd805ffb6d6803c
i.scdn.co/image/ 51 KB
51 KB 78ms
78ms Image
image/jpeg 2a02:26f0:480:3::210:ee92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/ab67656300005f1feba53f740dd805ffb6d6803c
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:3::210:ee92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c4941dc686234cf50fa38cf4fa068de74febb7b44d85268a5e47870991b15abd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
last-modified: Thu, 30 Nov 2023 20:01:27 GMT
etag: "6f3db9db1a7449826c4d3738ffca1240"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=15780000
x-amz-checksum-crc32c: iAPhqA==
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: range
content-length: 52260
expires: Sat, 08 Jun 2024 04:25:29 GMT

GET
H2 200 jogo-da-clarissa.jpg
cdn.ome.lt/evtpZZ2ax8o7YFLPkXwPAr7G5ZA=/100x100/smart/extras/conteudos/ 4 KB
4 KB 204ms
202ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/evtpZZ2ax8o7YFLPkXwPAr7G5ZA=/100x100/smart/extras/conteudos/jogo-da-clarissa.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: c61aa55d44e6949f0554bfc06a7658cfcbef961dbb57270d88daa5f1c1136e84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "50cf96581a7ae1623abce4c3b129a46ae0ad5579"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 3749
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 samsung_galaxy_s23_review.jpg
cdn.ome.lt/ZYTSvhj0e-aXHNZj3-tEmmhKBjc=/100x100/smart/extras/conteudos/ 2 KB
2 KB 204ms
203ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/ZYTSvhj0e-aXHNZj3-tEmmhKBjc=/100x100/smart/extras/conteudos/samsung_galaxy_s23_review.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: ca97e155d659db24f3c4da113cd82a97f468b57aac9734ddc5a232ff2f61e734

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "7287760dc6a3a46362a48aa832e62c7569f30f6c"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 2206
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 3_Nz3LRdp.jpg
cdn.ome.lt/UlIxWri6U9fOEsKUYGSEon3MaCI=/100x100/smart/extras/conteudos/ 3 KB
4 KB 205ms
203ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/UlIxWri6U9fOEsKUYGSEon3MaCI=/100x100/smart/extras/conteudos/3_Nz3LRdp.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 3b5a43448ccee7c689f8ba5f70533b2e07b1c8e50bf9bf4508c6435438b4ab4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "eedfc7c5aee5d479c2cb4b9e607a3805b323e6e2"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 3561
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 naruto-x-boruto-time-7.jpg
cdn.ome.lt/5pOL7BD5O2l_NAfvfcKlxZWIvD4=/100x100/smart/extras/conteudos/ 3 KB
3 KB 205ms
204ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/5pOL7BD5O2l_NAfvfcKlxZWIvD4=/100x100/smart/extras/conteudos/naruto-x-boruto-time-7.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 7306acd306559a232e4e88d5060e4856115de0b9e565e736c9b1488872787807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "ca7541311b402b48405e800ac11d5716f56e3071"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 2930
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 super_mario_rpg_peach_assustada.jpg
cdn.ome.lt/FWtlux8BeCei0pOhFbUYVLv9bjg=/100x100/smart/extras/conteudos/ 3 KB
4 KB 206ms
204ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/FWtlux8BeCei0pOhFbUYVLv9bjg=/100x100/smart/extras/conteudos/super_mario_rpg_peach_assustada.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 6070ede0ee7c9b444c8c8c9f6e38dd80baae1e6b97d84f8dda9d5b90fd40762c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "0a2742b3feea9f235d1393111c45c2e74d0b683d"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 3342
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 alan_wake_2_saga_e_alan_artwork_KYQhP67.png
cdn.ome.lt/-7vjjlgnr2TvBKciwMZ3LLv9ueE=/100x100/smart/extras/conteudos/ 12 KB
12 KB 206ms
205ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/-7vjjlgnr2TvBKciwMZ3LLv9ueE=/100x100/smart/extras/conteudos/alan_wake_2_saga_e_alan_artwork_KYQhP67.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 4171ca1536fb5ac0ca4aa6bf2e48a53e05d86eba0b7690415535475e9d4a7c34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "9db26f2ffa2a05c0d774c98fb37a03df4b2d5cf8"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 12431
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 icon-arrow-newsletter.svg
cdn.ome.lt/static/theenemy/img/global/ 588 B
783 B 208ms
207ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/global/icon-arrow-newsletter.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e6b69db295a362329fae317ae549293e0d215dfeba49adc86245237937fc33c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2NDTWMFS61QBT3
etag: W/"91363c7e4ac6628271804708fd0da13b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: g3D/SjQ89EzXcE8hxP65z+1VG9Z1voki0zsTk1u5EzHEJzRwfgzVWJdh5AZDxJ/O8v5lN9GeUK6/6ynsJWMW1fLoR8TOWDot9qNrOqaLVDc=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 icon-success.svg
cdn.ome.lt/static/theenemy/img/ 421 B
688 B 208ms
207ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/static/theenemy/img/icon-success.svg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcca6eb64772c71530c29965d52edac46f8e00d728d73d01091bba6413a1537c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 15:11:26 GMT
server: AmazonS3
x-amz-request-id: HE2VZ3EJD3SG1J1Y
etag: W/"f29d85dd77f6eecf9f00ea52d30ba71d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-id-2: SUecbeFbmxB/ofvy49ZfAoriyM2vsf/jKglfDOoc9vJmujUG9jWjDldBKlokpC4TCVRRr9rOk6w=
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 destiny-cenario.jpg
cdn.ome.lt/G5xiOhho7DAX5Ap9l4yOI5g-s2M=/680x380/smart/filer_public/0a/4a/0a4a0d0e-354b-467d-9773-b23bd625b2e9/ 52 KB
52 KB 207ms
207ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/G5xiOhho7DAX5Ap9l4yOI5g-s2M=/680x380/smart/filer_public/0a/4a/0a4a0d0e-354b-467d-9773-b23bd625b2e9/destiny-cenario.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 581696da59b452da41d5ed744205e71fabf175b3183db16a2129b76bce38f08a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "2d2a7ed025ba8d74a3f5687ee6ab4d2219c7a17a"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 52988
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 trailer_1_illustration_16x9.png
cdn.ome.lt/SXNfh-JqrHJJzG6hO7vOJTpXpSc=/370x200/smart/filer_public/a7/1b/a71b7888-1e74-44f4-b919-c2a19c8dfbed/ 125 KB
126 KB 208ms
208ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/SXNfh-JqrHJJzG6hO7vOJTpXpSc=/370x200/smart/filer_public/a7/1b/a71b7888-1e74-44f4-b919-c2a19c8dfbed/trailer_1_illustration_16x9.png
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 02944691b48bd17a861fa44e6a509676ca03800b4e7b3197e23132cd0bb9c781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "fe147e219df24b1617e74ff176cf5a55f4e0070e"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 128510
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 cbolao-2023-ccxp23-lec-team.jpg
cdn.ome.lt/nJV8WaJK7RjB8txEIGPfsD8ApgI=/325x345/smart/filer_public/cb/71/cb717f6d-51ca-4c81-b3aa-2f3b00e57323/ 23 KB
23 KB 211ms
210ms Image
image/jpeg 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ome.lt/nJV8WaJK7RjB8txEIGPfsD8ApgI=/325x345/smart/filer_public/cb/71/cb717f6d-51ca-4c81-b3aa-2f3b00e57323/cbolao-2023-ccxp23-lec-team.jpg
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 0a53626c228848fbc75bf2f199fbb2e6b66f30751c5d29e97e6f4e956d1366ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
server: nginx/1.12.1
etag: "3a798b59e0be3260602d28f175f2a239ac34eb58"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
content-disposition: inline
content-length: 23733
expires: Sat, 09 Dec 2023 13:05:28 GMT

GET
H2 200 ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
fonts.gstatic.com/s/publicsans/v15/ 26 KB
26 KB 84ms
42ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&family=Sora:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theenemy.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:17:13 GMT
x-content-type-options: nosniff
age: 49695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26244
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:34:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:17:13 GMT

GET
H2 200 all.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

87bdcc200f277993446443fa1ae2132b6ab99bfcf5625bc6954131d23356447c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 13:05:29 GMT
content-md5: fgkkFwAmb2cIGZSu/TzdEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: dGsRHkO7uk+uhsWX2kNndF8Wyam1z8uFrDPx2hpFe7SvkLddSeP/E+AEPCMuk1iGk1RdD89CCs8hJZvr78CSTA==
x-fb-content-md5: 9127ed0b8c35697abd16896bcf2288b0
cross-origin-opener-policy: same-origin-allow-popups
etag: "b20f398890f987bc944baec0e847e26d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 08 Dec 2023 13:06:30 GMT

GET
H2 200 undefined.json Show response
www.theenemy.com.br/api/realtime/ 29 B
258 B 137ms
127ms Fetch
application/json 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theenemy.com.br/api/realtime/undefined.json
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/theenemy/js/timelineScript.min.js?v=ae933
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 7bb9f8c8c6164aa642d93fd8df773e3e049a2f87f4c8e9fdc79f7cd0de829967

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
server: nginx/1.12.1
vary: Origin
content-type: application/json
access-control-allow-origin: http://dev.tribotomajor.com.br
cache-control: max-age=30
content-length: 49
expires: Fri, 08 Dec 2023 13:05:59 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 840 B
1 KB 108ms
33ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/theenemy/js/vendor/prebid5.20.4-2023-03-16.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

45d444d0d0eb19a328090bce7921f39647ce778c635e168151a21ea7702d52b7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
an-x-request-uuid: b0b49f0b-4b93-4133-bf29-40baa66d2d8f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theenemy.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.20; 217.114.218.20; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 5 KB
5 KB 412ms
333ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16280&site_id=118526&zone_id=559662&size_id=2%3B15%3B15%3B2%3B2%3B15%3B9&alt_size_ids=57%3B%3B%3B57%3B%3B%3B10&rf=https%3A%2F%2Fwww.theenemy.com.br%2F&tk_flint=pbjs_lite_v5.20.4&x_source.tid=ad602b0c-0d30-4220-81bc-ea1f928c1048%3B4ba354e0-d1f9-4f0d-87a3-f99d5e082eb4%3B5506352f-ba91-42fd-8b57-00a859ae6e27%3Bc967de67-acad-45ab-9968-a9a4ff83f2f5%3B11ff8cd6-d95e-4292-ae9e-6c22907da213%3Bd641c98e-fc52-4cea-a990-97413cf68f36%3B1725e84b-b737-440c-b46d-6a3b9ae44fb8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=7&rand=0.3805410280170729
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/theenemy/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c723cdf359157b94a9886bd6d9bd23f33f20cf1f2921326c8d80f0c8f9c182b4

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theenemy.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
561 B 343ms
128ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/theenemy/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
561 B 365ms
127ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/theenemy/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 357ms
119ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/theenemy/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
561 B 528ms
290ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/theenemy/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
561 B 515ms
169ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/theenemy/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
561 B 361ms
124ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/theenemy/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 344ms
130ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.ome.lt
URL: https://cdn.ome.lt/static/theenemy/js/vendor/prebid5.20.4-2023-03-16.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
150 B 29ms
28ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1867359407&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theenemy.com.br%2F&ul=en-us&de=UTF-8&dt=The%20Enemy%20-%20A%20maior%20plataforma%20de%20games%20do%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=848105295&gjid=896516817&cid=1291061657.1702040729&tid=UA-99712154-1&_gid=1946401071.1702040729&_r=1&_slc=1&z=457398640

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theenemy.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 21ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1867359407&t=pageview&_s=2&dl=https%3A%2F%2Fwww.theenemy.com.br%2F&ul=en-us&de=UTF-8&dt=The%20Enemy%20-%20A%20maior%20plataforma%20de%20games%20do%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=1291061657.1702040729&tid=UA-99712154-1&_gid=1946401071.1702040729&cd5=main&z=563312678

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 23:26:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49133
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
342 B 173ms
74ms Fetch
text/plain 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_8172&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=471b531&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 13:05:29 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://www.theenemy.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Fri, 08 Dec 2023 13:05:29 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 111ms
26ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-99712154-1&cid=1291061657.1702040729&jid=848105295&gjid=896516817&_gid=1946401071.1702040729&_u=IEBAAEAAAAAAACAAI~&z=263210001

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 08 Dec 2023 13:05:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theenemy.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eeaed78c-8268-4bca-9715-9bd07ae4a091 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
812 B 102ms
22ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/eeaed78c-8268-4bca-9715-9bd07ae4a091
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 67cd506664df682baa90fcdc8f630c749a7c6dd6fe1f6131444f7bcc3f6afaa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:09:16 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3373
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: oKFD6qedrR1PX0rGgbhXFl-SUvaSqMk4d7m0iQ69fJsxDRl0A8OyeQ==

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 141ms
68ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theenemy.com.br%2F&pid=H038Ud6PwxTDg&cb=0&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-inferior%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Finferior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-realtime%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_realtime%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-superior%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fsuperior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rodape-desktop%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Frodape_desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-meio%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fmeio%22%7D%5D&pubid=eeaed78c-8268-4bca-9715-9bd07ae4a091&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: QEM4H5YDYKXXV2C37YQS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: JKmNxgW99bSsldnlX3lgMYVDBn8SF7HNE1pYzmPduBssbpOZbAqpbw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 136ms
65ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theenemy.com.br%2F&pid=H038Ud6PwxTDg&cb=1&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-inferior%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Finferior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-realtime%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_realtime%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-superior%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fsuperior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rodape-desktop%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Frodape_desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-meio%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fmeio%22%7D%5D&pubid=eeaed78c-8268-4bca-9715-9bd07ae4a091&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: 7QF6ED5QNNJ61FGC4P5G
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 3sfSa9wh-GMpySoKhtrSUhe1hUOS1l7hKhbEn1gTiZPJx8vt9SZA4Q==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
466 B 137ms
69ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theenemy.com.br%2F&pid=H038Ud6PwxTDg&cb=2&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-inferior%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Finferior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-realtime%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_realtime%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-superior%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fsuperior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rodape-desktop%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Frodape_desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-meio%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fmeio%22%7D%5D&pubid=eeaed78c-8268-4bca-9715-9bd07ae4a091&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: NK52B4DS0M1W7RMPMRNP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ZlEoLo9MSnZDqFxEk5ysSlJuvXrpH7AnlxO0xNkjM7bZ0q2LYBrZQQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 116ms
64ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theenemy.com.br%2F&pid=H038Ud6PwxTDg&cb=3&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-inferior%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Finferior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-realtime%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_realtime%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-superior%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fsuperior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rodape-desktop%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Frodape_desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-meio%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fmeio%22%7D%5D&pubid=eeaed78c-8268-4bca-9715-9bd07ae4a091&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: SE4KVEDTN31GBMX9H54M
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: v4ltW4SSkzjb4LpiUzSScibCBQqy_pOQtBH9N__d4ke0K5NzHaWLhA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 118ms
66ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theenemy.com.br%2F&pid=H038Ud6PwxTDg&cb=4&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-inferior%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Finferior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-realtime%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_realtime%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-superior%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fsuperior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rodape-desktop%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Frodape_desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-meio%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fmeio%22%7D%5D&pubid=eeaed78c-8268-4bca-9715-9bd07ae4a091&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: RGTS0TMMK2Y1HC87GYBB
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: UwsD-LA94hj0DeEVIfF9N8QioQCol_9eM-Jr_EGm8osiWIUnvIw3zA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 119ms
67ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theenemy.com.br%2F&pid=H038Ud6PwxTDg&cb=5&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-inferior%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Finferior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-realtime%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_realtime%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-superior%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fsuperior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rodape-desktop%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Frodape_desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-meio%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fmeio%22%7D%5D&pubid=eeaed78c-8268-4bca-9715-9bd07ae4a091&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: 3GCS17MCR8T17VV6XP1B
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: TbAGFzql_IVLKSPHzguk6atdeuSEt42g45VSFv7U4sVD12_WYRkzlQ==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22apsLibraryError%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22eeaed78c-8268-4bca-9715-9bd07ae4a091%22%2C%22ts%22%3A1702040729029%2C%22url%22%3A%22... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
417 B 101ms
49ms Fetch
image/gif 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22apsLibraryError%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22eeaed78c-8268-4bca-9715-9bd07ae4a091%22%2C%22ts%22%3A1702040729029%2C%22url%22%3A%22https%253A%252F%252Fwww.theenemy.com.br%252F%22%2C%22r%22%3A%22%22%2C%22e%22%3A%7B%22et%22%3A%22Error%22%2C%22el%22%3A%22getIdentityConfig%22%2C%22msg%22%3A%22Not%20allowed%20to%20store%20or%20access%20information%20on%20device%3A%20Invalid%20tcString%3A%20undefined%22%7D%2C%22lv%22%3A%2223.1129.2055%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: SZHJ7CFSMCCZR91CKXPT
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: FEn-ndrN-1jU4yNGjWH3H2fG31RLUFa8jOM9E4hIupJV0uaflL5WSw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
466 B 115ms
63ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theenemy.com.br%2F&pid=H038Ud6PwxTDg&cb=6&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-inferior%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Finferior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-realtime%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_realtime%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-superior%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fsuperior%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rodape-desktop%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Frodape_desktop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-arroba-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Farroba_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-meio%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F18178082%2Fthe_enemy%2Fmeio%22%7D%5D&pubid=eeaed78c-8268-4bca-9715-9bd07ae4a091&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: 0SGCH7P00H7ZJF8DM9X2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: L8FKFzs07Pm0XtLkTNeqvoj8y-5JUDCOaIApv6CQb09DyQf-LApKaA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 72ms
26ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 06:51:41 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 22429
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: APeRjMR9mdl6Vhqur8iveT10-L8QZWpQuHK8yzYiy47RF6BLeV2MWA==

GET
H2 200 www-player.css
www.youtube.com/s/player/dee96cfa/ Frame 9ABB 365 KB
47 KB 34ms
21ms Stylesheet
text/css 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48216
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 12:49:47 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 9ABB 54 KB
17 KB 48ms
35ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d24ef4276a92518287ca48d4ed5a57d00283f70a01bfd860d5d4931a6db46f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16999
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 19:07:20 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/ Frame 9ABB 322 KB
96 KB 56ms
44ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b479a8548e5751006d04e185368e48db0d7ceac3ba359d25db43fd6c24089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98658
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 12:45:32 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 9ABB 2 MB
769 KB 60ms
48ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef873aad7c605372b175969edd7dd1febb7ab93881b49650a442c1a7fd2407f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786495
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 08:32:52 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/dee96cfa/ Frame 7814 365 KB
47 KB 38ms
25ms Stylesheet
text/css 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48216
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 12:49:47 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 7814 54 KB
17 KB 64ms
52ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d24ef4276a92518287ca48d4ed5a57d00283f70a01bfd860d5d4931a6db46f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16999
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 19:07:20 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/ Frame 7814 322 KB
96 KB 67ms
55ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b479a8548e5751006d04e185368e48db0d7ceac3ba359d25db43fd6c24089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98658
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 12:45:32 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 7814 2 MB
769 KB 70ms
58ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef873aad7c605372b175969edd7dd1febb7ab93881b49650a442c1a7fd2407f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786495
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 08:32:52 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 106ms
46ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-99712154-1&cid=1291061657.1702040729&jid=848105295&_u=IEBAAEAAAAAAACAAI~&z=1106605558

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 135ms
60ms Image
image/gif 2a00:1450:4005:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-99712154-1&cid=1291061657.1702040729&jid=848105295&_u=IEBAAEAAAAAAACAAI~&z=1106605558

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4005:801::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 126 B
875 B 118ms
30ms XHR
application/json 141.94.219.171
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.219.171 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy06.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.theenemy.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 86

GET
H2 200 compass-multimedia-sdk.js Show response
sdk.mrf.io/statics/ 6 KB
3 KB 32ms
31ms Script
application/javascript 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=839
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d72d7a4f01b52528b8ddba2925380f653b8822d6509fa74716b9ba125d761e64

Request headers

Referer: https://www.theenemy.com.br/
Origin: https://www.theenemy.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
via: 1.1 c975be6c710711d2ced7184eca05c992.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: LHR61-C1
age: 3063
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 86
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 15:16:00 GMT
server: cloudflare
etag: W/"0b7e289aa5e997187e3ae952574360a4"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 8325385d8a2b39d9-FRA
x-amz-cf-id: fvwjJzGq_HXNWShRsXCCylFChZTUuYuRNDGeNY8Dw2Q70RARvjuuKg==

GET
H2 200 render Show response
marfeelexperimentsexperienceengine.mrf.io/experimentsexperience/ 6 KB
2 KB 135ms
34ms Script
application/javascript 162.19.56.86
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://marfeelexperimentsexperienceengine.mrf.io/experimentsexperience/render?id=AC_f0wiYUVJQZGIT7ZjJCQeRQ&experimentType=HeadlineAB&version=esnext
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.56.86 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy01.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 4bffddca8c0174b71781e39a8d23e89c30f572101e5f44b0e778899469c524f7

Request headers

Referer: https://www.theenemy.com.br/
Origin: https://www.theenemy.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:28 GMT
content-encoding: gzip
surrogate-key: experimentsexperience#AC_f0wiYUVJQZGIT7ZjJCQeRQ
server: istio-envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.theenemy.com.br
cache-control: max-age=180, must-revalidate
x-envoy-upstream-service-time: 4
mrf-podname: marfeelexperimentsexperienceengine-5df7c9c88b-52h54

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 257 KB
87 KB 42ms
40ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9SH3GR3Z9Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CCJPG4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2b343ed9034c811730cc9712dc8c94906fe55c37671201512fd68755d6493b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 13:05:29 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1062127218/ 3 KB
2 KB 118ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1062127218/?random=1702040729201&cv=11&fst=1702040729201&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v875918011&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theenemy.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Enemy%20-%20A%20maior%20plataforma%20de%20games%20do%20Brasil&auid=504336937.1702040729&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1062127218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43e3d07dfa928cb3adefc7c2f0924abf5589581a40395f1baa049519293573fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1282
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9ABB 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 49113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9ABB 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 144242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:01:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7814 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 49113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7814 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 144242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:01:27 GMT

GET
H2 200 88270 Show response
tag.navdmp.com/u/ 507 B
479 B 473ms
473ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/88270
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9d6066da42d61cf26a2c1ea6d50eb2abdfc5943c98bb39804e048ed612ce927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Jun 2023 13:31:33 GMT
server: cloudflare
etag: W/"64886fb5-1fb"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8325385dfb5871d0-FRA
expires: Fri, 08 Dec 2023 14:05:29 GMT

GET
H3 200 all.js Show response
connect.facebook.net/pt_BR/ 299 KB
84 KB 47ms
24ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js?hash=1f5dfff3b94f0cc45149803b23e1b5db

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52999cb857fd3cee0c35f1bbc50e427350126ba3d1a66aadee3aaf7daec4e0b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.theenemy.com.br/
Origin: https://www.theenemy.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 13:05:29 GMT
content-md5: Ff00WdAvYo838Kbtf8xHRg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86358
reporting-endpoints
x-fb-debug: qX646009etkz5B8HQfXUVR8+vNujiKCdXqPAfFLLrQzyv+8qp9NTuT8MktbjhopRGMzXTuwgLeqLg28H4uPs9Q==
x-fb-content-md5: c3792469ae391d21b997a79ca1cb7c38
cross-origin-opener-policy: same-origin-allow-popups
etag: "2c6ae5dd3c941d62e7cd16e23cb590af"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Dec 2024 11:45:14 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8920
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 07 Dec 2024 10:36:49 GMT

GET
H2 200 458666847632026 Show response
connect.facebook.net/signals/config/ 143 KB
37 KB 81ms
81ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/458666847632026?v=2.9.138&r=stable&domain=www.theenemy.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

602d839611f3f71da51fe2cb8947b4c0e78083a19e9157b454b69940f3b5c52b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 08 Dec 2023 13:05:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Da6eF0f5ZfjEDmzOt/2Brtdia3AKoEwd734Jk2e6I5BRU+61d7g8+bNruIHovb7+iUZg/XI8eQWS/xOO5MTwKQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1f9abcbfcbfcbedd764d.js Show response
sdk.mrf.io/statics/ 51 KB
13 KB 30ms
30ms Script
application/javascript 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/1f9abcbfcbfcbedd764d.js
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=839
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e5b2e3d4eb96275f868d1d24c9a8d7c621635aa67c547885f48cfb64b86d3fe

Request headers

Referer: https://www.theenemy.com.br/
Origin: https://www.theenemy.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
via: 1.1 9ddb4a7c37b01f2b5d90f99e9851b35c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: LHR61-C1
age: 2018
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 10:05:51 GMT
server: cloudflare
etag: W/"9ded954872d144d3cefafb224b8fd444"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 8325385e48349a21-FRA
x-amz-cf-id: 99RSXcXzzgiAzIZB36Du80Ft98bsYAI9kn9w6tcYzbSWNauJaTKUGA==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 79ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9SH3GR3Z9Q&gtm=45je3bt0v876057138z8889266690&_p=1702040728841&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1291061657.1702040729&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702040729&sct=1&seg=0&dl=https%3A%2F%2Fwww.theenemy.com.br%2F&dt=The%20Enemy%20-%20A%20maior%20plataforma%20de%20games%20do%20Brasil&en=page_view&_fv=1&_ss=1&tfd=3553
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9SH3GR3Z9Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theenemy.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 28ms
28ms Ping
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9SH3GR3Z9Q&cid=1291061657.1702040729&gtm=45je3bt0v876057138z8889266690&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9SH3GR3Z9Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theenemy.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 60ms
59ms Image
image/gif 2a00:1450:4005:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9SH3GR3Z9Q&cid=1291061657.1702040729&gtm=45je3bt0v876057138z8889266690&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=764906400

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4005:801::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 7814
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

31ms
30ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7823b1367d52373228c844143eee811b2795494b8d2d6e1a0c589e37f8989ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Dec 2023 13:05:29 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 7814 29 B
495 B 76ms
21ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:56:15 GMT
x-content-type-options: nosniff
age: 554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Dec 2023 13:11:15 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9ABB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

31ms
28ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21ca702ba891c81f30e484b9cb3544cf76a550c777db17f0e164da2228039da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Dec 2023 13:05:29 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9ABB 29 B
89 B 70ms
22ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:56:15 GMT
x-content-type-options: nosniff
age: 554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Dec 2023 13:11:15 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1062127218/ 42 B
154 B 36ms
35ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1062127218/?random=1702040729201&cv=11&fst=1702040400000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v875918011&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theenemy.com.br%2F&frm=0&tiba=The%20Enemy%20-%20A%20maior%20plataforma%20de%20games%20do%20Brasil&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNihBluJ0nHBTBo05-2GFanbuKhz3o8A&random=3346854837&rmt_tld=0&ipr=y

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1062127218/ 42 B
64 B 41ms
41ms Image
image/gif 2a00:1450:4005:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1062127218/?random=1702040729201&cv=11&fst=1702040400000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v875918011&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theenemy.com.br%2F&frm=0&tiba=The%20Enemy%20-%20A%20maior%20plataforma%20de%20games%20do%20Brasil&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNihBluJ0nHBTBo05-2GFanbuKhz3o8A&random=3346854837&rmt_tld=1&ipr=y

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4005:801::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 80ms
29ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 08 Dec 2023 13:05:29 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7814 87 KB
40 KB 43ms
43ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

534d13810fefd3f05ef7f4d12aa1178371679a782b4f56c8691c4e7e8196c7a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40879
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 7814 116 KB
33 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8547aade2e3f00b3cb94b6eb1d15339b238fa447005f81de7500217910b3ada2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33667
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 13:02:32 GMT

GET
H3 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 7814 51 KB
19 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:08:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 03:08:37 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/nAtoaDv-tWQ/ Frame 7814 55 KB
55 KB 135ms
79ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/nAtoaDv-tWQ/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c33fa60a6c0924dcb3b4a9fdadacf8f0d6a8f0d264b7a56a27db35bfb969df4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56211
x-xss-protection: 0
server: sffe
etag: "1701888224"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Dec 2023 13:10:29 GMT

GET
DATA 200
OK truncated
/ Frame 7814 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 w0NqadcvRwmExySll9S-4w9MbpQifl_U2DY8uPMcNZznH27_SkV5I5vCtrpCguk0tkl2l8pmJw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 7814 3 KB
3 KB 81ms
23ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/w0NqadcvRwmExySll9S-4w9MbpQifl_U2DY8uPMcNZznH27_SkV5I5vCtrpCguk0tkl2l8pmJw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad0fdec0f53d5188736b251948d20915dd40af435d2bd6d2ae1c72b95b175727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:03:52 GMT
x-content-type-options: nosniff
age: 97
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3303
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 09 Dec 2023 13:03:52 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 31ms
29ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 08 Dec 2023 13:05:29 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9ABB 88 KB
40 KB 64ms
64ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc6b9fbe9fae095b144d7803c5614d3fe927489ece6abc6ebb5f370dee632abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41145
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 9ABB 116 KB
33 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8547aade2e3f00b3cb94b6eb1d15339b238fa447005f81de7500217910b3ada2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33667
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 13:02:32 GMT

GET
H3 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 9ABB 51 KB
19 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:08:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 03:08:37 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/jQdFe0Wiugw/ Frame 9ABB 52 KB
53 KB 28ms
23ms Image
image/webp 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/jQdFe0Wiugw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87d22781c187c85522a285d71cb7dc8dabca484e1de628bfd8b825796b637c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:03:56 GMT
x-content-type-options: nosniff
age: 93
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53400
x-xss-protection: 0
server: sffe
etag: "1701980278"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Dec 2023 13:08:56 GMT

GET
DATA 200
OK truncated
/ Frame 9ABB 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKbAob9H-ShuYGC19VBFEkUBBAyySFruOSvunuXVhJY=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9ABB 997 B
1 KB 30ms
22ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKbAob9H-ShuYGC19VBFEkUBBAyySFruOSvunuXVhJY=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eed73afc99cdecf6d8e5fbe8cbdacffc1f654275cff8f08efecf2f8bdfe4eb4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:17:43 GMT
x-content-type-options: nosniff
server: fife
age: 2866
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 997
x-xss-protection: 0
expires: Sat, 09 Dec 2023 12:17:43 GMT

POST
H2 200 recirculation.php
events.newsroom.bi/ 12 B
0 92ms
29ms Fetch
application/json 141.94.219.171
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.219.171 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy06.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.theenemy.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 95ms
41ms Fetch
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1683571678615936&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.theenemy.com.br%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js?hash=1f5dfff3b94f0cc45149803b23e1b5db

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
date: Fri, 08 Dec 2023 13:05:29 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: YDZksKOZ2kB2jepMeCyIDgK34t3xyhv+QpiLtaOBdrCOffdY1E+MKRXUY+VhhTJ4koDVakyoG/nLf1v3j42h0w==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 522 KB
89 KB 787ms
787ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3936386077936602&correlator=1874474511583993&eid=31080021%2C44807746%2C44782499%2C31078660&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=18178082%2Cthe_enemy%2Cmini-booster%2Csuperbanner_bet%2Cbackground%2Cinferior%2Carroba_2%2Carroba_realtime%2Coutbound-partner%2Csuperior%2Crodape_desktop%2Carroba_bet%2Cbooster%2Carroba_1%2Cseedtag%2Ccontagem%2Chalfpage_bet%2Cmeio&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12%2C%2F0%2F1%2F13%2C%2F0%2F1%2F14%2C%2F0%2F1%2F15%2C%2F0%2F1%2F16%2C%2F0%2F1%2F17&prev_iu_szs=930x530%2C728x90%2C1800x1000%2C970x250%7C728x90%2C300x250%2C300x250%2C614x41%2C728x90%7C970x250%2C728x90%2C300x250%2C1695x920%2C300x250%2C1x1%2C300x150%2C300x600%2C300x600%7C160x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702040729606&lmt=1702040729&adxs=-9%2C-9%2C-9%2C436%2C-9%2C1118%2C-9%2C436%2C-9%2C-9%2C-9%2C1085%2C-9%2C-9%2C-9%2C1085&adys=-9%2C-9%2C-9%2C5349%2C-9%2C552%2C-9%2C264%2C-9%2C-9%2C-9%2C1923%2C-9%2C-9%2C-9%2C3956&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C1%7C-1%7C0%7C-1%7C0%7C-1%7C-1%7C-1%7C2%7C-1%7C-1%7C-1%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theenemy.com.br%2F&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C728x90%7C0x-1%7C300x250%7C0x-1%7C970x280%7C0x-1%7C0x-1%7C0x-1%7C300x250%7C0x-1%7C0x-1%7C0x-1%7C300x600&msz=0x-1%7C0x-1%7C0x-1%7C728x0%7C0x-1%7C300x-1%7C0x-1%7C728x90%7C0x-1%7C0x-1%7C0x-1%7C300x-1%7C0x-1%7C0x-1%7C0x-1%7C300x600&fws=2%2C2%2C2%2C4%2C2%2C4%2C2%2C4%2C2%2C2%2C2%2C4%2C2%2C2%2C2%2C4&ohw=0%2C0%2C0%2C1600%2C0%2C1164%2C0%2C1600%2C0%2C0%2C0%2C1600%2C0%2C0%2C0%2C1600&ga_vid=1291061657.1702040729&ga_sid=1702040730&ga_hid=1867359407&ga_fc=true&dlt=1702040727691&idt=1730&prev_scp=%7C%7C%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D25ab511e0c614a7%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D25ab511e0c614a7%26hb_bidder%3Drubicon%7C%7C%7Camznbid%3D2%26amznp%3D2%7C%7C%7C%7Camznbid%3D2%26amznp%3D2&cust_params=page_type%3Dhome%26content_type%3Dmain%26section%3Dhome-theenemy%26environment%3Dproduction&adks=2047902755%2C512234997%2C1719760287%2C3133878344%2C2989555300%2C515290081%2C4038989848%2C3928882360%2C3239939782%2C988992448%2C72298275%2C2660086541%2C3960679911%2C3799781726%2C1391470017%2C3368530093&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64efcfac75bc9e7a086db5e4da0d2a50c967506db82b4e7765ca2956d4b31cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90622
x-xss-protection: 0
google-lineitem-id: -2,6420973114,-2,-1,-1,-1,6396478752,-1,-1,6420973114,-2,-1,6275072050,-1,6420973114,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138456228147,-2,-1,-1,-1,138452793055,-1,-1,138456228168,-2,-1,138409533353,-1,138456228102,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theenemy.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BE5A 6 KB
3 KB 135ms
58ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theenemy.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:29 GMT
expires: Sat, 07 Dec 2024 13:05:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
79 B 20ms
19ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=458666847632026&ev=PageView&dl=https%3A%2F%2Fwww.theenemy.com.br%2F&rl=&if=false&ts=1702040729673&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1702040729670.2133760753&cs_est=true&ler=empty&it=1702040729281&coo=false&rqm=GET

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 08 Dec 2023 13:05:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 iframe_api Show response
www.youtube.com/ 993 B
517 B 61ms
61ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/1f9abcbfcbfcbedd764d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9b06bd00738f4a68b4399de586c337caa1a3b68b1fe1617fd406292c901c078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 08 Dec 2023 13:05:29 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 36ms
33ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 08 Dec 2023 13:05:29 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7814 90 B
134 B 33ms
33ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

028ce310ba136eda31503c707bd67df172c181dc9d7ec65136d5dd08236abf42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9ABB 90 B
134 B 36ms
36ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2e6c7d7e4fe7f19c6f2fd3a431ff6b6ef3bd784f22b938e8328853536927dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 28ms
28ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 08 Dec 2023 13:05:29 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7814 4 KB
2 KB 141ms
140ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 13:05:29 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
479 B 493ms
482ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=88270&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37e5e049b6a4ce6d718314d4e28a5199ae0ae5cdeb63dd063e92211a08fe7686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 83253861686571d0-FRA
expires: Fri, 08 Dec 2023 14:05:30 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/dee96cfa/www-widgetapi.vflset/ 216 KB
67 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc2f89a221891fdcdf1224b55af497ef691f10afb666751af411e3260a8b7244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:55:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68322
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 12:55:45 GMT

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 9ABB 4 KB
0 210ms
209ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 13:05:29 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 7814 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?P1pRZg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 9ABB 0
10 B 66ms
66ms Image
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?god7ow
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 nAtoaDv-tWQ Show response
www.youtube.com/embed/ Frame 7814 91 KB
38 KB 100ms
100ms Document
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1

Requested by

Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/1f9abcbfcbfcbedd764d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50ba56cdd6bd2032fb651c1e1ad866f2cdd186080f76ee0232747a0703cb6bc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theenemy.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 7814 28 B
54 B 77ms
75ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Goog-Request-Time: 1702040729895
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgszb0RkTG82MWg2SSiYqcyrBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1702040729306&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C356%2C200&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 08 Dec 2023 13:05:29 GMT

GET
H3 200 jQdFe0Wiugw Show response
www.youtube.com/embed/ Frame 9ABB 93 KB
40 KB 133ms
133ms Document
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1

Requested by

Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/1f9abcbfcbfcbedd764d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b930e1f28a5b183e59d9ffcf213150d92861e9436e93c38876e988a37862de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theenemy.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9ABB 28 B
54 B 73ms
68ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Goog-Request-Time: 1702040729901
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtXZS03eUhUUlpQNCiYqcyrBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1702040729301&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C356%2C200&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 08 Dec 2023 13:05:29 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 7814 50 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 21:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 08 Dec 2023 21:36:49 GMT

OPTIONS log
play.google.com/ Frame 0
0

POST atr
www.youtube.com/api/stats/ Frame 7814 0
0

POST log
play.google.com/ Frame 7814 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 7814 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/dee96cfa/ Frame 7814 365 KB
47 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48216
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 12:49:47 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 7814 54 KB
17 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d24ef4276a92518287ca48d4ed5a57d00283f70a01bfd860d5d4931a6db46f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16999
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 19:07:20 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/ Frame 7814 322 KB
96 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b479a8548e5751006d04e185368e48db0d7ceac3ba359d25db43fd6c24089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98658
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 13:04:54 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 7814 2 MB
768 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef873aad7c605372b175969edd7dd1febb7ab93881b49650a442c1a7fd2407f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786495
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 08:32:52 GMT

OPTIONS log
play.google.com/ Frame 0
0

POST atr
www.youtube.com/api/stats/ Frame 9ABB 0
0

POST log
play.google.com/ Frame 9ABB 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 9ABB 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/dee96cfa/ Frame 9ABB 365 KB
47 KB 24ms
24ms Stylesheet
text/css 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:49:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48216
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 12:49:47 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 9ABB 54 KB
17 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d24ef4276a92518287ca48d4ed5a57d00283f70a01bfd860d5d4931a6db46f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16999
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 19:07:20 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/ Frame 9ABB 322 KB
96 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b479a8548e5751006d04e185368e48db0d7ceac3ba359d25db43fd6c24089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98658
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 13:04:54 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 9ABB 2 MB
768 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef873aad7c605372b175969edd7dd1febb7ab93881b49650a442c1a7fd2407f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786495
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 08:32:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7814 15 KB
15 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 49114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7814 15 KB
15 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 144243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:01:27 GMT

POST
H2 200 recirculation.php
events.newsroom.bi/ 12 B
0 32ms
32ms Fetch
application/json 141.94.219.171
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.219.171 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy06.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.theenemy.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9ABB 15 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 49114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9ABB 15 KB
15 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 144243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:01:27 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 7814
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

32ms
29ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72024d35ceaa12091843570a0fd8003af9a2a25cd2e93dcb9fbca2dc9556f84c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 7814 29 B
93 B 25ms
23ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:56:15 GMT
x-content-type-options: nosniff
age: 555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Dec 2023 13:11:15 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9ABB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

33ms
31ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55544214bf04e6631b753bcf812facd76a230b1d5c56c6b805bf6f156039b595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9ABB 29 B
89 B 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:56:15 GMT
x-content-type-options: nosniff
age: 555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Dec 2023 13:11:15 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 31ms
30ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 08 Dec 2023 13:05:30 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7814 87 KB
40 KB 41ms
41ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efb4226e87679f45f113d097a966c84474545452a3bb7a54806d12bda95f4749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40981
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 7814 116 KB
33 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8547aade2e3f00b3cb94b6eb1d15339b238fa447005f81de7500217910b3ada2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33667
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 13:02:32 GMT

GET
H3 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 7814 51 KB
19 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:08:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 03:08:37 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/nAtoaDv-tWQ/ Frame 7814 55 KB
55 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/nAtoaDv-tWQ/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c33fa60a6c0924dcb3b4a9fdadacf8f0d6a8f0d264b7a56a27db35bfb969df4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:29 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56211
x-xss-protection: 0
server: sffe
etag: "1701888224"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Dec 2023 13:10:29 GMT

GET
DATA 200
OK truncated
/ Frame 7814 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 w0NqadcvRwmExySll9S-4w9MbpQifl_U2DY8uPMcNZznH27_SkV5I5vCtrpCguk0tkl2l8pmJw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 7814 3 KB
3 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/w0NqadcvRwmExySll9S-4w9MbpQifl_U2DY8uPMcNZznH27_SkV5I5vCtrpCguk0tkl2l8pmJw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad0fdec0f53d5188736b251948d20915dd40af435d2bd6d2ae1c72b95b175727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:03:52 GMT
x-content-type-options: nosniff
age: 98
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3303
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 09 Dec 2023 13:03:52 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 37ms
37ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 08 Dec 2023 13:05:30 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9ABB 87 KB
40 KB 43ms
41ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69d2930bbe5e3c643a9c5ae79f2b842f013cd9b954fa6f5e3ced97ac1e509ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40979
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/ Frame 9ABB 116 KB
33 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8547aade2e3f00b3cb94b6eb1d15339b238fa447005f81de7500217910b3ada2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33667
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Dec 2024 13:02:32 GMT

GET
H3 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 9ABB 51 KB
19 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:08:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 03:08:37 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/jQdFe0Wiugw/ Frame 9ABB 52 KB
52 KB 23ms
23ms Image
image/webp 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/jQdFe0Wiugw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87d22781c187c85522a285d71cb7dc8dabca484e1de628bfd8b825796b637c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:03:56 GMT
x-content-type-options: nosniff
age: 94
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53400
x-xss-protection: 0
server: sffe
etag: "1701980278"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Dec 2023 13:08:56 GMT

GET
DATA 200
OK truncated
/ Frame 9ABB 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 APkrFKbAob9H-ShuYGC19VBFEkUBBAyySFruOSvunuXVhJY=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9ABB 997 B
1021 B 22ms
21ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKbAob9H-ShuYGC19VBFEkUBBAyySFruOSvunuXVhJY=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eed73afc99cdecf6d8e5fbe8cbdacffc1f654275cff8f08efecf2f8bdfe4eb4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:17:43 GMT
x-content-type-options: nosniff
server: fife
age: 2867
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 997
x-xss-protection: 0
expires: Sat, 09 Dec 2023 12:17:43 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7814 90 B
134 B 36ms
36ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9957cf4d112d4abd0a52958c2ec3f086bdbc43b6c31585cb9f5c1156924fe638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 30ms
29ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 08 Dec 2023 13:05:30 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9ABB 90 B
134 B 40ms
39ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87acae7e86047f050bc56ae3713379f5b438cbafc766a04f805d780ccc37b390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 30ms
29ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 08 Dec 2023 13:05:30 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 511ms
500ms Script
application/x-javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=13c51b18fc8f97301548a1379910%7C0&acc=88270&tit=The%2520Enemy%2520-%2520A%2520maior%2520plataforma%2520de%2520games%2520do%2520Brasil&url=https%253A%2F%2Fwww.theenemy.com.br%2F&upd=1&new=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 832538658dda71d0-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=84911266044
https://sync2.navdmp.com/sync?prtid=2&id=84911266044&google_gid=CAESEJJ3563uMIx__aQWAg00CmY&google_cver=1

6 B
80 B

500ms
489ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=84911266044&google_gid=CAESEJJ3563uMIx__aQWAg00CmY&google_cver=1
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83253866e82a71d0-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=84911266044&google_gid=CAESEJJ3563uMIx__aQWAg00CmY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/sync/ 43 B
418 B 198ms
67ms Image
image/gif 2.19.216.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.216.243 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-216-243.deploy.static.akamaitechnologies.com
Software: MT3 1143 599e619 master cdg cdg-pixel-x15 config_version:"2883" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:30 GMT
Server: MT3 1143 599e619 master cdg cdg-pixel-x15 config_version:"2883"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Fri, 08 Dec 2023 13:05:29 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

0
87 B

39ms
33ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date: Fri, 08 Dec 2023 13:05:30 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.94
content-length: 344
content-language: en

GET
H2 200 container.html Show response
669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 219F 6 KB
3 KB 22ms
19ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theenemy.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:29 GMT
expires: Sat, 07 Dec 2024 13:05:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0ACB 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theenemy.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:29 GMT
expires: Sat, 07 Dec 2024 13:05:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D5D 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theenemy.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:29 GMT
expires: Sat, 07 Dec 2024 13:05:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 548D 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theenemy.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:29 GMT
expires: Sat, 07 Dec 2024 13:05:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E80C 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theenemy.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:29 GMT
expires: Sat, 07 Dec 2024 13:05:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 rfv.php Show response
compassdata.mrf.io/ 27 B
474 B 137ms
38ms XHR
application/json 162.19.96.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://compassdata.mrf.io/rfv.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.32 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy05.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryOZZLNOYA6BWghdhe

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.theenemy.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 42

POST
H2 200 rfv.php Show response
compassdata.mrf.io/ 27 B
475 B 136ms
37ms XHR
application/json 162.19.96.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://compassdata.mrf.io/rfv.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.32 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy05.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryUPDvJdZ8OqkEXZMb

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.theenemy.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 42

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7814 4 KB
2 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 13:05:30 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9ABB 4 KB
2 KB 129ms
129ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 13:05:30 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E1C3 624 B
242 B 68ms
61ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUmMNAu3waGv9difKvdoeLbdie405QPMU5NjNe7BwcDn0quAHIfJjjQVAWUOe32N0xAohl9Mp4BVbaa0DQ91dOnO-Nd3AYwLHJjRq6fgguYNGv18n4rWQ7WJk4cWjmVHXPYqK9ezyqni-gYvAb0lDWCxFqFNJfVQp32qpr855x0Z7xSBrk

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 219F 89 KB
31 KB 125ms
69ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 13:05:30 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 219F 42 B
401 B 111ms
56ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMZNLoJVlg3nB0VO0ughAAq-OVi_prwZtoAMcwIq2yUIHz-SzpEWpuewto_69sWnA-uwjF9XOnVDtbsp0sYQ7OJPHZzYmraxoLzeMdZ7dWEJW7q-M

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 219F 3 KB
1 KB 102ms
47ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:46:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 12:46:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 219F 20 KB
9 KB 75ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:55:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 219F 0
0 37ms
30ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTH3ylsJGtP5AhZN_fXoiR2RMeXQlzcrWkUrai5KSm_OIRpEvDeY6Twv7YQU9lnq_MYzKLdTkP_fl-TZy3v9pIvYuzyMA
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 219F 202 KB
64 KB 68ms
61ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 13:05:30 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 7814 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?qzw1Hw
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3504 640 B
262 B 62ms
62ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPHxmIACMAE&v=APEucNU-Ue8yMoOkHNLSLciOn5Fa8iIpimgt9Qrb7rl74KS-Y4cKVbsMkgnTZEyiHJumTHmSyBmLYQvV0Jai3PM_fmNQZrvIccdbl_zOdTm9QfxD9WXODb-_s0l52q4WiAJgXnF6TbIVns_RGlb4c4aFkLQXndWQvFYtn2kVCMXl-NWVLco1UYk

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0ACB 89 KB
31 KB 123ms
113ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 13:05:30 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0ACB 42 B
107 B 66ms
57ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8eMHVpSz0wJtunir9nhd3r2zAFFEzzq3Zp269gnVJyp1LwWDNx1Lq7FcRSVl_2a-szV_ql5bggD6HD3K4yQX-0itety5MIbUtrSs1WuwcSRM7Hq4

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 0ACB 3 KB
1 KB 55ms
46ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:46:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 12:46:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 0ACB 20 KB
8 KB 32ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:55:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0ACB 0
0 32ms
31ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyDz4z2x0zFcaiQwccmPj8pFzFa1CKSYfp7YdCSSVS2eSYVUA9bt02eokKTNIIa4r7LDIoBgKcUs0qndMBPw_n_l80zA
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0ACB 202 KB
64 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 13:05:30 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5D23 640 B
262 B 66ms
65ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNVoQVhaciwiBZFJS1etFVgwVt1Oopg7tonpPt8CEAnCuM2uyySmLjW4HynnNBub2bINhD64VZHt4JCOK88SX_qRRgE6dEGRdEt0SlKet9QFTrqnsYvYPzuRe2NpV0rmdvMbxr2IbaOsMd5OTf_iloR3yIFnY_OBT_uIOZSYSOlc2eIZ7t8

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0D5D 89 KB
31 KB 124ms
119ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 13:05:30 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D5D 42 B
107 B 60ms
56ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEwQTdSmbZoJyanTk_xelicY3kpWtiCBNAQNorydiHXSI1rlI-w7qxU6pMksSTI4Fy3Osx-ttgdCjPnULbz7jbi-7J-RBk8xohCK2Ce5J4JJVrRhs

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 0D5D 3 KB
1 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:46:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 12:46:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 0D5D 20 KB
8 KB 30ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:55:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0D5D 0
0 29ms
28ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrK44wQk8QCmcEwtZ8zlBqEahuDOdNpdRm-VkWl4XPjdOGKQqtIqfIOkAimgyTmeqv809NEiFdJVztv-Us8kk8nGMs0A
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D5D 202 KB
64 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 13:05:30 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 9ABB 0
10 B 23ms
19ms Image
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?p7vPzQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 53E2 466 B
235 B 75ms
71ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKCEht4BMAE&v=APEucNUIa1wb6_bsJWrvpD7ABOfE1mezAGQe3Edp3xZntz-hHgUhvprhncNOW-upd4eEpjLERjpBPREdtIbq-U8lSwYkiQAcY9zvtECxyMTFIoiJtHzyxqJJS1zdF3IQVH2qs8W4O83yf9CpkKv5uXI017mWhwbQP52HfMW7hgRKBP_y0389iiA

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 548D 89 KB
31 KB 123ms
110ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 13:05:30 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 548D 42 B
107 B 68ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DejqwQmCTVwg0OxAw4OFgzWqT8mg6KKKeZiK_LjrIC0aBKDE_QR7dKyytKHDpKAfaS2K_dWu68Gvivvn5oj7hOYKVumd3W-tP2LzsygA3gGIRf37U

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 548D 43 B
1 KB 128ms
30ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?tc=ca46ee1d44fc11c31437ef5ebe322260&rnd=1702040729707299

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 08 Dec 2023 13:05:30 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 08 Dez 2023 01:05:30 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 713
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 548D 3 KB
1 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:46:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 12:46:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 548D 20 KB
8 KB 29ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:55:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 548D 0
0 40ms
37ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQaVx5lA_ZP2_BlmcxV8JRLPdwEEzSPLJ6qvaeDxj6asfcOr2vYzPdT3_8F5YFnvAdhnvb8nKa1N6naq1CTqLu81F9tzw
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 548D 202 KB
64 KB 107ms
104ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 13:05:30 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 789F 466 B
235 B 67ms
63ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNXN-2sc6GWVmvkRjoO7ikpat4687-DFuonF0Vkiuun2kG34ISc4aLoRXnVZb5cD0gpN0s0d4Aoe9Xo_7CBaEm9ipWg3l_kcwWN5YTNe53-HNIl51CySN3H1cRF4pG9ysmFEtpB8ezuk-JHh5G5SheyywERNeiBd2z9498w34a_drW_ctPo

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E80C 89 KB
31 KB 221ms
210ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 13:05:30 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E80C 42 B
107 B 67ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BDMlYO6OQVYZ1PuFEM7rJFD-ahld_NplzoFCAOLlN-eHFTCjG3oNXsbnnptVoYWhzkAowoy8pWnCixGP_zKmJK5_pzQo-X4W5h16GuWdS6ZuHfK-Y

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E80C 3 KB
1 KB 34ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:46:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 12:46:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E80C 20 KB
8 KB 31ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:55:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E80C 0
0 43ms
41ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcUEyYDYpMu697le_p5_9DXjQBJ4sZQLAqWBGvAorAKSEIfG2ny8jpIrf6PyaOyT1rXz4Ii_2t4ocCpytsD7mYAB1IQQ
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E80C 202 KB
64 KB 160ms
157ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 13:05:30 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame E1C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzn45KjSvTHniJE2yfso7k&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzn45KjSvTHniJE2yfso7k&google_cver=1&C=1

43 B
333 B

66ms
66ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzn45KjSvTHniJE2yfso7k&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUmMNAu3waGv9difKvdoeLbdie405QPMU5NjNe7BwcDn0quAHIfJjjQVAWUOe32N0xAohl9Mp4BVbaa0DQ91dOnO-Nd3AYwLHJjRq6fgguYNGv18n4rWQ7WJk4cWjmVHXPYqK9ezyqni-gYvAb0lDWCxFqFNJfVQp32qpr855x0Z7xSBrk
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOcz1vNH7v9U7dN4udNLzA3CfH62hlho%2FeKuUDhBcNI4PsFiQKKau0EHHfg35BA0fJbk7mOdqADbo00hx2pYFxOox2hePwZysZSPYHtpwuD8md8ecSH7v4jObdpqnqmXuu8oRWK0%2FHju8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83253867cbe56a75-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYG1iivNrdPzAU18VdUfXFd0qTdo%2BtoPNTIEYQvibhMCmlyvxsoJHn4Nrx5BZCx8p%2FJcrFLkFCWzhWhWeuTsb7IsPNrvmdM2R4p%2F8%2FVn%2B6vAF1SbcT2KfkNB%2FDt2faNut6TSjpqVrfweiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEKzn45KjSvTHniJE2yfso7k&google_cver=1&C=1
cache-control: no-cache
cf-ray: 832538675ad66a75-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E1C3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXMUmj3ueRvVuXiWtIGQLgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzn45KjSvTHniJE2yfso7k&google_cver=1

43 B
769 B

72ms
71ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzn45KjSvTHniJE2yfso7k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUmMNAu3waGv9difKvdoeLbdie405QPMU5NjNe7BwcDn0quAHIfJjjQVAWUOe32N0xAohl9Mp4BVbaa0DQ91dOnO-Nd3AYwLHJjRq6fgguYNGv18n4rWQ7WJk4cWjmVHXPYqK9ezyqni-gYvAb0lDWCxFqFNJfVQp32qpr855x0Z7xSBrk
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKsXGj6RU%2Fp1XwqJ7tbkz9guY1DLYw7gFRrASU6kdQKiwGodEHCKOTQbkjr9I3Skuu7ConkH3s%2BSqEgqBuI0zLReeeZ7VwioxEEPx3Ef2j1cxsF8zfu3BQPbSTEia%2BIBindctuL33PTrjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832538688967266d-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzn45KjSvTHniJE2yfso7k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E1C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJA5QZ_o6p8mG9UraKqeDtU&google_cver=1

43 B
841 B

38ms
36ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJA5QZ_o6p8mG9UraKqeDtU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUmMNAu3waGv9difKvdoeLbdie405QPMU5NjNe7BwcDn0quAHIfJjjQVAWUOe32N0xAohl9Mp4BVbaa0DQ91dOnO-Nd3AYwLHJjRq6fgguYNGv18n4rWQ7WJk4cWjmVHXPYqK9ezyqni-gYvAb0lDWCxFqFNJfVQp32qpr855x0Z7xSBrk

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
an-x-request-uuid: a005ac8f-b30d-4cb3-9455-7b3dbfc88f12
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.20; 217.114.218.20; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJA5QZ_o6p8mG9UraKqeDtU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1C3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU5NjAwNDUxMDg0NjU2MzA2

170 B
188 B

40ms
38ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU5NjAwNDUxMDg0NjU2MzA2

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
an-x-request-uuid: c67086d6-1037-40ea-b94f-0f0bf0720abc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU5NjAwNDUxMDg0NjU2MzA2
x-proxy-origin: 217.114.218.20; 217.114.218.20; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 multimedia.php
events.newsroom.bi/ 12 B
0 32ms
30ms Fetch
application/json 141.94.219.171
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/multimedia.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/1f9abcbfcbfcbedd764d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.219.171 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy06.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.theenemy.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

POST
H2 200 multimedia.php
events.newsroom.bi/ 12 B
0 35ms
33ms Fetch
application/json 141.94.219.171
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/multimedia.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/1f9abcbfcbfcbedd764d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.219.171 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy06.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.theenemy.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3504
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECX_zQQNYoZWjM1WywIscfk&google_cver=1

43 B
97 B

36ms
33ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECX_zQQNYoZWjM1WywIscfk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPHxmIACMAE&v=APEucNU-Ue8yMoOkHNLSLciOn5Fa8iIpimgt9Qrb7rl74KS-Y4cKVbsMkgnTZEyiHJumTHmSyBmLYQvV0Jai3PM_fmNQZrvIccdbl_zOdTm9QfxD9WXODb-_s0l52q4WiAJgXnF6TbIVns_RGlb4c4aFkLQXndWQvFYtn2kVCMXl-NWVLco1UYk
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECX_zQQNYoZWjM1WywIscfk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 3504 43 B
111 B 96ms
32ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPHxmIACMAE&v=APEucNU-Ue8yMoOkHNLSLciOn5Fa8iIpimgt9Qrb7rl74KS-Y4cKVbsMkgnTZEyiHJumTHmSyBmLYQvV0Jai3PM_fmNQZrvIccdbl_zOdTm9QfxD9WXODb-_s0l52q4WiAJgXnF6TbIVns_RGlb4c4aFkLQXndWQvFYtn2kVCMXl-NWVLco1UYk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 3504
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEEMkCq8mFpO0YaUNWzE-kKI&google_cver=1

23 B
163 B

212ms
148ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEEMkCq8mFpO0YaUNWzE-kKI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPHxmIACMAE&v=APEucNU-Ue8yMoOkHNLSLciOn5Fa8iIpimgt9Qrb7rl74KS-Y4cKVbsMkgnTZEyiHJumTHmSyBmLYQvV0Jai3PM_fmNQZrvIccdbl_zOdTm9QfxD9WXODb-_s0l52q4WiAJgXnF6TbIVns_RGlb4c4aFkLQXndWQvFYtn2kVCMXl-NWVLco1UYk
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 13:05:30 GMT
pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEEMkCq8mFpO0YaUNWzE-kKI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 3504 23 B
163 B 265ms
147ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPHxmIACMAE&v=APEucNU-Ue8yMoOkHNLSLciOn5Fa8iIpimgt9Qrb7rl74KS-Y4cKVbsMkgnTZEyiHJumTHmSyBmLYQvV0Jai3PM_fmNQZrvIccdbl_zOdTm9QfxD9WXODb-_s0l52q4WiAJgXnF6TbIVns_RGlb4c4aFkLQXndWQvFYtn2kVCMXl-NWVLco1UYk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 13:05:30 GMT
pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5D23
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECX_zQQNYoZWjM1WywIscfk&google_cver=1

43 B
264 B

33ms
30ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECX_zQQNYoZWjM1WywIscfk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNVoQVhaciwiBZFJS1etFVgwVt1Oopg7tonpPt8CEAnCuM2uyySmLjW4HynnNBub2bINhD64VZHt4JCOK88SX_qRRgE6dEGRdEt0SlKet9QFTrqnsYvYPzuRe2NpV0rmdvMbxr2IbaOsMd5OTf_iloR3yIFnY_OBT_uIOZSYSOlc2eIZ7t8
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECX_zQQNYoZWjM1WywIscfk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 5D23 43 B
136 B 93ms
31ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNVoQVhaciwiBZFJS1etFVgwVt1Oopg7tonpPt8CEAnCuM2uyySmLjW4HynnNBub2bINhD64VZHt4JCOK88SX_qRRgE6dEGRdEt0SlKet9QFTrqnsYvYPzuRe2NpV0rmdvMbxr2IbaOsMd5OTf_iloR3yIFnY_OBT_uIOZSYSOlc2eIZ7t8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 5D23
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEEMkCq8mFpO0YaUNWzE-kKI&google_cver=1

23 B
163 B

209ms
154ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEEMkCq8mFpO0YaUNWzE-kKI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNVoQVhaciwiBZFJS1etFVgwVt1Oopg7tonpPt8CEAnCuM2uyySmLjW4HynnNBub2bINhD64VZHt4JCOK88SX_qRRgE6dEGRdEt0SlKet9QFTrqnsYvYPzuRe2NpV0rmdvMbxr2IbaOsMd5OTf_iloR3yIFnY_OBT_uIOZSYSOlc2eIZ7t8
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 13:05:30 GMT
pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEEMkCq8mFpO0YaUNWzE-kKI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 5D23 23 B
163 B 234ms
124ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNVoQVhaciwiBZFJS1etFVgwVt1Oopg7tonpPt8CEAnCuM2uyySmLjW4HynnNBub2bINhD64VZHt4JCOK88SX_qRRgE6dEGRdEt0SlKet9QFTrqnsYvYPzuRe2NpV0rmdvMbxr2IbaOsMd5OTf_iloR3yIFnY_OBT_uIOZSYSOlc2eIZ7t8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 13:05:30 GMT
pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 7814 50 KB
14 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 21:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 08 Dec 2023 21:36:49 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 9ABB 50 KB
14 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 21:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 08 Dec 2023 21:36:49 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 219F 0
58 B 56ms
56ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6632250516021&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 219F 0
47 B 57ms
56ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6632250516021&version=m202309260101&ct=77&x=1&cor=14330109358231212000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 219F 20 KB
14 KB 64ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-ZWFfOLVIOlzxAPINJLoNa7bF-LUJAbuCjInYDAkprlQJ_nIP6knbnI11gii1RTY6PVl1q47qOgrRHDSnHjZnl212oPHkZfaLx3niRycZKNTMbZqhykKb0Bi2UtJRRzQoAIswRp3pWtPiDpIXtmG0O5qlyH5lUO-0RbWEKFWnyPUtIxQ&cry=1&dbm_d=AKAmf-AmfMvFCITjDZ4iggHLDkUKJwHDe2ClExDeMghztJNEQ8bwr4sBibCDvHYhcUxVXIV0rMUZPotpEFWxRKpslcUPwU31_3L--r59bEVlPR2F27IpRgiEQj03pOuVui8dCL2JIA0mC8my0MLJNjzzeiwkbHGmOQCHz_14CyZ0zyauz3B6w3yOEqJaV6ozSD2-wAcenKiy0RZheW-ema_7tV6r1odqd6fUACUrVSBrA997HwjpOWV_cZ6ubLEMfJUThzAqRTHu4K3LkBYiJ5K5btaNIDiyustVrp-_OmTxxVha5GCrYlJ--8qfPrLg8KHqzLFzV9jEEHXBS5LVpjH6DdTxtSK-RZvfuZm7-KX8R5dvaHsEGHNTHP0O5VyC_ZJkNCi7n7s5a8C-BYBuVFV0A7xo_pbq8LZ0CCiHalB1qFgbc0IbSlYkr80DkRPoNdaSA_1MhcEv7PtNdhb_EiSWPQTXizyLOurl3R8hkphxOpaBezIRgoBp7FLWE7ccC5NoPIUTBRNx8vLc9BiCgkV6fOEA2IpDNduvVv8xDkSrupSACTc_eqmJLv6KKOOvVXG5UBfo0TlJQLBaMtY3lFL_nJgbuC8wMpTArJjQSof_tMBh9Jxz50duJimWFYrcmgoGXM6CRNGUoUJjGNLtI3gE6TaDELLlb0MlEqEj-qHDedI9BRO7hz2_db73Cv5O03DiXkgBHEmlxXGNVyONoNOxZ9hxJLqOiPYXCV2xXd6vZU7wWhs15FFDjXOH8XZ_44lOOKhXfAxYjFEfmMv3XXcrax0799JNqzvYH68gr2KSsFnx4eCg1JZriLkQxjYlkoUqvkvtq0vIX9KbpyCLRpNtnTGNpjOdnL0csLZHfdYMctMw3olC391K_pKPOMycR-YdtTJvDlTt2T3gagxhUcqTf1f3VRXTV__evZF1BZkRvzWkwTnQCeRTSj4R7CCflhKoIbAqJ396jeV2zSbBO1yzTW2cjPi9AhBiqYEu3HcPf2OaNwlRz5ndjlnswtKAsH921DpDWYzoeFL_h-ksNhQGys2OiGCiuclcz38xixkIhWS3ZPksXC_4MgLd5-yemTLRxrxgj5eDch63NVtI0WQu8Kh8XmLAs6zZr97TZt4OPLPTsDch7lpuSmgZtrnwvvYLr_ZlP1VEzP2U7sx4voXFfTHpGtHXakewzNvPAHPsKSIWs_tCYUF9ZpRSXqaBdC5J_wDh2trn9HQWeucf24QqKNTtR1gZ0QYkeaTE15P1nJwLqRRGnMqQQ-UiM8Fm7wUjtFYlgNPf81K7wlev-m0eJLK7PTzaqTpZNC9DpxiRGs1euSx-6Q0qdbHl9zuKxed4y3RV8TQuGIJ4v6gBVBlYCdYDpTT5PDj3mnS9xt0yGW962xkvhEYGrPnX0Q7K7wOEBpBOS4rPXCASEI6i2Npd5L3FK-yhL1u8HgU7m2Rfsm-Ng_3ki2299TPlMIGvwHyqQXd4rVvVwYzSxvyzXBapemQZcEPnsZU_CbIVV7AlQbFJ2UNU44aO05RdAZfxPDmbvjzIn2kmT_fBMdAm4OWNwU9MGtvyPk8of231Xu7BCEzYTME1bqaN6AMlv0QxZCrJ4XSd8yUg9d9wgrjNZshXsIuP5GoG41_Is-7ArOn1BwWJJQiUP9mksMiK--SnYuaHdraa3k_mBRnTR67suaI_IaUxvlbqxtGWcjCKH7Avfl0heDfVe1uQ0qGD_sYSczK9-BIPy6S1e5yNiHDscTM1a2O9TYj4aVhGVhvTlJzePfX9HNmqXTbLEgegsIbzHtzzpqrDAP003RzcwqOY_wlzhSNGJoUML0VFxVWyI5XbOmu-oRAhMwhYxltTY2duGrRdzYvjVEqaicZcZv2d48SXGCjxABCiIG1ETAUXCAB9edwgGXtD67VZUZnemuNpfNGj9IZoCEz1ZqnRU3giZZo-FJN_2-lGEj__4-t4pR_rp2HoDYZaFoZWOztpA1GuypbVcgfkEcP2rK1ZKX0IbmCmZvsW84zO4JenznnGG25ryDji6NSPpPxOP_XmAjM6DaGroioUBjuPUJLo7SXXqDy7bUkN6vrUquwE81X9b8R2w6RM1mqZoWinQzY3Ta1fPODJ-XcYnsQyJVcGINVYU6G6birjVq1ICbrVf53d9tI7CHXWj7Cg4m--GVXfHTBVrCC_25HUArITofTmXERZ7H2RGlCecp8mOM5wElQYQ5GP2Ys018ZzHlUAjUoMHxOhTKrJl5820-vWyKDjhsarHvnZEZ9PHNJp-E3xRW4uHNs75og7cM7PqvD-DSQ7KHpPFMdo1_FVSxDXdGyFQcLPQ2Sh86qGVWb2pvHr6Yx9RO1PiB_CVAGsq511U0pGwTFymVcq2H7vtMEkZYWzQi0fpGdkyTYLpObe-9oRLBy-S_jfPp0En40MkAl7QfyIdr9VoKgmfN2H00kpJoTajEZtaH2hDI0_gqbtMBeGiioJAGmKuziykKOo2lBXYQJeuqJ79EvLzmTeV_EOM_76B_J-vi7JubKvsfAY9O0IiJca6k6S13RFoOXWDZBfs5pS4OlsC7yvSNvoCF1GG3zcyRvcoCi2H6k53FCMNREZIT-1Wp5uo_KzWsNWYahyCFeeqfyu87xKmLea1F_1_TDvTD8fJINfdsVyNwqjHJBLomMSclaR6QyzQj3AjgJZ-AJtd_nEO3vQ2DwRdO1vn8IOkQETixzpATFNkPpa7xNdLWHnFh61e5ITmDS4LRQEQoGJyLgqQcw451RJBuGmT8F4fOfylozbvXbdsj718D8drvH7B6dj00eItRpYfaneztCj0DIvW9Cn7OSc0Cqkg9weSZCRTO39_YUufBK4QXmxbLD_IokFHA4DCutOOUXz3iZXboXL_NBZfbnkKE07iE1TFm7WJ4ONMy4XzzbV22G_zS84irLPI-IM9T-68TBQsxW9HIy7D-tk7MAZcSu147SnAbx1W-oJrD9jZXwYb6LvnerAweV7b_Wo5_9OfVe_WNSMs4mm1MGvoquL5leys8uqTYn4vGpkY678u-w8j_ngnlekYx7F3gmh8wUNyoCLJIGMXBQuqRu1XRWTZbfUqn50GaTX2jGmYyRqv5lO7HaZsTRgE9z21zQ0QkSujrzwhlnCFobxItjk4_rtVVAc5At7ziOAR53Uqh4e7giuvwvaSjqYbICGcdPfoRrzql6iI7DBQrtEmNsQc6VJ244MixUw_eWK6vBTPUrcjcOlJuzZ99FdxamMZiZ1i3ewU2DgmPqvog-gTZC7cIR3RzADOtxsW_31p1m2x-qWlvtFNaRboXMaFQocUdC1QmfXT5kq80wolsyncYGw9agj7WbUU-NxyUDZHR-2R-EiAMSohuKhBUpWaksoNC3Jn1JB34GPqUrfC6zxtJBg2KwKWfXDtlI5_CtBwH5brCRUY_k8uF6Wl7dIW8kKtKdBQsNVsFuPDoF972mfwJ9-OOnvYtZlxqu7lxFxX85HD57ymberkgAlLYeJLWfq7oe_8KzaZy7NXtSskH9OTCziuzBB1NdtluafvAwsTrF4XtY9LrJN0ULUvyxsozeR9CKesf_kil0QhRoimEATUDfVrHftFu10Zc3DIsVa1sQ3vZ4E_vtlYt4gZrJzmMGn_us1NZHjctpEQUmISBCPoh9rbRQYwKZ4XZA1uZ0No8EtOoIP_fwNZ4cwYcT3tfjiyJGye1zr15FaOBqY-NY-oZU0Ezvz3hwAvwAWR1ZNpu20EYWDzQvAT6U4bUcmC4vwKLGbOrE6z80oifHhq5Q1CW97XoJRYlu0Lhl6gxQtd95FVTA9XdUEoiOuRjMUAR38PXClsn5EgelVfYmSvzelKLROI7qADIrQr3WPnct9ZKjZVKOn1CE9Iiul_8kVJWUieVdez9K3OZ_sKdQn45hvqE8CI7gB77k76LEA3wFnyP6Q2d47NZ1moW6MmEnKUwsW4kJMvUhD0xdTbhRv1IrrfxzO8kl-o6kkQVWw7t_25QZdgi9or4okdAVShXPKzpdWPPO3Yiw0oyxHytQxI4hltvYPBJ13eIc3HH4ATr_Gd0Gg2dz94ujll05ecSO2H3a0eK8W4Rh2cmo2Sd-1Gll2h8Z5wXRBBy3upAU1pZvV2dd_TBDIcwOTJgVppAF5oltrgZH6vMvMNdo&cid=CAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theenemy.com.br%2F&ds=l&xdt=1&iif=1&cor=14330109358231212000&adk=1964084971&idt=141&cac=0&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c241a80e068775b61202420a9f68548731a1368a75cdc6089acbec07156d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13877
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
783 B 44ms
35ms Ping
application/json 141.94.219.171
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.219.171 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy06.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.theenemy.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET

partner
sync.search.spotxchange.com/ Frame 789F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGnTw1ZwxbJZpYL8fJ_zQLI&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 789F 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame 789F 0
15 B 23ms
23ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNXN-2sc6GWVmvkRjoO7ikpat4687-DFuonF0Vkiuun2kG34ISc4aLoRXnVZb5cD0gpN0s0d4Aoe9Xo_7CBaEm9ipWg3l_kcwWN5YTNe53-HNIl51CySN3H1cRF4pG9ysmFEtpB8ezuk-JHh5G5SheyywERNeiBd2z9498w34a_drW_ctPo

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

partner
sync.search.spotxchange.com/ Frame 53E2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGnTw1ZwxbJZpYL8fJ_zQLI&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 53E2 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame 53E2 0
15 B 24ms
24ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKCEht4BMAE&v=APEucNUIa1wb6_bsJWrvpD7ABOfE1mezAGQe3Edp3xZntz-hHgUhvprhncNOW-upd4eEpjLERjpBPREdtIbq-U8lSwYkiQAcY9zvtECxyMTFIoiJtHzyxqJJS1zdF3IQVH2qs8W4O83yf9CpkKv5uXI017mWhwbQP52HfMW7hgRKBP_y0389iiA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D5D 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=424640310485&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D5D 0
20 B 56ms
55ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=424640310485&version=m202309260101&ct=77&x=1&cor=2051373236828092000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0D5D 20 KB
14 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8MR_SqjdxKsM3DvBcrcfZJqIh93CVkX1vSnKxFuBW2Y3m2yZM8wms3J9WxC1dgYXUZakWz0i4pTRTPad6c5BkEbRxPphFLdKr1XqaGR5bqDubcNhEw9VHbDsnhOcacQ1pZDgZJtKYywMQDevxVrsCSwj67T6OiDEYjJ0yJQSeM-TkuaU&cry=1&dbm_d=AKAmf-B4I7ivjiAjQleWM0lR6Pb5XcRhc0kiViSu7AzAPLgPKGbin8wvi9JilN5WnPBfS89AexdsgK5UwbHHabdGWVerYb2pptJZ3dKyOl9jh0hW9QLKcChpxMF8L06UmXNqRzIsZgyPUtt2CWbyBAAedEbO-ry2gd_xdLu26UzxAKVPnGNRoIaRzTg-NRi0RW7Yjnfh5c0tUDADilsohfp-HBuf0kym8GvCzCMNlOLvvSA66j4vzTviCyAxzzkCR3Y5Wq4SMw9WbYGwDItwL3ywK0aFB1Y0N-bXSCCsekDh2XMC97vY77J7yQ-5IoJk6zJwZW9VWnvLp1UKRPN15xBa7XsKRU2aGLdS9T6h_kirKBWbpHUg0PjpAWcZZSsFLNqoyPhVRYGRSuBd794Oz-etQ4nx0klbtZgls7pSrMz2XQz1hgh9CnHncPI-DDNjWPUbNxPC0uX22JN0M122X4JHJ0SD1ptf9ojVh9SMHMOLzgGkIPJjWZsY0PulQ6DQnfIMFHBU6RIOaR8ceyAeVI_UuJJCTP0WfVua0D5RjBI0i9eSFbhN3h0ohfLI9a1geAavS87r30EEJVm6u9NQ5mVK3LHKeZH56daWtxOivECWDlRXIeoDGRJ0sUgmjp_MMFNnH7vOFOYgG14OnWaAqbjha8u4q7E8JKkp7iPda0UCvZzm-QTPFOgYVC7FS9nLVwMj_YsY4FvQk-q69MOy2hTM8GT2k8S6Tmwt6RofJCOwhDNcLj7mP6YrZ5T1P1lmWJLxZcngion1dBL2zBuZTF5CRZbSkWpDVHuXgtGn6cijZiLzQfADkPxL0DXJQryL3xKZ9Wn_n7Znbd8Y6cQh56VkN6COk1EhlYDY93LyENPhzVsSGRT-JXbIJ65eOrO3jg70ooPD7GhO9wuxPXsBbIwG6CJm6kpRshfQhn0T8uGLrpPEmXZe0W9krRf5JwcbbN7dSHm63vLzQVuhRSwZF1jjrUIK9B4ubCjCBuA2bHvw7mMxG40_0W5s-vconk6F4UhMfeVFRe_zjiObc4P-WXdQC9AojGTkesQEhMLhHKBruPg3n67qoW9esLU1lReAYYCeSm7XF1YbpO_FkGkc72I_YZNZdvtLbQdBl2g0nyC9QytbRjNI1QHAgj0MkGQ9aV0fJl7ufF_4eNDQ2U8X-PEE_8PPPJbhYnSZMgLXAs5MzjZu3EDg0zxPfpd-tUWT5kYJ87Une8RMHyS71vJ008aXfLeffjPlYqC7U8oU9LSfS0gbInANU7Y9JloBrmeI1IzwjFuPcfZUyv2f04k3pTdAqOAYOdBCzt9vVskk8r7b8Vcmxfjzo9sO8SRX0LQfrX3eTiUjRXh9hrz7UuX7H0LM1iq9kvulOz_Du0a4GTJurCQq31VOeo__PiGkh74O0h3zWo0XnIKVn7oZ-ThkYaQjQPwMsHdEmOpMosEr2T9MUn3-DPWIbypK0qt0o1rip5X5ua7JGJkZKUrXbIzKkKYx2wBQBsJWjb5gAZ_HuidFx5m9fWC7rtnKj9rLPvhQ2yATNcMqquIXY7y8wZplMnq6ZgGavFx46U0gidDl-32unLA_-ZrL7qok3G4AprEcj_H58LlZ-IHmOMHFt2SgnUAuvj-nRYEMXXy9SWtqMqpONNv2nJI4f7mIdw9axwqEQbG8SSjD_DQrLPrAPfG-hAjNmIUtXCkTgJ0RIYEg-KM9WguN_Or4eU8H9kib4rxYkLk41bbZTwi6Gur-_8qFoYsKRI33aHPvkG8j5vj0x_QADkWm9RNDXtsXyaBxUFQ6jIYakWRkjIY_UUhDf3ejrd1ojjatp19bKu6Umfwzuxir8JOyfIvm-gFTp5BRHEsdx9E5a-YyFdzXlF50xrymK9cEUkBpuI1B-4QPbhU5IaZ3cf2ECmUBLs0WSS6gLeW1kY_X_-E2_AdBvgfjom-ZZ7Qdonb1ea77Q7oB-5HPGu-mpH4wMAANyFhXh7FLXF8ymEuaU3Qsic6OW4FGVqmXnG3PvP5QMn82VtzD_zebMs6rygFQGueq1C-v6ig3lBTdZy19p3ii7zG-KgwbMy5op3SFN-oWh3fX2eNGR0OaVmbw9Jf9HY2bprr25PQdSz5CfuyICBsesNNZFHWUpnJSX1ChCQ5UIwP48QkDE5jJXqX0--a6TyJP5T1ym2SIYLIejp0BmEC4HCHJWPTysTOMKr5u0eOl-XRGLXY39OLX0Lo3gavpEr6GDWL7NTG7elrxVHwavvaS3_uFsx0HAgoIUeb8I-ivrS8kCviuVes8Veeuc00W1HVAC8Iib6vRW2kybw92RPqj90dn3pjwX1CMjl5VzsH_G_eyvLS3iknSY1HOWi_dVmyBAB_ky1BDwtk6oeYJgqJ1ChyoxflE6m7wcNXrh8-h1rwZUWeReYXYAy9Rr61ZySqPt-MefiNrnxc6XdCrHkSwOeYBcFMG4JrswaMBi9MrvX7mkFH6oCEAD64kA9V57VxoGK33GHPapBTtvLA4ZrxMDBm7Aq8SYusoXTP-7bXCDUNZzBfPYkpBw7qtZvdq9clbK89dUBxdRvM6RJuBYyqqo9hPkgAVTVwo8KsQzS7yVoZRkolggPGBGh2xNeGHgvjcYQHBGZ_J5lnxsLhfbCZf25Vux7xU39gt0Xp1ZTpi0YVfGOvIWOmYyRDsQKhz1SyhbL7QcnK5X4rQRs3_Bjq4UUxCEXvaY5eg3CdM62ZrCZL9hpjPfHVTXVzpbyhC-t3xCIBsvgGIgmSO4qv-eMfqidPoOguYQRR-pO-YUd0nGz26PkIVF7OeInt2_Yoxbm7VR4kcvqmNrVX9k-7JWR8A58YKMYJWUh8l6jFP3q9EMn-zzoC0h5Q9J3E4vsfHcbvhvZs3h9xm6aesxXSMzBrY0Ytir8HiXn1a44PkP0pge7AbUqHABNFnXgTxI1lLB12GcjpmCo8DH72sKoZle5k6b5uxmv83xM-cSxSLrqDG_ivmFG5kU0mL_MVnEkmsucNz51_Rfyn1BCH3REgu9l9REldf8sxwXyaducS6zBkJzGYb7_ZbjHIZbAREjHx3XF4NeQOESAh3_lz59Izil62Qi5Pvc1-qEy916U2ltA6bU5jXtlQaItw41MmU9YODQfCOvJ92TFwpiHxBmAjS3wanxa61TJVMvr3h4gMaWDW0tcgFynrYgEwAWos80xZHQvT7LsTd8P0M2UgF2Cj1NiTfudHbbsjLUDu03ABRsospGF4Bc3cVXB3rG3tkJS0AvNl9DVzqOFKwzO9HX09uklbqNtvjLLaAhZ-wfBjzbJ9wlWR8GM9nYi_j2bNNRGQVlOaqQ_nQJ-mwm4C2XDHfyMCw6wQ0p8JxpddFo32Zt8gAx_ADG4XsnsiNfyRuViCrmAauy9VzHeOIwgoqxmv0DEaoeRunsuS4diWXxANIQM-3-0gTYYJxSvVt0dW2RbuHJky9gz7AtTGovbWJxfeRCmTfixRjFazYpKBRr_78HHkMtQZhKALe8seIRsiBvey-ZRf4Z8IIMdj2zTADCPGJT_Qhrk2d7ZSy-bXU4m05axT0ImX7Mzb32UxbyJMzMGMZarABk9T2YH1Yzjl9SrZG2OdZ184AO5FyqpMioupHo-hA7H6yVI9wobiCaKYZwpyT_ycg8MUv4vy1EmXoPG-Rn6nh95100AhSxp8qckjOVgrq1LPWLH1ll1VB-H-QN-0iXkHH6NEjIXR_0bzDB2Q1KzTt5LTazxygJG7o22mvvjiTPTqC-9RV0EYtA3TPIEsG5ysqx6FaKqGN_GZhv6PCIJ1jX8sa2Q5qVhvjJAcfaf8arbtDGGBJT32voQpiT4UTbZqejxKurnkfJQWsCDURqwuSIsvwV8HTI88-HHmCiryVVtPBNIIGhgJWU-XkP-pgs1mNiUGu6o6u_9DDsmO2UsCkb9hrj_C6z2J-VZs50ICVf5qfNMzZY5bU4ffAkm9mhn3YUKXPyCDFdr-lD2P-9Wt96OrMe6YbOr5VpJTPP7PkbfH0-C74u2__KX7_yMWpGSkuJK62JcL8gTZLTBYWGL0w1cqNjp0c4JFES8jyznpE6Eqqj2Lqi3_th6sFFQ4crZkbnTdzuSC2AZZf-4rvI9KWzjF5NxgcbNV6_mPSgu3E3uWGTaEhWhHIvqVsUXNufblTf5A&cid=CAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theenemy.com.br%2F&ds=l&xdt=1&iif=1&cor=2051373236828092000&adk=3047537734&idt=139&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ef3193705592a1b10edcbe136f417f1e582593c23b0f8dc823e3cbd7bb87db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13966
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0ACB 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4335187873312&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0ACB 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4335187873312&version=m202309260101&ct=76&x=1&cor=72798649850702800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0ACB 111 KB
42 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BO8CnRX6qulzN24mTyAiqH7eiu43JjkVqtSb5bR5rJE8hGAN7zctFDylBsFdM75qoUE5w6ay62sA5kNF_ha51YYYzQy6stDdanCN4x55tccx9STG-eIQ2iusUUjKgYH5J3TYPf-ZeY1VYWFrc8qXh8SjFj-IAwAdQfo0-HP6O0O1NvywY&dbm_d=AKAmf-DRQDxF7bPxDzhsX33es7Cu_8ABbvbaGxIhQEgdACkFh_r2-8UD1_Hx5_F94gSsc88YFiFSjTa1w56le2SMzJAH7KLanIpVQK252RCEQz2yCMRHwNbdn6PcZXONuEYKsYMo6mLhLffrYvVChr7aVilUI6q14AS91Tfeka8evIdIngVg_EdKXjzq_Xf1SoxHAg6oipoGHFsMbyMNlf-eTBV46oM5wQxKutzETkwhPsEASTzi0QsJBHn5yM-BILRzb6HAry5bN_OAfM0lHksgAhptk2OhxO6xjRgpabwUPgvoJvkDZtMe1ytiZiSbK_RXkW6P4s_3nQjakXwSvBvUg-WCAnCetW0dNKjqF6hGUmYlstTWbkmCUcQ-01nnWVxF-N8rZ0zGLC3UBbT8lj8AMJ3Bk9hx3IsLW_qdX-7Gx_UZ5a8RQ537IPlgprtxr2y-CNsQIYfEkC3078IfpY_9LXVXjfkVPA6sjFFzPAWa7LehicizRprszfpwfTNuMcmuOAnQv5L8rb6kWnihAaDGTDjSbQDc3Jd-EfDuxpTiPMV_Wg_6Hxl7mOANbEPv-XcBAJQANHfgO53NA-avkSzYyrKOS3_cOiH4TsIk5oJBfS2RSi6GnMRO4Zn5yQJDCCdXH-fdloxpo2JKtYGBVaAZS0sy4jLvBLupPStFXMjKeQjaQftrtEvpbDCRtqGTZWD11PYxiRLD1qM9_BbYRF6J-VdxDnrfsyewMrpbms8HmcXSnEKJGfVecCqgum3ygZBdto7zmsshqyabtyusSE5cxa-C0Z8xDejIXJUYbIfdBd4oelAj2Km20MbY7tHsmCUI87fWqDHB4E36p2LlIKeaMyZ57AIrMB94jB1QYE-OprSh639qA0o3NLbDgiSGPf1wYc4jVevEHsmHq97YiV0OimNQ4O2LOA-L7xID3EPT56Xn1zLOrKam1l1purczyAWbNrN2zKIPlmnMJg6-gJW7l5lXXrHaG6xOENgJ8Czv7NbK6OiyEuHVowmrp9tbcwHlT4qx_EV09YUVNcPOhvMSi5IIZxGJJG489D0mFXLbPKNfsS21aNtZ0S_IdfbSJDQ5vRk683hZSc71E59RAQe6kCbCZpkOOFavvnHDiysYLqlRL9zSc_ZnQxwbqWJfCRHJrFZ5nToCtzv0eblne3FWV2YVuuqI4qsxtRXlZCWsvuNuBHKppHuJr8G7976opztlcUw5jX7cQwbOOlkd2E-Jtf4fVu1amtg87trq5xSPfWosk5AyiPSGB0-8GYF_TwA_re3vsGgpxNd5QzFQmuJ1MnIYTpGG9wle4-9XhPtKskz1jm8rWdmCLR0Gwp9H6Sm1Scd_ZU1PtVKe1GKtSPqF6l3wtt10lMrjTOHwW_vaIXI-GsK19ecUxHfAgUVrDYbAuP8ETKjfcfg0Vl59RlFSVHF0T2QCn41fFxqw80pCMfKFX_YYjCJWlgtF9JOU27QuTT5Dd173XEpP2uqutwLbcqy902viyQanh_AT5Qot-ZjDP9kCBXX2IqgAKo5gENMUqV5x7liqLaZeHilR0ts6opZhCKTpnWXugvgDZ0LjmphW_0rnDvljBG-injjF6Awd3stj7OA9M5VFJoUXeLNU0QUEQdnXG-sUC1yd0Vq4pMa2Tc8ISiMT_6Lsn9HzjG60oadibrnG8uSVGHMECu1PfhJSj8yxWItb9Il1QC-X9crp8OKsSrdKmVhlpP7yp76dKNjI7f72kLji3LrABLL6LSc6vCvM-6zUyNvlAwRQUaArxzed7yvjIxUL2r5fCTb-de-Dc8OCPVKXTFh2SWETSmI2_OWQhmcQBmDkhH0NsEDAw0AbxJhu-4FUxiR0n5tF5hrqvCRyGvhAz4DgcOz1lPbIBlrtoFHB4yfpb0jz2VzAFkXJNZtKv4AwV9MQTbea4RnlcDPExsmylk3jeGFQgvmzcDijHS-QCDUhgIAPtzuphDf77GIHos8xNFE6zepkFSIf9rpHP3F6QHqwoFgwGwPGvJBTM3iw_EahkmMJMtOdT_dJicFBri5J1H2VPq-rjdvjHNhIGhzvQAAZZtLiYykF5DAUwS3MB8vETOo5QNkMzcgcqCOzE9JPhACmLAAXxRu0kBZR2rH5FEmh8V2K3tvki03fbCjrNqyyNMZsBv0mMqbXntOqniyBHAqD_l5ccPRE0oVNnYVcAqARtYUrz7gPvYOVjigOjmwFxRya6inO_mL1ixQ9UCyOBf9s9Pw5xT0RT8ZV60VOqcFlhyx1v8QYZ63DxnXx9VjVI8eutQ7ICpN27xFsRuu7cW_KOqJIGALrEjTvc-dtlwUjxNiXjmkOv5-wmoJ6osNTwMFZC0tEihVzkRuvd_4-uqlLLpmqlQZoUlw_fjMZ40G6W7aanOVQHhsOVvABRwEiGeSixBQUDNQlgZv5GfzrPn5ONn_8UlRBbWDvnsVDU_HWmUACs_T7yDbRzGgeEC-ZGojsjEKdmw3jLXpJxVcGBDNqN--71sa3hdx59nxxxoFnnRdF1t-Qjg9j9YSF5s8MOJcR-VGW97ns7tS2YHSNpkEKwUNZP-KIsGUtYKFzLQb62gQicnO7O8CgG-epTw2Yhnr0d4LoRTY7W4ubwQNPvOHsf19ihlY_xPx_xrkBx8_CSKI6T03nsOzfPCDPX7MWZetG0SeY88xce5YsmujvQr15AwRUUftClbQUMrWB_P0z63OhMV3EI1ZixQp7k_P64NHdS087lkShNb9DqyTu6rGXwk6RSk8P8W7_YjmAUwZ2aQAZ6YQIfvqvCuBk233JoUXIOoW3SSDAP3goNavY4NEj3yx62VE5Gbj0k88pJE43YNWQHaurDP1eFSE1l6Uv2yBJ84wORW_5R8uH2nU3l77GcnwjN75jlCjT_CJIobIfdomnVW6WLOKzZZH2qqr6oNpM7U858XayedgdU4eBgKED2DaqTAJ0d2zKsQzCWqIpTQ4rladdAzp8hhjCcbySSBZASEEGEkcbDaj4EOV2YV3dbmKreogkWEXy6p83Grxh5lRpde2oL11G2-GcAH4wS5_fyIrdmC1uYf9F1bqScSxPszvkN5lpMOYObStuGCQBEcHG5CtyUK7PRygeGjlkiCfgeAx7I98fzD5PazmqVniyL6CSAJP5S6y9-gt5KH6xfmUD2bc8S8XRJ6s0z4b25-UwiQusn3OE8LqoVVaZsQxRamZ6bfG0ZyzGNukOQsAymTliixnunXZPiWWfFWmckmqOtmNnWKsAe_JkN70iFYA0w-dr4inq3o60hJf_JWwgtuIQPaSIaMjDauQBnbqIl1mMCyw7dBeVZTx7OS2jHLVz856LXJ8Miksph0X6WMaIGrYxTBy6M3vxUO0kxvGcRnzpqDHmTiLBZ6-qFZiIgOGG-AlJyTdrykhWnm5kTBeGmvVHKV94ldMjLHBcL8wI2PKt__4VfM0Fh3miskeY4apN400Cvr6g-sUlfRpPyeSzM955JaqYIr1LVKL-gmFJazRHJPamGWy1XtYfsiczxfkU-WLrlEhy8dA7ee8U2zbINmXJfUIMDr4EBn-T8NbXEeUGt-K9aIxM_capulyb7K3fHf6NhBtrMBw19BKcmhWN-2CGmGly5HNlJkXKoxcqU1JySPwsEFwpqIrYAJlNYEA1JOsC-Hq9rVWlFZSVHsRszchzS5pnlcr6Lym0V5T_aPkwmi1gSvJxyBoV34h3kOTa5hufOdAPONtIx5pz_sn_YEIRYNrFo2pjuPRVHnQNLvjM65bsdynzbbkbnVes0AX9cY9pxjT6CVvo-gztZDDGdd1voH-wvlbVv7mTnQwcoqvX0C88CVQ9XJxnFfVkB2SN1uyWUiDS5x59ACj-ErPT20b-gT1V4YYLzHFhRcB5rnAjUs5oRmE-utkcadgGCbNzD-r01DOht-jGIvNauq0nnUDWYU9jfiIdwkvUzMC41P9scvBTy1EvsGCg1uf7RY-2bC1IXj2djXIyynicyixxSwmbpFR0fqky1cvCgcDp-H6nxXInyVSSMBp1DvaiVIV8w6d05pqUrrTiKW0mqT5YsugVs96JX3_hBcj-ccUnzqIHpDBZOTG806o3M4DKldeu2fJhdLbO43HjkdyRQMjDQnIKHKSiNFOZx_eHo2HBJofTh2x5c06h-TRDRTjBgGWLigYJI6QfR6zk&cid=CAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theenemy.com.br%2F&ds=l&xdt=1&iif=1&cor=72798649850702800&adk=2228999114&idt=144&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abfba5cf35c3d48b14cfd092b6280dd4b0be6032087932f0eb81678c915b1cf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42815
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 548D 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7255359214160&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 548D 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7255359214160&version=m202309260101&ct=119&x=1&cor=11276397166074057000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 548D 91 KB
38 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COnI-gPl5gyavMksmIg-Flg7naJ5HLEg83Kdl2KuUHg9VnNZV_mVXbSN3EcPMNrZWU-yltDztYvTveiM5VPtqxyboSXJMK2fXwaukv20pXxLVdrRjYT_hx_4xOYAvp1kRt2cD55V4aEYSKNjDTntQNmdUb-LfJVbRraT-gtrewueJRcD8&cry=1&dbm_d=AKAmf-DNlYOPW-bY-bvEFvy0V5ax1zBWThqj7Jmt7RPlYP5wE0RZESP3zvX1dCbsVTMaRkSz-hXBbwzzfmTkDahP5V5uvw8QjeqKOc1hItuqPifZWwqlv9wUouwprcaVswhsEZtYga456WRi2vcpIRpnXRNHP4M70j_iXcMPVHOKROBf7zqVuwvc1boIylYm-qkFzdr-L8VKPTrBFW5abran1ctRaI9n3QD49VJk2spqRwdk6ngao-MWxm1SRKiKpKoXLHTXJvE4eBUnG_lr2lirPHdwfdJcK51UsWPrPxqfKCuE0ezQz_IQqRNZvo2VRDRMgEBQYJDbEsCm27fwVFZ5kxOLYpIV3m4yc0Y2Y6X99mRydPcJBri7YlaM4fd9OIVQB0kQAYLIJSyq3hE66d4-0OYLXh0GUA9_VQObIa58dlJ8nMxSb6EduiZwuYCln0wymJ_j9j4DZLMVAvr2VokpAeR-trPE231FeYNN7ezQqNLh27zvL1wuHpFCXsYDXu4Yrqa0aQGY00HJuQF2I1exXFIkjzXnxLrVZGS-Oe01dpS1_JUWERc7UczLuvC3_LW9KTNmZKcEt4Pah7CrYk5lpQWKV-51EIfwfOp3Ptp-dGebgQ8JPOxko2B-1hwjzCBtlv5e29YWVYu3znwbaXnAsgtr7roTO9v9TOJWRIO7HjmR0snVRPqWnqbRqytK5u2RVIbT5mSw0Hx9qEtOPOZC-g1l2jD7DsEgVPpi8BzCmEqM4j07FX49HL6aIcwc5Tp-Z2osG6UAGltRjuuKWl1ISy_hq7w0USmgypDb43ZULkgrPYeSH0Ob880orCp-ocfZBX2nt4r7qDQgULzLYlpSn9g4Q4_iOHr-MjjtS4f2GyxUiBMtuQI7v8weM55DfnTuU6DlYPuQZwRfDedbfTDsAwDY3zMk1oDdME3WBowlPifja3Yc-h0LY5tMU1KEoMIyw6OT8kNMyP80bBDnzEgMoGBh7cQRiFrw5SfqcwioOf9D6sicozDi3QBM8AcAsgYuIPzswP6xEDtN5718gvJ6_XcoqLP2WixtaP_6BWDIqukpEOJy0lAcKNi3NK8sZLdJhWIehilOoLZukNsrEFiBjcIQxAinsf5WynqFCmU2fm-XkzNO-J-nDGSf021bkE7aLPOAMEuSn5H6-w03csTERu3AzXPkAmw9UyySxWO6NbpIo9QEWmKKRi3UxmH-Z9eFaUBcH8oiFsxRbX_boKGYnmEn6uOSzQOcmx5UQLNMZEEug8VvjhpB-GA4n6o6IMld1RJgXjV63PWrik9u1LFDq4WoAuFgvWZL5luvD3WdcYUJ4sWWyyKHa6Vta5qO5dnCDqV71rRsV5-lUiOkHv4wp7AltU6DaQHqPwRwgoEHccV4A7KnHTgfEOPdfCieQp81zGPhYwu4IE4xa1tGUKu0XPMn2oYBQTb3duTayoO0TrakRHfD2aqlr8DdjszS9uhuW_FkrCwdPYqGjUW9bvbkf458np_oe76Nw2v2VMwdcr8NL6bBV0BCxH_Qdc68iB4khHVcfaucXXhU00SPk3y0aPUOxAa9lABI18C0klopz-sY8pVdiTVLbrSM56uaS90vZer9DJyqy3N3ctj2abNFDff0bYCmslX0uP1LwGBUzA8XUZy4iEoP29r2_V_4b1ITjQkOepvRp8D1uyA19jKuLTJhjjErq-Yza2wKUQQLwMWfChtnAj6UOrB9Ihkvepbwgb1OxNMB0Ev0AlcRm4KyN_bC5_DULOoi0tOZwC4M-VifGRziYDYezlrmTEcFaC3cdr6EqiWxfz8ANcSToeaEppD0rhPqcg_QynBFnUUxD5vB8H8ljNYa-wWt12u1BhLptRe6_6WyDsfLPLpIXO16x5ZpIyPeZdMefOXhmA5ucwXpPcfxV4G9HKZuzxKCKKvw42d01M1h6GF4PgFA9ac8yUDtT5th5FvdByevOQXz_IPnikml7OvzFYuDcOBPgiDxEEUpRksJ3M1v9RUQ02hdu_h9aj6E0u8susuSKft4BPznu8k5-L8jbKIwfePaUjVxx-fw3EZ4W0gLFD7SbQETUzmQlFJbUXNnwAM7IIApIAaMMNxovh59Ry8-6C223rjw3Gr9yK2NVhsB-0DhhCeCH0cwWL8T5XmGTwfZB9GMlmTCsatM1sC2XF8gpCxulwsjTrly18XEhwHPYqBRP5bqn56bn4-usHln7WAWw-bGWJNk4mRoSiE8eJbV34DBz3wlQZYU9XUn-v0eemPsvw17dObqg33-AW27unLMwGQ3Y5SSq-FPO5veIEO7IcjqHZLYS6p5fp-54RlSwrerVfOSLKqlO0juTi-n707C1NZW3hw17h2aOdFEqizjM-qaQGU200JztWPX3v3dfJsMbXMC_kG75GH3PwrbW9T3FJyuuQdv6gyL4V4DInI5s_kBdZT3uZt1qIc4NRrYyu65bUGaNhKggtg7mFbKgs85dyu8Ns7mcvnHHC9znbLrzPvB6v8kgOXXVYTf4UPVFrLXcKgk2hMtlltaWfKiwk5h9Q6fqb107Pl1gZsR959u6kJzhx6RaIhYrfzEGXlfXkt2uACLT5JUidX5Xl7qw_k5h7CA1DsVmbDqDF6ywesnpzluuGLGcEU3u9_H5cmLlQdc5eTkobuBNx0WLd60GoMvNgqelsmy8rF3Un6ylFysIOaluqiqiX1hI5wBm7YT5q1eGhNBP4CEq37QhsdKIAKF6XvsbcnabG5KQKs01iXYiPlJUIlkMZJ5dS3uIQ5tYL1ghtSigFPapidA5xvymJwvzBINiVKEhbIBExwDw3TyxW0xfSAMhc2pSD8gTFMf8Fnsth-jKBamWV8GrotXeH6IJwLsUdN0LAggMJ-x3lRKuq7q1CL0Pc48fxrliAqr6efJ1I2IZ9seLmdjgRu2CNcXqI9_BjmIM6FRK-vMgaAw_7_cd88Ku6Y-Iqwtec_1xlsoy6hliPa6ZohjUrVpvUqHY1xLCJgkMYDcG3AnPNaJmLU_i13hjHvPBTtAmL7lst7i7yWeIOEztV_UJSw6lcLtlKzP3WwKZH0tiMgCwhIHWxZ6yf7iAk7Rsd8_-B6n048h0RpXHPj6-q_bZX0SXMWciobLgX1xZrSkHsrjSPogilRiyrkUDzO1GrrW3Pn2DfFrPr5-pwBaraZlXhpTHXkejLvTlJjMh_WqFPXfTufezPiZbJQ9FyvqmvBIkNTelXmbLGUcDtlsDRx5rKRekmL_0BExGOj9rxXTzkmwSLyi6o3yuiIE8tf7oGZ2QpEsQp0UoCPIb1dv0q43yZE4Amet4saGZaLZU1FuocJzyDg8e03W4WKZM-ZBtwdesj4ENCq3PWti-4vVqVQNUykEC6f02bSxT6OWTRoZBsx9tfCHE7aRsig2CaC4ItflHT5cF7DeZS0Zz0SPcmP0KXdSTIwUsxi3OVo1Y5FD19BVXkpZngWroqQeaoPjO-TeizrzWbMUOjwwLQ75PqWKWWO69oZKdmzzUZ-XIWDmH1Ny-fsc1e81ftYa9vrWXnGS2cYc6rjk7iwka6t8NFUvwceH2I2Qj67DhhqGPstAC2q6DjgZkicbbUPEstpYRV3we7Gad1R6NxyQzAh3M_6_7-YLB-IaradwEnnT9_-6pCsIOuZFNxj9PtEE9nfsI0wjQTc1VsTbN6fSftB__w50QQBzIGl47gkmMOFsFMqnUGpXoiD25MmIGa0gnUUwQ5vogci5_hyrFNCG3zwaimFaB_EzOD91opLgHCllbWujEqRdcgyJ_m7aN9zq7PhKybOisGxYafy-mch4Cmbzmzy9wJqG5Jn5DOcbnga2eZtAIfClbITJsIpCOnhFd3MVx6NU1T0DBlXafTks6sgF9BkmQRm4nbkzZ4aqebbshjoOkLnR_hDJskuXEAi320q9QXSPkEl9ErR3BO2ff_mscYgA2-ii61msf2plYSJkW39Nz5Bzq41FF_KkeNPUkwULO_wnUFksBjybmNm5J8mWrQgtiC7X4aS52pIhPcXY9tA6xWly45_n__s1QCvW8NLGmoU0PyHevKEZl7s0VGHFhUWNLd5c5KbIRkAv06Yd8a8gKzRQ8VsgBXAi3XdDzVd13mrn9ON3W5EVZv_qzPCtrWfqUp3Yw0mNWR4yGYVv9IZrTUCixjoZQZLgfjQH9A5x4y3DgHbJCBb-XCcp-Dz-YVTvUtVPO7nqs9Qwou2dj0OfGzbrlyQ4OjlNr5VBCBGUvt3LdhFREYMDYYXn_TfQTyht0cF_vxhId0K6sDgTOnwgMMKE07ldlyqbAc4m_xQkH1aOxRc7Qhy5D57_4Mlg-1aTZofho3Vgzk-gv1oM4kPa1pW6gbmlDNtavXxxwpkeTMpPpDQxG9Qis6u10pTwutI5Lw-1Cv4qWhHpWhZmdhrto_vFYP4GgleFKs6_YjhGg9BfCcdFe9R5LDkRzgIJXqxjGFVv_xklhmblCuIsob5_m-G3tzT66N79s0bwjEgKhieekAp6bWRLTZqAEb_WRWFSGcNkzooZ6eWBeHTzKW_nLQ0Unq9I4eznXACFWEJciJTE&cid=CAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theenemy.com.br%2F&ds=l&xdt=1&iif=1&cor=11276397166074057000&adk=2857193499&idt=134&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a6ab8b2b8809f2ea0712eff127fc60ac3c785a8d8602a18e25106a49a69ee6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38859
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 219F 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-ZWFfOLVIOlzxAPINJLoNa7bF-LUJAbuCjInYDAkprlQJ_nIP6knbnI11gii1RTY6PVl1q47qOgrRHDSnHjZnl212oPHkZfaLx3niRycZKNTMbZqhykKb0Bi2UtJRRzQoAIswRp3pWtPiDpIXtmG0O5qlyH5lUO-0RbWEKFWnyPUtIxQ&cry=1&dbm_d=AKAmf-AmfMvFCITjDZ4iggHLDkUKJwHDe2ClExDeMghztJNEQ8bwr4sBibCDvHYhcUxVXIV0rMUZPotpEFWxRKpslcUPwU31_3L--r59bEVlPR2F27IpRgiEQj03pOuVui8dCL2JIA0mC8my0MLJNjzzeiwkbHGmOQCHz_14CyZ0zyauz3B6w3yOEqJaV6ozSD2-wAcenKiy0RZheW-ema_7tV6r1odqd6fUACUrVSBrA997HwjpOWV_cZ6ubLEMfJUThzAqRTHu4K3LkBYiJ5K5btaNIDiyustVrp-_OmTxxVha5GCrYlJ--8qfPrLg8KHqzLFzV9jEEHXBS5LVpjH6DdTxtSK-RZvfuZm7-KX8R5dvaHsEGHNTHP0O5VyC_ZJkNCi7n7s5a8C-BYBuVFV0A7xo_pbq8LZ0CCiHalB1qFgbc0IbSlYkr80DkRPoNdaSA_1MhcEv7PtNdhb_EiSWPQTXizyLOurl3R8hkphxOpaBezIRgoBp7FLWE7ccC5NoPIUTBRNx8vLc9BiCgkV6fOEA2IpDNduvVv8xDkSrupSACTc_eqmJLv6KKOOvVXG5UBfo0TlJQLBaMtY3lFL_nJgbuC8wMpTArJjQSof_tMBh9Jxz50duJimWFYrcmgoGXM6CRNGUoUJjGNLtI3gE6TaDELLlb0MlEqEj-qHDedI9BRO7hz2_db73Cv5O03DiXkgBHEmlxXGNVyONoNOxZ9hxJLqOiPYXCV2xXd6vZU7wWhs15FFDjXOH8XZ_44lOOKhXfAxYjFEfmMv3XXcrax0799JNqzvYH68gr2KSsFnx4eCg1JZriLkQxjYlkoUqvkvtq0vIX9KbpyCLRpNtnTGNpjOdnL0csLZHfdYMctMw3olC391K_pKPOMycR-YdtTJvDlTt2T3gagxhUcqTf1f3VRXTV__evZF1BZkRvzWkwTnQCeRTSj4R7CCflhKoIbAqJ396jeV2zSbBO1yzTW2cjPi9AhBiqYEu3HcPf2OaNwlRz5ndjlnswtKAsH921DpDWYzoeFL_h-ksNhQGys2OiGCiuclcz38xixkIhWS3ZPksXC_4MgLd5-yemTLRxrxgj5eDch63NVtI0WQu8Kh8XmLAs6zZr97TZt4OPLPTsDch7lpuSmgZtrnwvvYLr_ZlP1VEzP2U7sx4voXFfTHpGtHXakewzNvPAHPsKSIWs_tCYUF9ZpRSXqaBdC5J_wDh2trn9HQWeucf24QqKNTtR1gZ0QYkeaTE15P1nJwLqRRGnMqQQ-UiM8Fm7wUjtFYlgNPf81K7wlev-m0eJLK7PTzaqTpZNC9DpxiRGs1euSx-6Q0qdbHl9zuKxed4y3RV8TQuGIJ4v6gBVBlYCdYDpTT5PDj3mnS9xt0yGW962xkvhEYGrPnX0Q7K7wOEBpBOS4rPXCASEI6i2Npd5L3FK-yhL1u8HgU7m2Rfsm-Ng_3ki2299TPlMIGvwHyqQXd4rVvVwYzSxvyzXBapemQZcEPnsZU_CbIVV7AlQbFJ2UNU44aO05RdAZfxPDmbvjzIn2kmT_fBMdAm4OWNwU9MGtvyPk8of231Xu7BCEzYTME1bqaN6AMlv0QxZCrJ4XSd8yUg9d9wgrjNZshXsIuP5GoG41_Is-7ArOn1BwWJJQiUP9mksMiK--SnYuaHdraa3k_mBRnTR67suaI_IaUxvlbqxtGWcjCKH7Avfl0heDfVe1uQ0qGD_sYSczK9-BIPy6S1e5yNiHDscTM1a2O9TYj4aVhGVhvTlJzePfX9HNmqXTbLEgegsIbzHtzzpqrDAP003RzcwqOY_wlzhSNGJoUML0VFxVWyI5XbOmu-oRAhMwhYxltTY2duGrRdzYvjVEqaicZcZv2d48SXGCjxABCiIG1ETAUXCAB9edwgGXtD67VZUZnemuNpfNGj9IZoCEz1ZqnRU3giZZo-FJN_2-lGEj__4-t4pR_rp2HoDYZaFoZWOztpA1GuypbVcgfkEcP2rK1ZKX0IbmCmZvsW84zO4JenznnGG25ryDji6NSPpPxOP_XmAjM6DaGroioUBjuPUJLo7SXXqDy7bUkN6vrUquwE81X9b8R2w6RM1mqZoWinQzY3Ta1fPODJ-XcYnsQyJVcGINVYU6G6birjVq1ICbrVf53d9tI7CHXWj7Cg4m--GVXfHTBVrCC_25HUArITofTmXERZ7H2RGlCecp8mOM5wElQYQ5GP2Ys018ZzHlUAjUoMHxOhTKrJl5820-vWyKDjhsarHvnZEZ9PHNJp-E3xRW4uHNs75og7cM7PqvD-DSQ7KHpPFMdo1_FVSxDXdGyFQcLPQ2Sh86qGVWb2pvHr6Yx9RO1PiB_CVAGsq511U0pGwTFymVcq2H7vtMEkZYWzQi0fpGdkyTYLpObe-9oRLBy-S_jfPp0En40MkAl7QfyIdr9VoKgmfN2H00kpJoTajEZtaH2hDI0_gqbtMBeGiioJAGmKuziykKOo2lBXYQJeuqJ79EvLzmTeV_EOM_76B_J-vi7JubKvsfAY9O0IiJca6k6S13RFoOXWDZBfs5pS4OlsC7yvSNvoCF1GG3zcyRvcoCi2H6k53FCMNREZIT-1Wp5uo_KzWsNWYahyCFeeqfyu87xKmLea1F_1_TDvTD8fJINfdsVyNwqjHJBLomMSclaR6QyzQj3AjgJZ-AJtd_nEO3vQ2DwRdO1vn8IOkQETixzpATFNkPpa7xNdLWHnFh61e5ITmDS4LRQEQoGJyLgqQcw451RJBuGmT8F4fOfylozbvXbdsj718D8drvH7B6dj00eItRpYfaneztCj0DIvW9Cn7OSc0Cqkg9weSZCRTO39_YUufBK4QXmxbLD_IokFHA4DCutOOUXz3iZXboXL_NBZfbnkKE07iE1TFm7WJ4ONMy4XzzbV22G_zS84irLPI-IM9T-68TBQsxW9HIy7D-tk7MAZcSu147SnAbx1W-oJrD9jZXwYb6LvnerAweV7b_Wo5_9OfVe_WNSMs4mm1MGvoquL5leys8uqTYn4vGpkY678u-w8j_ngnlekYx7F3gmh8wUNyoCLJIGMXBQuqRu1XRWTZbfUqn50GaTX2jGmYyRqv5lO7HaZsTRgE9z21zQ0QkSujrzwhlnCFobxItjk4_rtVVAc5At7ziOAR53Uqh4e7giuvwvaSjqYbICGcdPfoRrzql6iI7DBQrtEmNsQc6VJ244MixUw_eWK6vBTPUrcjcOlJuzZ99FdxamMZiZ1i3ewU2DgmPqvog-gTZC7cIR3RzADOtxsW_31p1m2x-qWlvtFNaRboXMaFQocUdC1QmfXT5kq80wolsyncYGw9agj7WbUU-NxyUDZHR-2R-EiAMSohuKhBUpWaksoNC3Jn1JB34GPqUrfC6zxtJBg2KwKWfXDtlI5_CtBwH5brCRUY_k8uF6Wl7dIW8kKtKdBQsNVsFuPDoF972mfwJ9-OOnvYtZlxqu7lxFxX85HD57ymberkgAlLYeJLWfq7oe_8KzaZy7NXtSskH9OTCziuzBB1NdtluafvAwsTrF4XtY9LrJN0ULUvyxsozeR9CKesf_kil0QhRoimEATUDfVrHftFu10Zc3DIsVa1sQ3vZ4E_vtlYt4gZrJzmMGn_us1NZHjctpEQUmISBCPoh9rbRQYwKZ4XZA1uZ0No8EtOoIP_fwNZ4cwYcT3tfjiyJGye1zr15FaOBqY-NY-oZU0Ezvz3hwAvwAWR1ZNpu20EYWDzQvAT6U4bUcmC4vwKLGbOrE6z80oifHhq5Q1CW97XoJRYlu0Lhl6gxQtd95FVTA9XdUEoiOuRjMUAR38PXClsn5EgelVfYmSvzelKLROI7qADIrQr3WPnct9ZKjZVKOn1CE9Iiul_8kVJWUieVdez9K3OZ_sKdQn45hvqE8CI7gB77k76LEA3wFnyP6Q2d47NZ1moW6MmEnKUwsW4kJMvUhD0xdTbhRv1IrrfxzO8kl-o6kkQVWw7t_25QZdgi9or4okdAVShXPKzpdWPPO3Yiw0oyxHytQxI4hltvYPBJ13eIc3HH4ATr_Gd0Gg2dz94ujll05ecSO2H3a0eK8W4Rh2cmo2Sd-1Gll2h8Z5wXRBBy3upAU1pZvV2dd_TBDIcwOTJgVppAF5oltrgZH6vMvMNdo&cid=CAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theenemy.com.br%2F&ds=l&xdt=1&iif=1&cor=14330109358231212000&adk=1964084971&idt=141&cac=0&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 586822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjA0MDczMDc4MDQzNwogIHNlcnZlcl9pcDogMTM5Nzg4NzQzCiAgcHJvY2Vzc19pZDogMzY5MTY5NTczMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 219F 0
867 B 120ms
61ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjA0MDczMDc4MDQzNwogIHNlcnZlcl9pcDogMTM5Nzg4NzQzCiAgcHJvY2Vzc19pZDogMzY5MTY5NTczMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMjA0MzgwNDc1MjU5OTAyNTkyNgpkZWJ1Z19rZXk6IDkzNDQ3NDI1NDYxMDgwOTM0NjQKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTA4IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIzMzQxNTEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwNTY2NAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xf4cbdbb8ea70e6e90000000000000000","13":"0xe172d6c0703af0c20000000000000000","14":"0xa59dcb1530a9695b0000000000000000","15":"0x10c0fd9544cd00b00000000000000000"},"debug_key":"9344742546108093464","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"12043804752599025926"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vjdy8w6hewcq Show response
hal9000.redintelligence.net/zone/ Frame 219F 12 KB
4 KB 90ms
28ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/vjdy8w6hewcq?subid=&gdpr=&gdpr_consent=&rnd=1702040729707293&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu8lwmRRzZd2VK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0AyIJtCtVB9Qjwu-p29_Nhj27pBXHosV7PGRZy9idDqnDfvaJA_VDXNB4GTuRB6KaJsxx0Vx6fBu1iZ958YXbWLWJsFmOfPIz9QHuZ6YSFKqD29ADQXRrbxFzx2kpWV6fdqnR4PzWIrr5OJYoC-ofwDNEzz7Z27Jg7ATAVGMkwPERfd2bTEZdlA78dG9pheilHb7lZfzxLN6IZO53T7nomVabl3hM9xHi27GoakNED-h7MJBJAjQagZ8j-y-PTmaigkXNXmiOjivzL0BXGpFG1CxSPipKwVYhqCajqKKmQudcEdj6zMuHkHy-rJ61tqqYuera_B3v_P1z2eP1xBV3ZQaT-leDRaWcc_HyRwuNXF5e14argBSOe0S-IT4SYaE_-5zhZRX0cAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIp_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_05Y94UlYrgkMStRBv1neiKUbc5Ng%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BEG6qTYIrbVp8y9ujXFbM1y5r-4TnLlz0Nfznoqih2VM0jJDizwNFya05cXtYgl994oYC1n9eGt5mzyoJknrP5GSv-0LRK6zxv75ss5bGZ25jL3eYwYmtLC3ryGbaJg5IAiTnc4UDvX7jop2R9SRzojR_BUzaI1HYBOARJEXsOTY9yZqU%26cry%3D1%26dbm_d%3DAKAmf-DS2ggjLYJnSI3UDBbmtXg3BbTcfhVgS4rr9kuf40eIedeIxo6_55JUsmiKk9rARSF-1b9X2yO_-NSn1VGMEs_R4FVO0-LDOz9j5y2FYCQOzI9HFeslmbcyPwNAMK2fDefREYup_I0CT7vzp5mu00wvqRs3Vm-nMUWRifz1WwumweeQJqUGsgKye0G1nEB1UldwFeWd2gSeJPJJ7TMY6dLJ5iq40z1FsO5kV0G-OTQaJwcQoeCDekGp1Wnpmds-v9705Xk-VzrQiYudpSOx5mq3oyI1zovW4sLoa4CLuHdY7aDzGsbf2nMVt4Rx87QBsUEsN6XiuAca23mcsrPdh-4pHGHjo_u7LOqtXJZuR1XXvnMKTSvUkMOu0qy2qwOzMeuLMK52D8PE5C_whXCbRDT2TZoaHm6kN3bF8XT-BqE6Yx2akZ7DDM-eXJRm5wutfYMO5gNNrGzveLO41-6in87mUktyYDHf5ED_s47LLD903tsq9Op3Tv9_aKaMmGiBOM0t0bTYHS3zkbbLSJ-agQ7EWGEtCIrKdZXbNfnXK7RfiEw8SY4%26adurl%3D
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: c6ffa639aec681bb7483858ef4a666162550cb9bb3b1d511965dfd30cbd6c441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4246
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D6E0 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 273245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:11:25 GMT
expires: Wed, 04 Dec 2024 09:11:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame D6E0 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 12:50:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D5D 41 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8MR_SqjdxKsM3DvBcrcfZJqIh93CVkX1vSnKxFuBW2Y3m2yZM8wms3J9WxC1dgYXUZakWz0i4pTRTPad6c5BkEbRxPphFLdKr1XqaGR5bqDubcNhEw9VHbDsnhOcacQ1pZDgZJtKYywMQDevxVrsCSwj67T6OiDEYjJ0yJQSeM-TkuaU&cry=1&dbm_d=AKAmf-B4I7ivjiAjQleWM0lR6Pb5XcRhc0kiViSu7AzAPLgPKGbin8wvi9JilN5WnPBfS89AexdsgK5UwbHHabdGWVerYb2pptJZ3dKyOl9jh0hW9QLKcChpxMF8L06UmXNqRzIsZgyPUtt2CWbyBAAedEbO-ry2gd_xdLu26UzxAKVPnGNRoIaRzTg-NRi0RW7Yjnfh5c0tUDADilsohfp-HBuf0kym8GvCzCMNlOLvvSA66j4vzTviCyAxzzkCR3Y5Wq4SMw9WbYGwDItwL3ywK0aFB1Y0N-bXSCCsekDh2XMC97vY77J7yQ-5IoJk6zJwZW9VWnvLp1UKRPN15xBa7XsKRU2aGLdS9T6h_kirKBWbpHUg0PjpAWcZZSsFLNqoyPhVRYGRSuBd794Oz-etQ4nx0klbtZgls7pSrMz2XQz1hgh9CnHncPI-DDNjWPUbNxPC0uX22JN0M122X4JHJ0SD1ptf9ojVh9SMHMOLzgGkIPJjWZsY0PulQ6DQnfIMFHBU6RIOaR8ceyAeVI_UuJJCTP0WfVua0D5RjBI0i9eSFbhN3h0ohfLI9a1geAavS87r30EEJVm6u9NQ5mVK3LHKeZH56daWtxOivECWDlRXIeoDGRJ0sUgmjp_MMFNnH7vOFOYgG14OnWaAqbjha8u4q7E8JKkp7iPda0UCvZzm-QTPFOgYVC7FS9nLVwMj_YsY4FvQk-q69MOy2hTM8GT2k8S6Tmwt6RofJCOwhDNcLj7mP6YrZ5T1P1lmWJLxZcngion1dBL2zBuZTF5CRZbSkWpDVHuXgtGn6cijZiLzQfADkPxL0DXJQryL3xKZ9Wn_n7Znbd8Y6cQh56VkN6COk1EhlYDY93LyENPhzVsSGRT-JXbIJ65eOrO3jg70ooPD7GhO9wuxPXsBbIwG6CJm6kpRshfQhn0T8uGLrpPEmXZe0W9krRf5JwcbbN7dSHm63vLzQVuhRSwZF1jjrUIK9B4ubCjCBuA2bHvw7mMxG40_0W5s-vconk6F4UhMfeVFRe_zjiObc4P-WXdQC9AojGTkesQEhMLhHKBruPg3n67qoW9esLU1lReAYYCeSm7XF1YbpO_FkGkc72I_YZNZdvtLbQdBl2g0nyC9QytbRjNI1QHAgj0MkGQ9aV0fJl7ufF_4eNDQ2U8X-PEE_8PPPJbhYnSZMgLXAs5MzjZu3EDg0zxPfpd-tUWT5kYJ87Une8RMHyS71vJ008aXfLeffjPlYqC7U8oU9LSfS0gbInANU7Y9JloBrmeI1IzwjFuPcfZUyv2f04k3pTdAqOAYOdBCzt9vVskk8r7b8Vcmxfjzo9sO8SRX0LQfrX3eTiUjRXh9hrz7UuX7H0LM1iq9kvulOz_Du0a4GTJurCQq31VOeo__PiGkh74O0h3zWo0XnIKVn7oZ-ThkYaQjQPwMsHdEmOpMosEr2T9MUn3-DPWIbypK0qt0o1rip5X5ua7JGJkZKUrXbIzKkKYx2wBQBsJWjb5gAZ_HuidFx5m9fWC7rtnKj9rLPvhQ2yATNcMqquIXY7y8wZplMnq6ZgGavFx46U0gidDl-32unLA_-ZrL7qok3G4AprEcj_H58LlZ-IHmOMHFt2SgnUAuvj-nRYEMXXy9SWtqMqpONNv2nJI4f7mIdw9axwqEQbG8SSjD_DQrLPrAPfG-hAjNmIUtXCkTgJ0RIYEg-KM9WguN_Or4eU8H9kib4rxYkLk41bbZTwi6Gur-_8qFoYsKRI33aHPvkG8j5vj0x_QADkWm9RNDXtsXyaBxUFQ6jIYakWRkjIY_UUhDf3ejrd1ojjatp19bKu6Umfwzuxir8JOyfIvm-gFTp5BRHEsdx9E5a-YyFdzXlF50xrymK9cEUkBpuI1B-4QPbhU5IaZ3cf2ECmUBLs0WSS6gLeW1kY_X_-E2_AdBvgfjom-ZZ7Qdonb1ea77Q7oB-5HPGu-mpH4wMAANyFhXh7FLXF8ymEuaU3Qsic6OW4FGVqmXnG3PvP5QMn82VtzD_zebMs6rygFQGueq1C-v6ig3lBTdZy19p3ii7zG-KgwbMy5op3SFN-oWh3fX2eNGR0OaVmbw9Jf9HY2bprr25PQdSz5CfuyICBsesNNZFHWUpnJSX1ChCQ5UIwP48QkDE5jJXqX0--a6TyJP5T1ym2SIYLIejp0BmEC4HCHJWPTysTOMKr5u0eOl-XRGLXY39OLX0Lo3gavpEr6GDWL7NTG7elrxVHwavvaS3_uFsx0HAgoIUeb8I-ivrS8kCviuVes8Veeuc00W1HVAC8Iib6vRW2kybw92RPqj90dn3pjwX1CMjl5VzsH_G_eyvLS3iknSY1HOWi_dVmyBAB_ky1BDwtk6oeYJgqJ1ChyoxflE6m7wcNXrh8-h1rwZUWeReYXYAy9Rr61ZySqPt-MefiNrnxc6XdCrHkSwOeYBcFMG4JrswaMBi9MrvX7mkFH6oCEAD64kA9V57VxoGK33GHPapBTtvLA4ZrxMDBm7Aq8SYusoXTP-7bXCDUNZzBfPYkpBw7qtZvdq9clbK89dUBxdRvM6RJuBYyqqo9hPkgAVTVwo8KsQzS7yVoZRkolggPGBGh2xNeGHgvjcYQHBGZ_J5lnxsLhfbCZf25Vux7xU39gt0Xp1ZTpi0YVfGOvIWOmYyRDsQKhz1SyhbL7QcnK5X4rQRs3_Bjq4UUxCEXvaY5eg3CdM62ZrCZL9hpjPfHVTXVzpbyhC-t3xCIBsvgGIgmSO4qv-eMfqidPoOguYQRR-pO-YUd0nGz26PkIVF7OeInt2_Yoxbm7VR4kcvqmNrVX9k-7JWR8A58YKMYJWUh8l6jFP3q9EMn-zzoC0h5Q9J3E4vsfHcbvhvZs3h9xm6aesxXSMzBrY0Ytir8HiXn1a44PkP0pge7AbUqHABNFnXgTxI1lLB12GcjpmCo8DH72sKoZle5k6b5uxmv83xM-cSxSLrqDG_ivmFG5kU0mL_MVnEkmsucNz51_Rfyn1BCH3REgu9l9REldf8sxwXyaducS6zBkJzGYb7_ZbjHIZbAREjHx3XF4NeQOESAh3_lz59Izil62Qi5Pvc1-qEy916U2ltA6bU5jXtlQaItw41MmU9YODQfCOvJ92TFwpiHxBmAjS3wanxa61TJVMvr3h4gMaWDW0tcgFynrYgEwAWos80xZHQvT7LsTd8P0M2UgF2Cj1NiTfudHbbsjLUDu03ABRsospGF4Bc3cVXB3rG3tkJS0AvNl9DVzqOFKwzO9HX09uklbqNtvjLLaAhZ-wfBjzbJ9wlWR8GM9nYi_j2bNNRGQVlOaqQ_nQJ-mwm4C2XDHfyMCw6wQ0p8JxpddFo32Zt8gAx_ADG4XsnsiNfyRuViCrmAauy9VzHeOIwgoqxmv0DEaoeRunsuS4diWXxANIQM-3-0gTYYJxSvVt0dW2RbuHJky9gz7AtTGovbWJxfeRCmTfixRjFazYpKBRr_78HHkMtQZhKALe8seIRsiBvey-ZRf4Z8IIMdj2zTADCPGJT_Qhrk2d7ZSy-bXU4m05axT0ImX7Mzb32UxbyJMzMGMZarABk9T2YH1Yzjl9SrZG2OdZ184AO5FyqpMioupHo-hA7H6yVI9wobiCaKYZwpyT_ycg8MUv4vy1EmXoPG-Rn6nh95100AhSxp8qckjOVgrq1LPWLH1ll1VB-H-QN-0iXkHH6NEjIXR_0bzDB2Q1KzTt5LTazxygJG7o22mvvjiTPTqC-9RV0EYtA3TPIEsG5ysqx6FaKqGN_GZhv6PCIJ1jX8sa2Q5qVhvjJAcfaf8arbtDGGBJT32voQpiT4UTbZqejxKurnkfJQWsCDURqwuSIsvwV8HTI88-HHmCiryVVtPBNIIGhgJWU-XkP-pgs1mNiUGu6o6u_9DDsmO2UsCkb9hrj_C6z2J-VZs50ICVf5qfNMzZY5bU4ffAkm9mhn3YUKXPyCDFdr-lD2P-9Wt96OrMe6YbOr5VpJTPP7PkbfH0-C74u2__KX7_yMWpGSkuJK62JcL8gTZLTBYWGL0w1cqNjp0c4JFES8jyznpE6Eqqj2Lqi3_th6sFFQ4crZkbnTdzuSC2AZZf-4rvI9KWzjF5NxgcbNV6_mPSgu3E3uWGTaEhWhHIvqVsUXNufblTf5A&cid=CAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theenemy.com.br%2F&ds=l&xdt=1&iif=1&cor=2051373236828092000&adk=3047537734&idt=139&cac=0&dtd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 586822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjA0MDczMDgzOTkzOQogIHNlcnZlcl9pcDogMTc1ODc0Mzg0CiAgcHJvY2Vzc19pZDogNjM3NjQ2Mjk2Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame 0D5D 0
506 B 64ms
60ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjA0MDczMDgzOTkzOQogIHNlcnZlcl9pcDogMTc1ODc0Mzg0CiAgcHJvY2Vzc19pZDogNjM3NjQ2Mjk2Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDEwMzExNjA4MDM1OTM5MjI1NDE1CmRlYnVnX2tleTogNjUxMDkyMTI0NjcwMDY4MTQ0OQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMDgiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjMzNDE1MQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA1NjY0CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xf4cbdbb8ea70e6e90000000000000000","13":"0xe172d6c0703af0c20000000000000000","14":"0xa59dcb1530a9695b0000000000000000","15":"0x10c0fd9544cd00b00000000000000000"},"debug_key":"6510921246700681449","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"10311608035939225415"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vjdy8w6hewcq Show response
hal9000.redintelligence.net/zone/ Frame 0D5D 12 KB
4 KB 83ms
30ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/vjdy8w6hewcq?subid=&gdpr=&gdpr_consent=&rnd=1702040729707296&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-6-VmRRzZeCVK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0KtPNLZYKnAy7zj32f20epEqdVL5T_yAnkpCRfIYRh2LqiABMx4ho-bO7DQV4wRG3QrMdYKf373mSaw2WfYtDq1mjdahdwVMEemSrmJ0ItfJ1K9BHqEO0kkuBjLWlSzOLJSH7iPB3HgXaNf-UPv_I7Re7dnXKGk78uOgpLH9kRSTHa0Dtxtgh1eGgdsqYW-R2PA0Xu1Re8HWMn-v_hkek5XqLgGtLfz2hNecDNjctXT9FZiodPmZSUE40EsLzZuO9Jc2XSHKGfw5yiwFuGvbsEecIeDho3v8o09XnhUuFmnrMHftQMhkiwjr3upk6jR6fTd_j54cmWreHugL00GPTFBhv6RvLO3YiHcWdxJdgzu0VsIRfDFmrEgw1igr2519rzz9lVVdk8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIq_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_3jXszsTY7fYLqtjwD1e3vUnjZ0Yw%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BGmK5v2Dte-zm43pnizFE6wsLpdMTQN0M0Z3zllF9iqOlqEyxO_rQeM0Suh9xWbni3a7N730ffXQsqQ49qsLX4DFZJzS7rb4j_U24NNYaDcjqcEBZknHpbkFemQhDMdBYBNLlXKK-_o3eZCU3_fQomsSl38Xdy9R25qBmxddaECsbCL6M%26cry%3D1%26dbm_d%3DAKAmf-Bc4yH_0gQJGK75zDTVnxOzg-QPz7eaNj92AmdQKi_Clh_mkkIbZeBTdMV-OgGAYPAtUiawXjRBiUYChvxhWEmHVKwSmr66StZJUWYSnhkAdTocaG9Nh5dKIWIjpe5lkSX80i8bw3pYqNjc0zNLJRTNOaa4xm-A7CvxwUB9OOybTQkJbIqeVGnK1kPiNHssDvdKPe2ARSnIPZiFxU55kMsBioCY-5auPnxBOqEe4Lm7ko9M-_PlgJXgWbZr2yuFhsOmKJBROM0CEQiOkZhwcfhFzKc3dYYWGZn2npOhLgZuimc_cEihdmgLDOkdsEX1-X636SgzWTV67d55-lN1hYwNmVO05lvHk9XMF_e5GIjTPqn3X4u8tjRAlvSl46R_IoZyg83HUy0dqnb8xtDR8aAtHm2TMw4WY7C9eKQfHL3E-eFYYky2XBsjhAHJ_XbWI7UOTCpCTjz7wEgorZlNydsNJkzrbg41mIKXc2QNJ4q-kDvmSp34xp6aT3YzktsH7wJCgiUHSVD4ngfmcudzEUvi3skQ0x4QMTard-FtKkrKve_ATN4%26adurl%3D
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: ba761788eb8f1d5ff6ea9768dcf759a8d56b9c22a7ce08014cc0042fc3ff5678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4240
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 548D 111 KB
39 KB 74ms
23ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Origin: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Dec 2023 19:51:26 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 548D 11 KB
4 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COnI-gPl5gyavMksmIg-Flg7naJ5HLEg83Kdl2KuUHg9VnNZV_mVXbSN3EcPMNrZWU-yltDztYvTveiM5VPtqxyboSXJMK2fXwaukv20pXxLVdrRjYT_hx_4xOYAvp1kRt2cD55V4aEYSKNjDTntQNmdUb-LfJVbRraT-gtrewueJRcD8&cry=1&dbm_d=AKAmf-DNlYOPW-bY-bvEFvy0V5ax1zBWThqj7Jmt7RPlYP5wE0RZESP3zvX1dCbsVTMaRkSz-hXBbwzzfmTkDahP5V5uvw8QjeqKOc1hItuqPifZWwqlv9wUouwprcaVswhsEZtYga456WRi2vcpIRpnXRNHP4M70j_iXcMPVHOKROBf7zqVuwvc1boIylYm-qkFzdr-L8VKPTrBFW5abran1ctRaI9n3QD49VJk2spqRwdk6ngao-MWxm1SRKiKpKoXLHTXJvE4eBUnG_lr2lirPHdwfdJcK51UsWPrPxqfKCuE0ezQz_IQqRNZvo2VRDRMgEBQYJDbEsCm27fwVFZ5kxOLYpIV3m4yc0Y2Y6X99mRydPcJBri7YlaM4fd9OIVQB0kQAYLIJSyq3hE66d4-0OYLXh0GUA9_VQObIa58dlJ8nMxSb6EduiZwuYCln0wymJ_j9j4DZLMVAvr2VokpAeR-trPE231FeYNN7ezQqNLh27zvL1wuHpFCXsYDXu4Yrqa0aQGY00HJuQF2I1exXFIkjzXnxLrVZGS-Oe01dpS1_JUWERc7UczLuvC3_LW9KTNmZKcEt4Pah7CrYk5lpQWKV-51EIfwfOp3Ptp-dGebgQ8JPOxko2B-1hwjzCBtlv5e29YWVYu3znwbaXnAsgtr7roTO9v9TOJWRIO7HjmR0snVRPqWnqbRqytK5u2RVIbT5mSw0Hx9qEtOPOZC-g1l2jD7DsEgVPpi8BzCmEqM4j07FX49HL6aIcwc5Tp-Z2osG6UAGltRjuuKWl1ISy_hq7w0USmgypDb43ZULkgrPYeSH0Ob880orCp-ocfZBX2nt4r7qDQgULzLYlpSn9g4Q4_iOHr-MjjtS4f2GyxUiBMtuQI7v8weM55DfnTuU6DlYPuQZwRfDedbfTDsAwDY3zMk1oDdME3WBowlPifja3Yc-h0LY5tMU1KEoMIyw6OT8kNMyP80bBDnzEgMoGBh7cQRiFrw5SfqcwioOf9D6sicozDi3QBM8AcAsgYuIPzswP6xEDtN5718gvJ6_XcoqLP2WixtaP_6BWDIqukpEOJy0lAcKNi3NK8sZLdJhWIehilOoLZukNsrEFiBjcIQxAinsf5WynqFCmU2fm-XkzNO-J-nDGSf021bkE7aLPOAMEuSn5H6-w03csTERu3AzXPkAmw9UyySxWO6NbpIo9QEWmKKRi3UxmH-Z9eFaUBcH8oiFsxRbX_boKGYnmEn6uOSzQOcmx5UQLNMZEEug8VvjhpB-GA4n6o6IMld1RJgXjV63PWrik9u1LFDq4WoAuFgvWZL5luvD3WdcYUJ4sWWyyKHa6Vta5qO5dnCDqV71rRsV5-lUiOkHv4wp7AltU6DaQHqPwRwgoEHccV4A7KnHTgfEOPdfCieQp81zGPhYwu4IE4xa1tGUKu0XPMn2oYBQTb3duTayoO0TrakRHfD2aqlr8DdjszS9uhuW_FkrCwdPYqGjUW9bvbkf458np_oe76Nw2v2VMwdcr8NL6bBV0BCxH_Qdc68iB4khHVcfaucXXhU00SPk3y0aPUOxAa9lABI18C0klopz-sY8pVdiTVLbrSM56uaS90vZer9DJyqy3N3ctj2abNFDff0bYCmslX0uP1LwGBUzA8XUZy4iEoP29r2_V_4b1ITjQkOepvRp8D1uyA19jKuLTJhjjErq-Yza2wKUQQLwMWfChtnAj6UOrB9Ihkvepbwgb1OxNMB0Ev0AlcRm4KyN_bC5_DULOoi0tOZwC4M-VifGRziYDYezlrmTEcFaC3cdr6EqiWxfz8ANcSToeaEppD0rhPqcg_QynBFnUUxD5vB8H8ljNYa-wWt12u1BhLptRe6_6WyDsfLPLpIXO16x5ZpIyPeZdMefOXhmA5ucwXpPcfxV4G9HKZuzxKCKKvw42d01M1h6GF4PgFA9ac8yUDtT5th5FvdByevOQXz_IPnikml7OvzFYuDcOBPgiDxEEUpRksJ3M1v9RUQ02hdu_h9aj6E0u8susuSKft4BPznu8k5-L8jbKIwfePaUjVxx-fw3EZ4W0gLFD7SbQETUzmQlFJbUXNnwAM7IIApIAaMMNxovh59Ry8-6C223rjw3Gr9yK2NVhsB-0DhhCeCH0cwWL8T5XmGTwfZB9GMlmTCsatM1sC2XF8gpCxulwsjTrly18XEhwHPYqBRP5bqn56bn4-usHln7WAWw-bGWJNk4mRoSiE8eJbV34DBz3wlQZYU9XUn-v0eemPsvw17dObqg33-AW27unLMwGQ3Y5SSq-FPO5veIEO7IcjqHZLYS6p5fp-54RlSwrerVfOSLKqlO0juTi-n707C1NZW3hw17h2aOdFEqizjM-qaQGU200JztWPX3v3dfJsMbXMC_kG75GH3PwrbW9T3FJyuuQdv6gyL4V4DInI5s_kBdZT3uZt1qIc4NRrYyu65bUGaNhKggtg7mFbKgs85dyu8Ns7mcvnHHC9znbLrzPvB6v8kgOXXVYTf4UPVFrLXcKgk2hMtlltaWfKiwk5h9Q6fqb107Pl1gZsR959u6kJzhx6RaIhYrfzEGXlfXkt2uACLT5JUidX5Xl7qw_k5h7CA1DsVmbDqDF6ywesnpzluuGLGcEU3u9_H5cmLlQdc5eTkobuBNx0WLd60GoMvNgqelsmy8rF3Un6ylFysIOaluqiqiX1hI5wBm7YT5q1eGhNBP4CEq37QhsdKIAKF6XvsbcnabG5KQKs01iXYiPlJUIlkMZJ5dS3uIQ5tYL1ghtSigFPapidA5xvymJwvzBINiVKEhbIBExwDw3TyxW0xfSAMhc2pSD8gTFMf8Fnsth-jKBamWV8GrotXeH6IJwLsUdN0LAggMJ-x3lRKuq7q1CL0Pc48fxrliAqr6efJ1I2IZ9seLmdjgRu2CNcXqI9_BjmIM6FRK-vMgaAw_7_cd88Ku6Y-Iqwtec_1xlsoy6hliPa6ZohjUrVpvUqHY1xLCJgkMYDcG3AnPNaJmLU_i13hjHvPBTtAmL7lst7i7yWeIOEztV_UJSw6lcLtlKzP3WwKZH0tiMgCwhIHWxZ6yf7iAk7Rsd8_-B6n048h0RpXHPj6-q_bZX0SXMWciobLgX1xZrSkHsrjSPogilRiyrkUDzO1GrrW3Pn2DfFrPr5-pwBaraZlXhpTHXkejLvTlJjMh_WqFPXfTufezPiZbJQ9FyvqmvBIkNTelXmbLGUcDtlsDRx5rKRekmL_0BExGOj9rxXTzkmwSLyi6o3yuiIE8tf7oGZ2QpEsQp0UoCPIb1dv0q43yZE4Amet4saGZaLZU1FuocJzyDg8e03W4WKZM-ZBtwdesj4ENCq3PWti-4vVqVQNUykEC6f02bSxT6OWTRoZBsx9tfCHE7aRsig2CaC4ItflHT5cF7DeZS0Zz0SPcmP0KXdSTIwUsxi3OVo1Y5FD19BVXkpZngWroqQeaoPjO-TeizrzWbMUOjwwLQ75PqWKWWO69oZKdmzzUZ-XIWDmH1Ny-fsc1e81ftYa9vrWXnGS2cYc6rjk7iwka6t8NFUvwceH2I2Qj67DhhqGPstAC2q6DjgZkicbbUPEstpYRV3we7Gad1R6NxyQzAh3M_6_7-YLB-IaradwEnnT9_-6pCsIOuZFNxj9PtEE9nfsI0wjQTc1VsTbN6fSftB__w50QQBzIGl47gkmMOFsFMqnUGpXoiD25MmIGa0gnUUwQ5vogci5_hyrFNCG3zwaimFaB_EzOD91opLgHCllbWujEqRdcgyJ_m7aN9zq7PhKybOisGxYafy-mch4Cmbzmzy9wJqG5Jn5DOcbnga2eZtAIfClbITJsIpCOnhFd3MVx6NU1T0DBlXafTks6sgF9BkmQRm4nbkzZ4aqebbshjoOkLnR_hDJskuXEAi320q9QXSPkEl9ErR3BO2ff_mscYgA2-ii61msf2plYSJkW39Nz5Bzq41FF_KkeNPUkwULO_wnUFksBjybmNm5J8mWrQgtiC7X4aS52pIhPcXY9tA6xWly45_n__s1QCvW8NLGmoU0PyHevKEZl7s0VGHFhUWNLd5c5KbIRkAv06Yd8a8gKzRQ8VsgBXAi3XdDzVd13mrn9ON3W5EVZv_qzPCtrWfqUp3Yw0mNWR4yGYVv9IZrTUCixjoZQZLgfjQH9A5x4y3DgHbJCBb-XCcp-Dz-YVTvUtVPO7nqs9Qwou2dj0OfGzbrlyQ4OjlNr5VBCBGUvt3LdhFREYMDYYXn_TfQTyht0cF_vxhId0K6sDgTOnwgMMKE07ldlyqbAc4m_xQkH1aOxRc7Qhy5D57_4Mlg-1aTZofho3Vgzk-gv1oM4kPa1pW6gbmlDNtavXxxwpkeTMpPpDQxG9Qis6u10pTwutI5Lw-1Cv4qWhHpWhZmdhrto_vFYP4GgleFKs6_YjhGg9BfCcdFe9R5LDkRzgIJXqxjGFVv_xklhmblCuIsob5_m-G3tzT66N79s0bwjEgKhieekAp6bWRLTZqAEb_WRWFSGcNkzooZ6eWBeHTzKW_nLQ0Unq9I4eznXACFWEJciJTE&cid=CAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theenemy.com.br%2F&ds=l&xdt=1&iif=1&cor=11276397166074057000&adk=2857193499&idt=134&cac=0&dtd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:06:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 548D 31 KB
12 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:19:18 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 548D 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 586822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2039 1 KB
643 B 27ms
23ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Fri, 08 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 548D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9941c2049062915e60d5e6ee77f85dd9c85d5e5421ce4c02d2f11e9136d9f094

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1863459/76904395/ Frame 0ACB 46 KB
12 KB 161ms
50ms Script
application/javascript 52.212.68.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1863459/76904395/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014994355&ias_pubId=pub-1403787016703043&ias_chanId=1&ias_placementId=20821116200&bidurl=https://www.theenemy.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hwA36ZxKopAIZJSMp41tfl
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.68.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-68-218.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0a0f6055054da323433c71897dded5115e973c90cf06f9ce2aebc39b67ead1e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 0ACB 111 KB
39 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Origin: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Dec 2023 19:51:26 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 0ACB 11 KB
4 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BO8CnRX6qulzN24mTyAiqH7eiu43JjkVqtSb5bR5rJE8hGAN7zctFDylBsFdM75qoUE5w6ay62sA5kNF_ha51YYYzQy6stDdanCN4x55tccx9STG-eIQ2iusUUjKgYH5J3TYPf-ZeY1VYWFrc8qXh8SjFj-IAwAdQfo0-HP6O0O1NvywY&dbm_d=AKAmf-DRQDxF7bPxDzhsX33es7Cu_8ABbvbaGxIhQEgdACkFh_r2-8UD1_Hx5_F94gSsc88YFiFSjTa1w56le2SMzJAH7KLanIpVQK252RCEQz2yCMRHwNbdn6PcZXONuEYKsYMo6mLhLffrYvVChr7aVilUI6q14AS91Tfeka8evIdIngVg_EdKXjzq_Xf1SoxHAg6oipoGHFsMbyMNlf-eTBV46oM5wQxKutzETkwhPsEASTzi0QsJBHn5yM-BILRzb6HAry5bN_OAfM0lHksgAhptk2OhxO6xjRgpabwUPgvoJvkDZtMe1ytiZiSbK_RXkW6P4s_3nQjakXwSvBvUg-WCAnCetW0dNKjqF6hGUmYlstTWbkmCUcQ-01nnWVxF-N8rZ0zGLC3UBbT8lj8AMJ3Bk9hx3IsLW_qdX-7Gx_UZ5a8RQ537IPlgprtxr2y-CNsQIYfEkC3078IfpY_9LXVXjfkVPA6sjFFzPAWa7LehicizRprszfpwfTNuMcmuOAnQv5L8rb6kWnihAaDGTDjSbQDc3Jd-EfDuxpTiPMV_Wg_6Hxl7mOANbEPv-XcBAJQANHfgO53NA-avkSzYyrKOS3_cOiH4TsIk5oJBfS2RSi6GnMRO4Zn5yQJDCCdXH-fdloxpo2JKtYGBVaAZS0sy4jLvBLupPStFXMjKeQjaQftrtEvpbDCRtqGTZWD11PYxiRLD1qM9_BbYRF6J-VdxDnrfsyewMrpbms8HmcXSnEKJGfVecCqgum3ygZBdto7zmsshqyabtyusSE5cxa-C0Z8xDejIXJUYbIfdBd4oelAj2Km20MbY7tHsmCUI87fWqDHB4E36p2LlIKeaMyZ57AIrMB94jB1QYE-OprSh639qA0o3NLbDgiSGPf1wYc4jVevEHsmHq97YiV0OimNQ4O2LOA-L7xID3EPT56Xn1zLOrKam1l1purczyAWbNrN2zKIPlmnMJg6-gJW7l5lXXrHaG6xOENgJ8Czv7NbK6OiyEuHVowmrp9tbcwHlT4qx_EV09YUVNcPOhvMSi5IIZxGJJG489D0mFXLbPKNfsS21aNtZ0S_IdfbSJDQ5vRk683hZSc71E59RAQe6kCbCZpkOOFavvnHDiysYLqlRL9zSc_ZnQxwbqWJfCRHJrFZ5nToCtzv0eblne3FWV2YVuuqI4qsxtRXlZCWsvuNuBHKppHuJr8G7976opztlcUw5jX7cQwbOOlkd2E-Jtf4fVu1amtg87trq5xSPfWosk5AyiPSGB0-8GYF_TwA_re3vsGgpxNd5QzFQmuJ1MnIYTpGG9wle4-9XhPtKskz1jm8rWdmCLR0Gwp9H6Sm1Scd_ZU1PtVKe1GKtSPqF6l3wtt10lMrjTOHwW_vaIXI-GsK19ecUxHfAgUVrDYbAuP8ETKjfcfg0Vl59RlFSVHF0T2QCn41fFxqw80pCMfKFX_YYjCJWlgtF9JOU27QuTT5Dd173XEpP2uqutwLbcqy902viyQanh_AT5Qot-ZjDP9kCBXX2IqgAKo5gENMUqV5x7liqLaZeHilR0ts6opZhCKTpnWXugvgDZ0LjmphW_0rnDvljBG-injjF6Awd3stj7OA9M5VFJoUXeLNU0QUEQdnXG-sUC1yd0Vq4pMa2Tc8ISiMT_6Lsn9HzjG60oadibrnG8uSVGHMECu1PfhJSj8yxWItb9Il1QC-X9crp8OKsSrdKmVhlpP7yp76dKNjI7f72kLji3LrABLL6LSc6vCvM-6zUyNvlAwRQUaArxzed7yvjIxUL2r5fCTb-de-Dc8OCPVKXTFh2SWETSmI2_OWQhmcQBmDkhH0NsEDAw0AbxJhu-4FUxiR0n5tF5hrqvCRyGvhAz4DgcOz1lPbIBlrtoFHB4yfpb0jz2VzAFkXJNZtKv4AwV9MQTbea4RnlcDPExsmylk3jeGFQgvmzcDijHS-QCDUhgIAPtzuphDf77GIHos8xNFE6zepkFSIf9rpHP3F6QHqwoFgwGwPGvJBTM3iw_EahkmMJMtOdT_dJicFBri5J1H2VPq-rjdvjHNhIGhzvQAAZZtLiYykF5DAUwS3MB8vETOo5QNkMzcgcqCOzE9JPhACmLAAXxRu0kBZR2rH5FEmh8V2K3tvki03fbCjrNqyyNMZsBv0mMqbXntOqniyBHAqD_l5ccPRE0oVNnYVcAqARtYUrz7gPvYOVjigOjmwFxRya6inO_mL1ixQ9UCyOBf9s9Pw5xT0RT8ZV60VOqcFlhyx1v8QYZ63DxnXx9VjVI8eutQ7ICpN27xFsRuu7cW_KOqJIGALrEjTvc-dtlwUjxNiXjmkOv5-wmoJ6osNTwMFZC0tEihVzkRuvd_4-uqlLLpmqlQZoUlw_fjMZ40G6W7aanOVQHhsOVvABRwEiGeSixBQUDNQlgZv5GfzrPn5ONn_8UlRBbWDvnsVDU_HWmUACs_T7yDbRzGgeEC-ZGojsjEKdmw3jLXpJxVcGBDNqN--71sa3hdx59nxxxoFnnRdF1t-Qjg9j9YSF5s8MOJcR-VGW97ns7tS2YHSNpkEKwUNZP-KIsGUtYKFzLQb62gQicnO7O8CgG-epTw2Yhnr0d4LoRTY7W4ubwQNPvOHsf19ihlY_xPx_xrkBx8_CSKI6T03nsOzfPCDPX7MWZetG0SeY88xce5YsmujvQr15AwRUUftClbQUMrWB_P0z63OhMV3EI1ZixQp7k_P64NHdS087lkShNb9DqyTu6rGXwk6RSk8P8W7_YjmAUwZ2aQAZ6YQIfvqvCuBk233JoUXIOoW3SSDAP3goNavY4NEj3yx62VE5Gbj0k88pJE43YNWQHaurDP1eFSE1l6Uv2yBJ84wORW_5R8uH2nU3l77GcnwjN75jlCjT_CJIobIfdomnVW6WLOKzZZH2qqr6oNpM7U858XayedgdU4eBgKED2DaqTAJ0d2zKsQzCWqIpTQ4rladdAzp8hhjCcbySSBZASEEGEkcbDaj4EOV2YV3dbmKreogkWEXy6p83Grxh5lRpde2oL11G2-GcAH4wS5_fyIrdmC1uYf9F1bqScSxPszvkN5lpMOYObStuGCQBEcHG5CtyUK7PRygeGjlkiCfgeAx7I98fzD5PazmqVniyL6CSAJP5S6y9-gt5KH6xfmUD2bc8S8XRJ6s0z4b25-UwiQusn3OE8LqoVVaZsQxRamZ6bfG0ZyzGNukOQsAymTliixnunXZPiWWfFWmckmqOtmNnWKsAe_JkN70iFYA0w-dr4inq3o60hJf_JWwgtuIQPaSIaMjDauQBnbqIl1mMCyw7dBeVZTx7OS2jHLVz856LXJ8Miksph0X6WMaIGrYxTBy6M3vxUO0kxvGcRnzpqDHmTiLBZ6-qFZiIgOGG-AlJyTdrykhWnm5kTBeGmvVHKV94ldMjLHBcL8wI2PKt__4VfM0Fh3miskeY4apN400Cvr6g-sUlfRpPyeSzM955JaqYIr1LVKL-gmFJazRHJPamGWy1XtYfsiczxfkU-WLrlEhy8dA7ee8U2zbINmXJfUIMDr4EBn-T8NbXEeUGt-K9aIxM_capulyb7K3fHf6NhBtrMBw19BKcmhWN-2CGmGly5HNlJkXKoxcqU1JySPwsEFwpqIrYAJlNYEA1JOsC-Hq9rVWlFZSVHsRszchzS5pnlcr6Lym0V5T_aPkwmi1gSvJxyBoV34h3kOTa5hufOdAPONtIx5pz_sn_YEIRYNrFo2pjuPRVHnQNLvjM65bsdynzbbkbnVes0AX9cY9pxjT6CVvo-gztZDDGdd1voH-wvlbVv7mTnQwcoqvX0C88CVQ9XJxnFfVkB2SN1uyWUiDS5x59ACj-ErPT20b-gT1V4YYLzHFhRcB5rnAjUs5oRmE-utkcadgGCbNzD-r01DOht-jGIvNauq0nnUDWYU9jfiIdwkvUzMC41P9scvBTy1EvsGCg1uf7RY-2bC1IXj2djXIyynicyixxSwmbpFR0fqky1cvCgcDp-H6nxXInyVSSMBp1DvaiVIV8w6d05pqUrrTiKW0mqT5YsugVs96JX3_hBcj-ccUnzqIHpDBZOTG806o3M4DKldeu2fJhdLbO43HjkdyRQMjDQnIKHKSiNFOZx_eHo2HBJofTh2x5c06h-TRDRTjBgGWLigYJI6QfR6zk&cid=CAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theenemy.com.br%2F&ds=l&xdt=1&iif=1&cor=72798649850702800&adk=2228999114&idt=144&cac=0&dtd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:06:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 0ACB 31 KB
12 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:19:18 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0ACB 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 586822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E80C 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9580968413286&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E80C 0
20 B 60ms
60ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9580968413286&version=m202309260101&ct=77&x=1&cor=11083464243900895000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E80C 20 KB
13 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZNgiQolXPyMfbSXjId5hRjO5HUxpaMwpaSsaeLF5uTTeTfnVS7v3Z7jAF0OVEo8IsFGUGidaAxxBz7gqwCn1ejgkuSVqzloMWlqPe3cPqmnn-4G-DnF6e8WFfUap-34MbqRfbB_F2-L9v8ecMu9u5IJBCNyEk4IzsR1gfivUFRPgUHqs&cry=1&dbm_d=AKAmf-C-3hMX7S31bbUGwf9XA5-kGP4fgd5142PPugqmtPqD7qiNjnFpwj2bFmZa4VONC2ToFyA0knNZ19w388Bb4hLMvcOfGJrgVcSX31dWLIEpfEYDouqlM7nVYWthQI_dFaYLTQKci_cCy-4Wx8zQz8yyOQ5emaT5uMv8i_EtGXRYfIU9WReLwLsZ-wp54aXtpNcwgxCiLYJu30UgTHO0oegLA1ZX7_AL-V7Yy76Zn55UucGhn8bz-Pt8qDM-ZQ_W7cEpCbp4Ss2-qS41leHt5WEL8GSp1nKodjRPL-pAeSAyFwDjcR9jGwm9oV0ccbwgmctXsZcvrP_QkrK2j3fORXCnXTvMrfbpsJKbUZz9DQOGNNiyOCLyYAT3XJWhRsBiZuVueQKcCdFXmQMZaGOt1-NE-_4OAXv1aK3d6We91cCQf7VirxOKHc7qCT1dSP3-Gk4l3kwqXlmQRlL6d8I_5z-p6JN-NpBCpIfFnf2Um-t9dyAEpAsLE7jK5VMHf9mAO7GtckNonqBBworAn6Gmb6VFzxFTP-vil2sq850ykpj1MP6ELpJNMt6dpiD0S7moXLNGKn1maivO9dgSrb8jSV8NjNIuqKt3qxrfNOnRvFWjShpT1aYEvcjdX0BSKkj3AZBlWkZsktcsrddn3v0SIhzSsv-Y3zqrhWOWzBKyH1HVHVYJK6K4vBnJJS9oMcQUFoH2wZHJZ5vOBUQDOWrqMDiMXDNfYZsHHgh9ygVWI6AfwOwRxsAMgJ_lajAaoSCNGofUQdB0XceR0Yb5UrGNtDxwCDP44MapD9ecLO614rd5ZtPvb5N20JuqlfZIGWVpYTxc9josKkh5ddkqRmpImbm-XjHAQHgSJ4GSvOZPSInS2x1pgnprYsKcjJps1bDaOf0Rm71ltxsOu8d7EryXFppmeLACAhuietzYIZEh9O9b_PLa9hJHJbEA1isHCCcLP5LFvpm7WAyXcDOPzjkEDcdwko0xLCY_rG3Zx7uz7fXfJahAwON2CQFi4qCsiVmFqHVKNRnCxSbCZnXcjLbbhpZkaTT8igBtNF6BAJGpCgjECT7qSjp_uIhBKOTep8JGQlWON_79Bn-G2mM6m3AsSH5lgQRaeI4yoSJ5HgsUPbFa-7pb613j3ueAAv1sPgU6VXMiF8xLGCwwvCSs9B3te09kpIbH_xQ1-kLcyXfO_UOk03395p8t9Zdg06rbk1zHcLte7bQLWAVchxvY7JBb8HNtsHe0daCEPMmg_d06CfGT2TnLgxJx8NeCzrRPTOFrcO6BuXjczzIGrlDy35T0QGo4_4ISaZInA0OQqBKpPnq3CGN1wQe1TQVlCMrpLyXDrtKD72CWt12RK7KtcS9ul3eOQBgP2alDbLDdW8qhehLFgWUSyNwglczxpuxf0hkTZ4UtWVhTXsDzlFYsQJmopuiwS9eW-wD9toSbiX8meozieTlNcaJq2x1Bt27ZUNz2XRlZphy7kF8-am_BXDgEpIDXwf4jvkhlvf1Tnv6EVXKF6qNkYgfAyMhC5fBrF39lxX5xnTbk9SdulBHK5X467Nx9x9T1_NV69FgMRA_1d6HhOfJwj35dEbXN-uJZMRA0YMbMMZdEqWH62ud4DL4x1Y_a2-l1jHoi967qHBBLfJQ6tFvxKUj6aFcAQYWGDkw4rUPveOGPI2N3ubM9TQXFdFO1GdHoA3nG7HFr36721k49gn6MdYEXTIfgGm3pCe_wA2WrH9s-JLWTqKj_6vNGOrz1_cHQgP4PmjBk9F0KTeuFQhub2yfYbqXZJ-67qgQp1pPthXOUOmFhD5MVeMMdWvEj3QTPzLt9P0PYoBaSQucXLHOlQEksljTosGGpJwsqsl7NfVMhTPGDQDlj7wscBAB9euKRLx_tmKfI-vleqiP-3XFmk0uf-n_v6M8w-xa3sAjDy2taqjDpHmZPcKIGX-b1PEBHRMGBkbNgZvrk0cyOI8qDxAzdtWGOacWY16G934MnCNuu-qXPdG9z7Rh66EaoiJ20028PAxYqMrXIG409Wt446x02DCsyS4nmSI1iAMgRmhzzvqIfOiDOVfZRV5hYlYCBRrna5rD4MCetqmBxO3eFhLWthkyvzSpEHPI0X7_8oJ5sWTnTpGhDR-s2eEpXThD4bM1JxSfaYyWojXX4ci24bJ1hfbL0iZbt3dEwwYf3Q0f1JvcELqW-jUSkLGHoGWAOXSrXcOcpmWDfTsTYsJclGpwfASpMOGlfXZQrK8_lR-DIFpOywSNj3WtKi0VxayURZiqaKdfbVVNVeBLIrVJOLOHLUuESgYFJt786k2IKD61g8Fmz-FjRwBrrbJQ7FvaSq4DV73-Um-DXJzgsFCCUcHdsntyeb7LHF9vevvLPr3geGcLk_IgLGGPfxMsaodRRFBffuBnz6zoHCv2Sh_dtPsCM0f2zHxcpzhsf66bgVr4zwCRizR_cHwJjlT4HU6E2GzaHcSNekse7ErFk-rjCU_iQU9MPKACMoym1_qEitK2EOa5qjaMZIvWP2qI4PUl5sBw8JwI825AyWLFNOmCKM3oC7rTYkE4Jp6l4oMwGydA0Y9ZnWy9ZT6CzgBbxJr4cfOetYzN2IRlu4PHwNz7UrOr4B7IBy5nwtvXbO20k56o4njhO3jwqNG-gs1lhdfkJ1VIwMnz15giERhvfcekm-zLvi1SP8NLcc6Cxyy-FUmxINLR0zJK2pBH8JhXMNq67k6HCJUUdhLmGp-Ubqo4HXr0bmK01U7dzhkg6ZxPUFqoeZWukf-CNLhv4Sepj-XxIQFy1fKpjgn2JrpdWHubUAxNI1Vls3FBIn21cu5_KeI8XogbDJdeiTX1K-risvU9gzVUMBsBSzVffwMA1yN56MVulCJn8hH86hqusuv4JiggDFqeHKgWMS3YHs8QZlTKyBHlV_GpwxiTNGSA2fiLloJdw88INa9Bt5QWJ5gv_fOUnwoNFhRDzfL4sILOA_486qdyOOcSnmdWWaUvdijcM67gSmVEVo-ate-RNa0E5K3cKsVlre4xUOCHLT3lLbeu1jHf4vO3RuzPMcy3SlhaIA-SmW0NFx-gtTY7XryAeki8UQ9ZRBz7Mg_WMsZ7Nxsnm3SY_XihHC-hW-TiFYW7E5o8iB9BB4SSwsqoswPHMlpQrnHl5jjzsMHB_CJBH_3qWzf0vru1oQg63iwUe_6nWMoc3JjZd5kt7IKZEcWKnvNBHwnN36nZ4w_jl5bVGIe-B535xVtc-9B6T3f8v0BFI-hNS6kCN6svlPL8vHxP4UcSVLBdZOyMwgmzieCNXX7ylmOqp6e4M6ulStGcSagln8hKF4RfbaKCQrba5ui9N-vy3S4n8j94RngMQgpGqmGE_L2ygYI79u1yiBvB6F2bTu4ypuwSFWI8UQfNfQq4NLj5Y9QdjUrxIgtG7ZKYrfA7AVfGOPrAF2tZTDGDee7SNpaydkw0OheAGnovUH3b7k5Cmj70S9p8URrp0A1QGA-O138FjFNvyk-KPSPJZYZV3P9mS45bTwjYLr4cHwBUw7xK0uiB8xFkMT9NQmZ3hNmf6nvVW8AEBenMojC8eHNvA-NdEaHxByhk059ec8Hs7DijoFWpnXW6TGOZqqJKBKGCL_SE_akGuidDvqMcW15thEIV7vA4Gu43HKwCgYYQfEguOO109Oaq8vOchdpNy-yljhX7078oTEzfDINLdLVV5L-3El9-qNhYY6R4UR_GyoI44-xK3l96bak55KHMxmbFpri3F9ECtgpX4TDYsFeQkPC-c-JG7b35ETcsi15jWX8QQW7yO1mWa6QsFkmqls98lKO9VtrRH_oPB51ejRo58dz7QTc-Cbo02p1oASVFtZq9ubQn1KsKaSquNvD7eqUSJkQtl3MPuXYiCA843UQJ_hbmYA8BlXiW0h0mRt3O6rK2MYOlDtvfH99tUCCl0DRZkqzPbFMjDNLMGL3iA1mAMkXec4iSC8pH-dx-fUNgOI8JV-3zHX5kRGAQdnNZF47TmWPAx5QAcxPOaDI1wgDE8vf6IEWkubuMoYBFOzBNpTxCLE-tnbwSZkXHa3rWWhp8cYspar7i-gbvB8iEm6Sag1dbLrVaHdBgVnYlG850E3hXz6IMmNUFpxMS1qZE97detDTqozEaFrCryn1qv-z4LoP4&cid=CAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theenemy.com.br%2F&ds=l&xdt=1&iif=1&cor=11083464243900895000&adk=2086295848&idt=261&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16fe1dc7e3ed4ad94c49b89ce7145d3d1305eb6880c56492b3bf6439a2b3d5e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13667
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal90009.redintelligence.net/ Frame 219F
Redirect Chain

https://hal90009.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=f06f2ec8b4&subid=&uid=ebce8839f517614c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90009.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=f06f2ec8b4&subid=&uid=ebce8839f517614c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

154ms
103ms

Script
application/x-javascript

138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=f06f2ec8b4&subid=&uid=ebce8839f517614c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu8lwmRRzZd2VK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0AyIJtCtVB9Qjwu-p29_Nhj27pBXHosV7PGRZy9idDqnDfvaJA_VDXNB4GTuRB6KaJsxx0Vx6fBu1iZ958YXbWLWJsFmOfPIz9QHuZ6YSFKqD29ADQXRrbxFzx2kpWV6fdqnR4PzWIrr5OJYoC-ofwDNEzz7Z27Jg7ATAVGMkwPERfd2bTEZdlA78dG9pheilHb7lZfzxLN6IZO53T7nomVabl3hM9xHi27GoakNED-h7MJBJAjQagZ8j-y-PTmaigkXNXmiOjivzL0BXGpFG1CxSPipKwVYhqCajqKKmQudcEdj6zMuHkHy-rJ61tqqYuera_B3v_P1z2eP1xBV3ZQaT-leDRaWcc_HyRwuNXF5e14argBSOe0S-IT4SYaE_-5zhZRX0cAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIp_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_05Y94UlYrgkMStRBv1neiKUbc5Ng%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BEG6qTYIrbVp8y9ujXFbM1y5r-4TnLlz0Nfznoqih2VM0jJDizwNFya05cXtYgl994oYC1n9eGt5mzyoJknrP5GSv-0LRK6zxv75ss5bGZ25jL3eYwYmtLC3ryGbaJg5IAiTnc4UDvX7jop2R9SRzojR_BUzaI1HYBOARJEXsOTY9yZqU%26cry%3D1%26dbm_d%3DAKAmf-DS2ggjLYJnSI3UDBbmtXg3BbTcfhVgS4rr9kuf40eIedeIxo6_55JUsmiKk9rARSF-1b9X2yO_-NSn1VGMEs_R4FVO0-LDOz9j5y2FYCQOzI9HFeslmbcyPwNAMK2fDefREYup_I0CT7vzp5mu00wvqRs3Vm-nMUWRifz1WwumweeQJqUGsgKye0G1nEB1UldwFeWd2gSeJPJJ7TMY6dLJ5iq40z1FsO5kV0G-OTQaJwcQoeCDekGp1Wnpmds-v9705Xk-VzrQiYudpSOx5mq3oyI1zovW4sLoa4CLuHdY7aDzGsbf2nMVt4Rx87QBsUEsN6XiuAca23mcsrPdh-4pHGHjo_u7LOqtXJZuR1XXvnMKTSvUkMOu0qy2qwOzMeuLMK52D8PE5C_whXCbRDT2TZoaHm6kN3bF8XT-BqE6Yx2akZ7DDM-eXJRm5wutfYMO5gNNrGzveLO41-6in87mUktyYDHf5ED_s47LLD903tsq9Op3Tv9_aKaMmGiBOM0t0bTYHS3zkbbLSJ-agQ7EWGEtCIrKdZXbNfnXK7RfiEw8SY4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=2973323777324&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1b3b0fb6e99fbd2a892e31efbcb6b28e16fd4c28b70bdc71f00cf6e3c1250280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 13:05:31 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 55692500086365404444990012532009
Connection: close
Content-Length: 1388
Expires: Fri, 08 Dec 2023 13:05:31 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 13:05:31 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=f06f2ec8b4&subid=&uid=ebce8839f517614c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu8lwmRRzZd2VK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0AyIJtCtVB9Qjwu-p29_Nhj27pBXHosV7PGRZy9idDqnDfvaJA_VDXNB4GTuRB6KaJsxx0Vx6fBu1iZ958YXbWLWJsFmOfPIz9QHuZ6YSFKqD29ADQXRrbxFzx2kpWV6fdqnR4PzWIrr5OJYoC-ofwDNEzz7Z27Jg7ATAVGMkwPERfd2bTEZdlA78dG9pheilHb7lZfzxLN6IZO53T7nomVabl3hM9xHi27GoakNED-h7MJBJAjQagZ8j-y-PTmaigkXNXmiOjivzL0BXGpFG1CxSPipKwVYhqCajqKKmQudcEdj6zMuHkHy-rJ61tqqYuera_B3v_P1z2eP1xBV3ZQaT-leDRaWcc_HyRwuNXF5e14argBSOe0S-IT4SYaE_-5zhZRX0cAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIp_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_05Y94UlYrgkMStRBv1neiKUbc5Ng%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BEG6qTYIrbVp8y9ujXFbM1y5r-4TnLlz0Nfznoqih2VM0jJDizwNFya05cXtYgl994oYC1n9eGt5mzyoJknrP5GSv-0LRK6zxv75ss5bGZ25jL3eYwYmtLC3ryGbaJg5IAiTnc4UDvX7jop2R9SRzojR_BUzaI1HYBOARJEXsOTY9yZqU%26cry%3D1%26dbm_d%3DAKAmf-DS2ggjLYJnSI3UDBbmtXg3BbTcfhVgS4rr9kuf40eIedeIxo6_55JUsmiKk9rARSF-1b9X2yO_-NSn1VGMEs_R4FVO0-LDOz9j5y2FYCQOzI9HFeslmbcyPwNAMK2fDefREYup_I0CT7vzp5mu00wvqRs3Vm-nMUWRifz1WwumweeQJqUGsgKye0G1nEB1UldwFeWd2gSeJPJJ7TMY6dLJ5iq40z1FsO5kV0G-OTQaJwcQoeCDekGp1Wnpmds-v9705Xk-VzrQiYudpSOx5mq3oyI1zovW4sLoa4CLuHdY7aDzGsbf2nMVt4Rx87QBsUEsN6XiuAca23mcsrPdh-4pHGHjo_u7LOqtXJZuR1XXvnMKTSvUkMOu0qy2qwOzMeuLMK52D8PE5C_whXCbRDT2TZoaHm6kN3bF8XT-BqE6Yx2akZ7DDM-eXJRm5wutfYMO5gNNrGzveLO41-6in87mUktyYDHf5ED_s47LLD903tsq9Op3Tv9_aKaMmGiBOM0t0bTYHS3zkbbLSJ-agQ7EWGEtCIrKdZXbNfnXK7RfiEw8SY4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=2973323777324&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 08 Dec 2023 13:05:31 +0100

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 289E 1 KB
643 B 25ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Fri, 08 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0ACB 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b2360cdbd0314bda6958c8b468cc8fe1b7926957d3e1ed94320462906c35180

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame EB50 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 273246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:11:25 GMT
expires: Wed, 04 Dec 2024 09:11:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BB29 38 KB
13 KB 23ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 273246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:11:25 GMT
expires: Wed, 04 Dec 2024 09:11:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2039 70 B
149 B 136ms
42ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEH7HPtd3ZEHyWSgX_BylZ1o&google_cver=1&google_push=AXcoOmSnGHASD4ZogdAGhGUrKABdClvI1uSz0SS_zpgQeb__ahFZ66N37p6OQtfRMUGubrk2Q-XsUzKV021f51BEt0lBb_KXm-QH
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 2039 43 B
146 B 86ms
23ms Image
image/gif 3.123.203.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENA4AAWIcuMPbDt0tloEJKI&google_cver=1&google_push=AXcoOmSJPL-zYtIlnOznbmhzuxoMuv_nPZ_s2a57Aq5ltOOUoa-F7fYa8O-px_TRVkF1USmAq60Q9WoZc80KRSV_B1mtD-94_mY
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.203.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-203-242.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2039
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEORrkB7LWdooJGfW_p6DLH0&google_cver=1&google_push=AXcoOmQsfJV-c5t7qwTNGKx0hYoNpX-_S4Y-mGrxi-yydaZhNLHs8kmHQnpzRoSqExY1QGDYDGdhv8nW...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEORrkB7LWdooJGfW_p6DLH0&google_cver=1&google_push=AXcoOmQsfJV-c5t7qwTNGKx0hYoNpX-_S4Y-mGrxi-yydaZhNLHs8kmHQnpzRoSqExY1QGDYDGd...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE0NDA4NjY5MDYwMTQyMDI4Mw&google_push=AXcoOmQsfJV-c5t7qwTNGKx0hYoNpX-_S4Y-mGrxi-yydaZhNLHs8kmHQnpzRoSqExY1QGDYDGdhv8...

170 B
188 B

34ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE0NDA4NjY5MDYwMTQyMDI4Mw&google_push=AXcoOmQsfJV-c5t7qwTNGKx0hYoNpX-_S4Y-mGrxi-yydaZhNLHs8kmHQnpzRoSqExY1QGDYDGdhv8nWesiLMcaq0gm9XiVgNeY

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE0NDA4NjY5MDYwMTQyMDI4Mw&google_push=AXcoOmQsfJV-c5t7qwTNGKx0hYoNpX-_S4Y-mGrxi-yydaZhNLHs8kmHQnpzRoSqExY1QGDYDGdhv8nWesiLMcaq0gm9XiVgNeY
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 2039 43 B
363 B 88ms
28ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR6kwI_ZLTC7bgOWowG6_DGWdKrPQbZJ0cDsoqI-a0UIjQIkoBrJoOtyOGYqtStwoRS0sRiITG12jYkcSPBOc4GxXNi4HUt&google_gid=CAESEGzlFa8kcB4fk6aQFU6SM2c&google_cver=1

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 255728
expires: Fri, 08 Dec 2023 00:00:00 GMT

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 2039 0
238 B 106ms
49ms Image
text/plain 2600:9000:211e:7200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFfgx6Iqv2hqUtLCKvLfhok&google_cver=1&google_push=AXcoOmTSqsoq8kFU42TiSW8aW6tWLw3Pnln1wD2KwqnRcRZQYB07EwTXMaWg2OjuU6x1L-ke6uytB_0kkP_o_wWma8ubrjvR3VM
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
cache-control: no-cache, must-revalidate
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: BziQw0kFl2nCMMbyvXHZjBNaSdWEtAWAQMLegujPrPTFmZO1JOgufA==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2039
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBZjRYlVGLeeFVXit-TGN1o&google_cver=1&google_push=AXcoOmRpZukRkd74MjF6I1YFj2f6fswWxOGElppTybEHfI6iQkxLNj-HysmVWB5_58CF6LFvNeeS-xkIHzUvf0PvnE3wP8cqrtVJ
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRpZukRkd74MjF6I1YFj2f6fswWxOGElppTybEHfI6iQkxLNj-HysmVWB5_58CF6LFvNeeS-xkIHzUvf0PvnE3wP8cqrtV...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4ODYxNDA0OTA2OTE1MDcyNTMwMA%3D%3D&google_push=AXcoOmRpZukRkd74MjF6I1YFj2f6fswWxOGElppTybEHfI6iQkxLNj-H...

170 B
188 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4ODYxNDA0OTA2OTE1MDcyNTMwMA%3D%3D&google_push=AXcoOmRpZukRkd74MjF6I1YFj2f6fswWxOGElppTybEHfI6iQkxLNj-HysmVWB5_58CF6LFvNeeS-xkIHzUvf0PvnE3wP8cqrtVJ

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4ODYxNDA0OTA2OTE1MDcyNTMwMA%3D%3D&google_push=AXcoOmRpZukRkd74MjF6I1YFj2f6fswWxOGElppTybEHfI6iQkxLNj-HysmVWB5_58CF6LFvNeeS-xkIHzUvf0PvnE3wP8cqrtVJ
date: Fri, 08 Dec 2023 13:05:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame 2039
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAnV8puUNoVCTjKIgrwcjuw&google_cver=1&google_push=AXcoOmSWdz4nW7Z-_hIRiGtIDRBRrKaFZECchIUYGa4R-_ByMkKPvP_0vYeZUBIdvc1nZLZL7TrvjjbO10a...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSWdz4nW7Z-_hIRiGtIDRBRrKaFZECchIUYGa4R-_ByMkKPvP_0vYeZUBIdvc1nZLZL7TrvjjbO10aoRfqwGC0d-bX6W4fwUg
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

23ms
20ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2039 0
12 B 30ms
28ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjfiXCcCJEDX4WGxrExJ6z1hiZ8mK3mrHuMjMwi1gnboiSiA7m9B5QBi11jKJioye0xQyytQ

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

200
OK

request.php Show response
hal90003.redintelligence.net/ Frame 0D5D
Redirect Chain

https://hal90003.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=820972cc0a&subid=&uid=0534883079166214&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90003.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=820972cc0a&subid=&uid=0534883079166214&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

146ms
93ms

Script
application/x-javascript

138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=820972cc0a&subid=&uid=0534883079166214&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-6-VmRRzZeCVK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0KtPNLZYKnAy7zj32f20epEqdVL5T_yAnkpCRfIYRh2LqiABMx4ho-bO7DQV4wRG3QrMdYKf373mSaw2WfYtDq1mjdahdwVMEemSrmJ0ItfJ1K9BHqEO0kkuBjLWlSzOLJSH7iPB3HgXaNf-UPv_I7Re7dnXKGk78uOgpLH9kRSTHa0Dtxtgh1eGgdsqYW-R2PA0Xu1Re8HWMn-v_hkek5XqLgGtLfz2hNecDNjctXT9FZiodPmZSUE40EsLzZuO9Jc2XSHKGfw5yiwFuGvbsEecIeDho3v8o09XnhUuFmnrMHftQMhkiwjr3upk6jR6fTd_j54cmWreHugL00GPTFBhv6RvLO3YiHcWdxJdgzu0VsIRfDFmrEgw1igr2519rzz9lVVdk8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIq_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_3jXszsTY7fYLqtjwD1e3vUnjZ0Yw%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BGmK5v2Dte-zm43pnizFE6wsLpdMTQN0M0Z3zllF9iqOlqEyxO_rQeM0Suh9xWbni3a7N730ffXQsqQ49qsLX4DFZJzS7rb4j_U24NNYaDcjqcEBZknHpbkFemQhDMdBYBNLlXKK-_o3eZCU3_fQomsSl38Xdy9R25qBmxddaECsbCL6M%26cry%3D1%26dbm_d%3DAKAmf-Bc4yH_0gQJGK75zDTVnxOzg-QPz7eaNj92AmdQKi_Clh_mkkIbZeBTdMV-OgGAYPAtUiawXjRBiUYChvxhWEmHVKwSmr66StZJUWYSnhkAdTocaG9Nh5dKIWIjpe5lkSX80i8bw3pYqNjc0zNLJRTNOaa4xm-A7CvxwUB9OOybTQkJbIqeVGnK1kPiNHssDvdKPe2ARSnIPZiFxU55kMsBioCY-5auPnxBOqEe4Lm7ko9M-_PlgJXgWbZr2yuFhsOmKJBROM0CEQiOkZhwcfhFzKc3dYYWGZn2npOhLgZuimc_cEihdmgLDOkdsEX1-X636SgzWTV67d55-lN1hYwNmVO05lvHk9XMF_e5GIjTPqn3X4u8tjRAlvSl46R_IoZyg83HUy0dqnb8xtDR8aAtHm2TMw4WY7C9eKQfHL3E-eFYYky2XBsjhAHJ_XbWI7UOTCpCTjz7wEgorZlNydsNJkzrbg41mIKXc2QNJ4q-kDvmSp34xp6aT3YzktsH7wJCgiUHSVD4ngfmcudzEUvi3skQ0x4QMTard-FtKkrKve_ATN4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=733063580157&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 06e291b04ae5a729b4e8c48679c097cc817a6ef2270259ffb46be8eb118aa209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 13:05:31 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 47445800082620104444990012532003
Connection: close
Content-Length: 1391
Expires: Fri, 08 Dec 2023 13:05:31 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 13:05:31 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=820972cc0a&subid=&uid=0534883079166214&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-6-VmRRzZeCVK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0KtPNLZYKnAy7zj32f20epEqdVL5T_yAnkpCRfIYRh2LqiABMx4ho-bO7DQV4wRG3QrMdYKf373mSaw2WfYtDq1mjdahdwVMEemSrmJ0ItfJ1K9BHqEO0kkuBjLWlSzOLJSH7iPB3HgXaNf-UPv_I7Re7dnXKGk78uOgpLH9kRSTHa0Dtxtgh1eGgdsqYW-R2PA0Xu1Re8HWMn-v_hkek5XqLgGtLfz2hNecDNjctXT9FZiodPmZSUE40EsLzZuO9Jc2XSHKGfw5yiwFuGvbsEecIeDho3v8o09XnhUuFmnrMHftQMhkiwjr3upk6jR6fTd_j54cmWreHugL00GPTFBhv6RvLO3YiHcWdxJdgzu0VsIRfDFmrEgw1igr2519rzz9lVVdk8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIq_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_3jXszsTY7fYLqtjwD1e3vUnjZ0Yw%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BGmK5v2Dte-zm43pnizFE6wsLpdMTQN0M0Z3zllF9iqOlqEyxO_rQeM0Suh9xWbni3a7N730ffXQsqQ49qsLX4DFZJzS7rb4j_U24NNYaDcjqcEBZknHpbkFemQhDMdBYBNLlXKK-_o3eZCU3_fQomsSl38Xdy9R25qBmxddaECsbCL6M%26cry%3D1%26dbm_d%3DAKAmf-Bc4yH_0gQJGK75zDTVnxOzg-QPz7eaNj92AmdQKi_Clh_mkkIbZeBTdMV-OgGAYPAtUiawXjRBiUYChvxhWEmHVKwSmr66StZJUWYSnhkAdTocaG9Nh5dKIWIjpe5lkSX80i8bw3pYqNjc0zNLJRTNOaa4xm-A7CvxwUB9OOybTQkJbIqeVGnK1kPiNHssDvdKPe2ARSnIPZiFxU55kMsBioCY-5auPnxBOqEe4Lm7ko9M-_PlgJXgWbZr2yuFhsOmKJBROM0CEQiOkZhwcfhFzKc3dYYWGZn2npOhLgZuimc_cEihdmgLDOkdsEX1-X636SgzWTV67d55-lN1hYwNmVO05lvHk9XMF_e5GIjTPqn3X4u8tjRAlvSl46R_IoZyg83HUy0dqnb8xtDR8aAtHm2TMw4WY7C9eKQfHL3E-eFYYky2XBsjhAHJ_XbWI7UOTCpCTjz7wEgorZlNydsNJkzrbg41mIKXc2QNJ4q-kDvmSp34xp6aT3YzktsH7wJCgiUHSVD4ngfmcudzEUvi3skQ0x4QMTard-FtKkrKve_ATN4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=733063580157&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 08 Dec 2023 13:05:31 +0100

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4836 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 273246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:11:25 GMT
expires: Wed, 04 Dec 2024 09:11:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/ Frame 1E43 6 KB
2 KB 72ms
30ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

925782e1b938c91cf8fd732e4349c37ca12d81072af942bccede60f700950337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 363987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2409
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 07:59:04 GMT
expires: Tue, 03 Dec 2024 07:59:04 GMT
last-modified: Mon, 09 Jan 2023 08:11:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 548D 0
0 138ms
71ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrk3qB__9yLbpZhK4d0TwtIuu8dKb7ufhDjeByqyHypvd5yiUZrFanQ2yQYxahTy7d0GrEhDEAd1zjIlpf1SB8T0D2uQ9fXp3DsV33Ly-CHZ42d4tLXuWvk1u4BkqVkm_kvRdYjVC0gOxCtB33APGx0UGyhxuWa8bXX6JyJnyNC03d2Th17HqNN5u_f15UAV7PT88SShEwN7CR7bqFH5k8bUsc9uWDRRdMzYvPJ7xX13k0O69qvI0UaKAuiT1RbOrodEE7ydfBDH2Vfu390F44NWeg-IrpEPICTax2bodQbzeZIL2kq7olHAc7vznRejT0n9UP3816kG_1mFHypwmyQ5QlMfHYVqYtubNBtm7ArK8HKABTGcCy4LBm4JoHTOmCzL3GPXyh2maS2TTnkx9M2MwnQDYoYz5LQcx2yU0PwIaZTUWx2xSgoBtPN5AEyNtJW-NHZislOkS2VE_SIZ5B2HVXZeM-XS68Zrv9WeuHdHECyRc0AaHwDQlvMCqPJ4qThjk37HrI2t20KIEPX_6lJFQeFwKRPTBC-qhlGuKTEl7JuDh7VPuhJWrdJe2XA9qGgsJW-ncxRMki9q3PzziA28KHq7kOU4H1TxhxZab6EEMD9ZE-54014AoTmmBxAqty4E2Tjlw04Iiw5O2jfsoRDcgu_sTokRqjQQ3cxN9Hv6enjCAcdsnGpRiJeINEvQkziXglcfBIk_suo2bUvtq8zJ8XCiBaEZmfGw5Uz1lcE0ktDtDRB_DeXbRX9HLUeSsf2H2WyrgpkVVT3bBT2fs7RwhhK-vaBzJ93lHbAOZ-53zbrARqfxLcJV3D0QvPwEzRgrIKoY-qY2zsRRl9Ye1a91GykI_sgyh8k8j4aC3Bwp_3qw2FMD94dMZclF85a8WDT1wl79_9duF8PmXCJ7wvqhJyd7X-lDd9m_Y7Z5CKdU8Hyu_0GoG58OKYX-gLhtiD3iTdLeLRFwEfYikkdJRbtG1LH5oWBUnBeWgkKaq9wwR0z-aDsJxoEtUlWwKp2omA0oVr6Z8XLAD07F2IN0fTuFRIwqTTxP2LoSkUfamWY6qpm7r-DiSnBATWN32LROm5Hn8V0Vmr3kK_Y1uIzz6b6JllXT3d0I1FSrDNzwpvSyGae3MUJiXXucLY698b0kuLrurhWgo2D22duujJ_UDaPcxY_lT3L2U4PCuZ2JSqW89R1-nWWcEF77hIGbCNaMlA4uofOJGkVe5TvCdc5g4xyVjOuwUyonrCWl1iagCvyr1r2Zey0UnaqOnOsdftLOZ-zho3Rhzcb_LG7DXDaAPkV1vSz-1ZUjkCbiZt2px1NyzoEI6KZbFgnVSYQvdHUWOIhzDV-_0INscVX-q3m_R-O3tl13v64bZdzUOMMBq_G54bnIxJBfVswjYmgfpmcAqzWBThIWjrfYTM97Nc6mMvsPposm2BUxIyes8YllgU2f7JXOJJIEOxy6VG&sai=AMfl-YRNoMJHJMA2Qh1c4iCZ23xY-HMDa1rNwC-WPfR2ArJM7b_jQYcKhX0eU9qcZ-NYd6U3VWyE7xNohdtlS6_vp0gab7w_jrWlLubeynfYGKJOtqMKEqjyZ4vxhQTgMsM1LWtC82nHXKHbeDnKqP3THm23EKqLOMrFdlYreV2hbscUootiNvJeZGXrHmWH5gM3EY5CfwVk9jhNkakxhApFh7kql_SqRM4KYJOqx7E4TscJCyS5kdfXLiQGxiA9SDSa2WWD&sig=Cg0ArKJSzEJCL9IzNze0EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=135&cbvp=1&cstd=133&cisv=r20231206.77759&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 08 Dec 2023 13:05:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 289E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPvCGgPrO5O7vGpboK7uQDU&google_push=AXcoOmQFDcv4hbADZe30ZOq7vCiueGqeasyiC9hfjs9Mo05TvcEy_uH60P...

170 B
188 B

34ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPvCGgPrO5O7vGpboK7uQDU&google_push=AXcoOmQFDcv4hbADZe30ZOq7vCiueGqeasyiC9hfjs9Mo05TvcEy_uH60POH5eiO0S7G5kWNe4Wz83qSsVrL1r0KLESmq9PUy0q6Og

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cph2320025-CPH
pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1702040731.149600,VS0,VE96
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPvCGgPrO5O7vGpboK7uQDU&google_push=AXcoOmQFDcv4hbADZe30ZOq7vCiueGqeasyiC9hfjs9Mo05TvcEy_uH60POH5eiO0S7G5kWNe4Wz83qSsVrL1r0KLESmq9PUy0q6Og
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 289E 0
173 B 99ms
33ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBFbsfgQTXlCPt10QzlA06k&google_cver=1&google_push=AXcoOmQ3lMlg_C5bfUE8MiT9jkj2Xs3PAepqgo4HhVMGMAjlRb_h6DRBBogRXoS3eMDlZSCprFXLc8a6hhAKgixmPWoFE0raI6WyxA
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 289E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECqo-GhB-js_xASuqfleiA0&google_cver=1&google_push=AXcoOmRoEst8HGbzVJ6H_BKnMfKcrrxtjY2nDv_C1Z6zGByHb3hRa8VTIsM5BjOcemEOeg4SKqpGlEomvT-SXE...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDIwOTI3NjEwNzk0NjEzOQ%3D%3D&google_push=AXcoOmRoEst8HGbzVJ6H_BKnMfKcrrxtjY2nDv_C1Z6zGByHb3hRa8VTIsM5BjOcemEOeg4SKqpGlEomvT-SXET-Ka...

170 B
188 B

38ms
37ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDIwOTI3NjEwNzk0NjEzOQ%3D%3D&google_push=AXcoOmRoEst8HGbzVJ6H_BKnMfKcrrxtjY2nDv_C1Z6zGByHb3hRa8VTIsM5BjOcemEOeg4SKqpGlEomvT-SXET-KaImZErP1bPjiA

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDIwOTI3NjEwNzk0NjEzOQ%3D%3D&google_push=AXcoOmRoEst8HGbzVJ6H_BKnMfKcrrxtjY2nDv_C1Z6zGByHb3hRa8VTIsM5BjOcemEOeg4SKqpGlEomvT-SXET-KaImZErP1bPjiA
Date: Fri, 08 Dec 2023 13:05:31 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 289E 0
166 B 127ms
35ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENFKPQPck0E8JBhqxgYuGis&google_cver=1&google_push=AXcoOmRXKHJEaU3CDR4rKp-2kV792cg55GxJ827kPCaIkK5RgBj1V6dTGsG95HQF1wZY2HVXO5HP60106KHQ4bzhJRAU0ULluoLDjg
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 08 Dec 2023 13:05:30 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 289E
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAnV8puUNoVCTjKIgrwcjuw&google_cver=1&google_push=AXcoOmTiH6v999V2HWb3xeqOZ2qodESDlZAyChQYbEt0RuT1KzE0snhaAToZ4O2tIElX5p0zzzJtwl6lZzLM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTiH6v999V2HWb3xeqOZ2qodESDlZAyChQYbEt0RuT1KzE0snhaAToZ4O2tIElX5p0zzzJtwl6lZzLMWuG9FVS-aaqoVPBX

170 B
188 B

34ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTiH6v999V2HWb3xeqOZ2qodESDlZAyChQYbEt0RuT1KzE0snhaAToZ4O2tIElX5p0zzzJtwl6lZzLMWuG9FVS-aaqoVPBX

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTiH6v999V2HWb3xeqOZ2qodESDlZAyChQYbEt0RuT1KzE0snhaAToZ4O2tIElX5p0zzzJtwl6lZzLMWuG9FVS-aaqoVPBX
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 289E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRpXGq2Eb0wPKEfN3lHV7SpfT9mwjoyha2YamGiC4-2c4JESNbEBS_-IBL-JVSubtpkzi7NP7qwBHR1YrxX100V2EAW2O88OA&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-6c1845b1-96cd-456d-8172-8e84b920dd48-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRpXGq2Eb0wPKEfN3lHV...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRpXGq2Eb0wPKEfN3lHV7SpfT9mwjoyha2YamGiC4-2c4JESNbEBS_-IBL-JVSubtpkzi7NP7qwBHR1YrxX100V2EAW2O88OA&google_hm=A2wYRbGWzUVtgXKOhLkg3Ug

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRpXGq2Eb0wPKEfN3lHV7SpfT9mwjoyha2YamGiC4-2c4JESNbEBS_-IBL-JVSubtpkzi7NP7qwBHR1YrxX100V2EAW2O88OA&google_hm=A2wYRbGWzUVtgXKOhLkg3Ug

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRpXGq2Eb0wPKEfN3lHV7SpfT9mwjoyha2YamGiC4-2c4JESNbEBS_-IBL-JVSubtpkzi7NP7qwBHR1YrxX100V2EAW2O88OA&google_hm=A2wYRbGWzUVtgXKOhLkg3Ug
date: Fri, 08 Dec 2023 13:05:31 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX6c1845b196cd456d81728e84b920dd48003
content-type: text/html

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 289E 43 B
145 B 59ms
24ms Image
image/gif 3.123.203.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEO8-BWL_Wu1GEZscJMBXLJg&google_cver=1&google_push=AXcoOmSZ8qN126VnNPnqE8CYTgG5ZnPinC5w1yzUFlo5kxEJGOuY-xoSzSHzhXLZh_PzQtjgxrvagimR60-P99EXgLHmbg0RRK0mPA
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.203.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-203-242.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 289E 0
12 B 29ms
29ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JtE3qo-SqwFxwHSboFc3VRn2fKQlhFgxEwvDmE7h2Hh-4o8GfvlXmSmT09rmPJsP7apiuKXw

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/ Frame A9C1 99 KB
22 KB 59ms
24ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

642b0656152fe1742b27d15fa5f55838a4a67c35548cb5dfa33c03e5020bd222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 360667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22078
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 08:54:24 GMT
expires: Tue, 03 Dec 2024 08:54:24 GMT
last-modified: Fri, 01 Dec 2023 16:52:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0ACB 0
0 131ms
70ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8dlni0Tm1sHwJFVQSy7PT3hrGrlClDEngG1pERWgK-GAnqqx3VLVILNbOyI4_JORJoxhvYvIGmIVM9TPlVtcDOuui-jQGHJ4ZRabw9NnMmamC2LdX0b_D-kzSvSX9Bj02hgrVQXakBJBiA0PZDCwUxsg3DCArCey0GhBhMFh5RYoDTc8wYyHN-6SIikACHf4ymBBzRizl0FE4SXNk8VPNiTGWHSFgiFUwppESSWaCjcsOOElfQVHjzYMAQBrK-JKttjb0Dq_8xguLpijySckxmadGDu7aymmGbX-iNYFC_B-xYvIz431IBkuwAb4nyqYFdFyl9QZE3ykEtpUgPEvbK0phkyljQJC5XHGaNaa6KxcmXG-gdPXrt7B1M4jCrYSYAAJLYinARHXh7xRTsIqkDVqIStdOtN1-aLExwED_M-ovYtWvSn1rGNgtEzY2Swub03QVkQaLYsHp3C6lx2NO_gQNXngh1ntBSBoOPhLggzZxtCfGTc_MM_Omfv_Tv8LXxOj62LZ8I9G34Btdq8Hwq6GCFMxMVY4I_XXQizVnq5VxrcV1RncQk3uDf6biRw_5Ew_UI9i_64niAaOs-3mpXpGEhUsHPII3AWO8K7HG4yg9M274HLWEutC4NIrMooA7mrKWFtSGsw4NZ2_y8lwbVDEjP3PGst--NV8uClN1w4LRQyRrEYl4hEu31nUSbL_kzFkATONhw3qo6cIfkAqk7BzUDjuUlvJQUkhh3SYkk8QlAM9QkTdyBendxYkqOzfvID30AoSU9zf3NvmjQGHR7YZL2jckAWkIOMTzWc_nRfpqU_nYc9BTzz3CWLaWClWrssntFIJ5E8hK1CkPupFviLCRBtj-62dpmZQz8kuEOf9i33R4STwUE4zZt2Dm63WyIIEIqvWpyhPTVorf1XkosdWtmFYCYFOlQQ_o0I06bSRkgeanJ1AI_rWf6Kx0oygaYE0rzgL2_jvKQoLin5-wvZyTtC9su2fPoQyex_8-iikho4zXIwD1URhc2yZ1uciYBuG0zRUrczWCz_MpTSe2DVUXshjfhpRDJZkqiZGcLk8uCp5HLgFTL9UP1vShH51hKneJvYPqB4PLdBv0s_czhfaS70bYQaV-bfKpKc6eIeoWhe-kVQfT3Qb32hzPQSK-Bi8Bb3HUO6gl3Kt80-GBf429R55g9J59DVZIMk_3TGx-xkccznCo-3HYJO1RyFuNXsQpjDs_8D2jXu7I3K9QYUIlMZICWHT7nW-GkUV8ns5LZ5KTEuPbsl1fnwS6MKp1FEGryMA8XvzAaJpTXD_3rnO3yGeL-xGRFlchjy0V94lT0McgTSuj4hgP0kdLC1JxDzQRqT5hMbL3un_zjS8WG7ZJ61pPd2hi7S9-B3bkmv90anFRxy4EpPSDpW0HXpz3DjC3KU9BoXCCHQqVunPKSWeZWbe-Vpn-gk_q5z0JFo-Q1SNkarKVk6mXPjsXawVUq9JX4P-K0MWf4G-7KRsceRwOEmrYpRjAY9ZthIPBtKOI2qwI7Jtnnq_XTg&sai=AMfl-YScU21kXdLSKxshhUjikmsBzdBh8XQ5s6de_R_Ikct5K9XKCtUEGo2g4_z4KVKY8b49kiviUkAYEsb0KSdUTICP8wdQBPXtWuW9o1dfhK_4vu5oaaOd1pVSmCc_UDlgJkxVWXt0t-8R2R7g8QOdLT5ZVPyGJ8Ro45_SV4aceZG96-v8Z286bPC2HJ7TwnTbOUhazB-SmRaMYLwcYZYqosd6X07K3spFSafP9OEFC62ZPCjjolf2wfzU334jzkH16-2S-3J1ZfwWTfWjo4IGA8DtkBA8YA&sig=Cg0ArKJSzKkIpD9JM5KCEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=97&cbvp=1&cstd=96&cisv=r20231206.84719&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 08 Dec 2023 13:05:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 93656
tags.bluekai.com/site/ Frame 0ACB 62 B
575 B 418ms
306ms Image
image/gif 2.19.217.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D31152270&phint=crid%3D206526753&phint=pid%3D382462943
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.217.66 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-66.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 08 Dec 2023 13:05:31 GMT
content-length: 62
bk-server: 729
content-type: image/gif

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E80C 41 KB
14 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZNgiQolXPyMfbSXjId5hRjO5HUxpaMwpaSsaeLF5uTTeTfnVS7v3Z7jAF0OVEo8IsFGUGidaAxxBz7gqwCn1ejgkuSVqzloMWlqPe3cPqmnn-4G-DnF6e8WFfUap-34MbqRfbB_F2-L9v8ecMu9u5IJBCNyEk4IzsR1gfivUFRPgUHqs&cry=1&dbm_d=AKAmf-C-3hMX7S31bbUGwf9XA5-kGP4fgd5142PPugqmtPqD7qiNjnFpwj2bFmZa4VONC2ToFyA0knNZ19w388Bb4hLMvcOfGJrgVcSX31dWLIEpfEYDouqlM7nVYWthQI_dFaYLTQKci_cCy-4Wx8zQz8yyOQ5emaT5uMv8i_EtGXRYfIU9WReLwLsZ-wp54aXtpNcwgxCiLYJu30UgTHO0oegLA1ZX7_AL-V7Yy76Zn55UucGhn8bz-Pt8qDM-ZQ_W7cEpCbp4Ss2-qS41leHt5WEL8GSp1nKodjRPL-pAeSAyFwDjcR9jGwm9oV0ccbwgmctXsZcvrP_QkrK2j3fORXCnXTvMrfbpsJKbUZz9DQOGNNiyOCLyYAT3XJWhRsBiZuVueQKcCdFXmQMZaGOt1-NE-_4OAXv1aK3d6We91cCQf7VirxOKHc7qCT1dSP3-Gk4l3kwqXlmQRlL6d8I_5z-p6JN-NpBCpIfFnf2Um-t9dyAEpAsLE7jK5VMHf9mAO7GtckNonqBBworAn6Gmb6VFzxFTP-vil2sq850ykpj1MP6ELpJNMt6dpiD0S7moXLNGKn1maivO9dgSrb8jSV8NjNIuqKt3qxrfNOnRvFWjShpT1aYEvcjdX0BSKkj3AZBlWkZsktcsrddn3v0SIhzSsv-Y3zqrhWOWzBKyH1HVHVYJK6K4vBnJJS9oMcQUFoH2wZHJZ5vOBUQDOWrqMDiMXDNfYZsHHgh9ygVWI6AfwOwRxsAMgJ_lajAaoSCNGofUQdB0XceR0Yb5UrGNtDxwCDP44MapD9ecLO614rd5ZtPvb5N20JuqlfZIGWVpYTxc9josKkh5ddkqRmpImbm-XjHAQHgSJ4GSvOZPSInS2x1pgnprYsKcjJps1bDaOf0Rm71ltxsOu8d7EryXFppmeLACAhuietzYIZEh9O9b_PLa9hJHJbEA1isHCCcLP5LFvpm7WAyXcDOPzjkEDcdwko0xLCY_rG3Zx7uz7fXfJahAwON2CQFi4qCsiVmFqHVKNRnCxSbCZnXcjLbbhpZkaTT8igBtNF6BAJGpCgjECT7qSjp_uIhBKOTep8JGQlWON_79Bn-G2mM6m3AsSH5lgQRaeI4yoSJ5HgsUPbFa-7pb613j3ueAAv1sPgU6VXMiF8xLGCwwvCSs9B3te09kpIbH_xQ1-kLcyXfO_UOk03395p8t9Zdg06rbk1zHcLte7bQLWAVchxvY7JBb8HNtsHe0daCEPMmg_d06CfGT2TnLgxJx8NeCzrRPTOFrcO6BuXjczzIGrlDy35T0QGo4_4ISaZInA0OQqBKpPnq3CGN1wQe1TQVlCMrpLyXDrtKD72CWt12RK7KtcS9ul3eOQBgP2alDbLDdW8qhehLFgWUSyNwglczxpuxf0hkTZ4UtWVhTXsDzlFYsQJmopuiwS9eW-wD9toSbiX8meozieTlNcaJq2x1Bt27ZUNz2XRlZphy7kF8-am_BXDgEpIDXwf4jvkhlvf1Tnv6EVXKF6qNkYgfAyMhC5fBrF39lxX5xnTbk9SdulBHK5X467Nx9x9T1_NV69FgMRA_1d6HhOfJwj35dEbXN-uJZMRA0YMbMMZdEqWH62ud4DL4x1Y_a2-l1jHoi967qHBBLfJQ6tFvxKUj6aFcAQYWGDkw4rUPveOGPI2N3ubM9TQXFdFO1GdHoA3nG7HFr36721k49gn6MdYEXTIfgGm3pCe_wA2WrH9s-JLWTqKj_6vNGOrz1_cHQgP4PmjBk9F0KTeuFQhub2yfYbqXZJ-67qgQp1pPthXOUOmFhD5MVeMMdWvEj3QTPzLt9P0PYoBaSQucXLHOlQEksljTosGGpJwsqsl7NfVMhTPGDQDlj7wscBAB9euKRLx_tmKfI-vleqiP-3XFmk0uf-n_v6M8w-xa3sAjDy2taqjDpHmZPcKIGX-b1PEBHRMGBkbNgZvrk0cyOI8qDxAzdtWGOacWY16G934MnCNuu-qXPdG9z7Rh66EaoiJ20028PAxYqMrXIG409Wt446x02DCsyS4nmSI1iAMgRmhzzvqIfOiDOVfZRV5hYlYCBRrna5rD4MCetqmBxO3eFhLWthkyvzSpEHPI0X7_8oJ5sWTnTpGhDR-s2eEpXThD4bM1JxSfaYyWojXX4ci24bJ1hfbL0iZbt3dEwwYf3Q0f1JvcELqW-jUSkLGHoGWAOXSrXcOcpmWDfTsTYsJclGpwfASpMOGlfXZQrK8_lR-DIFpOywSNj3WtKi0VxayURZiqaKdfbVVNVeBLIrVJOLOHLUuESgYFJt786k2IKD61g8Fmz-FjRwBrrbJQ7FvaSq4DV73-Um-DXJzgsFCCUcHdsntyeb7LHF9vevvLPr3geGcLk_IgLGGPfxMsaodRRFBffuBnz6zoHCv2Sh_dtPsCM0f2zHxcpzhsf66bgVr4zwCRizR_cHwJjlT4HU6E2GzaHcSNekse7ErFk-rjCU_iQU9MPKACMoym1_qEitK2EOa5qjaMZIvWP2qI4PUl5sBw8JwI825AyWLFNOmCKM3oC7rTYkE4Jp6l4oMwGydA0Y9ZnWy9ZT6CzgBbxJr4cfOetYzN2IRlu4PHwNz7UrOr4B7IBy5nwtvXbO20k56o4njhO3jwqNG-gs1lhdfkJ1VIwMnz15giERhvfcekm-zLvi1SP8NLcc6Cxyy-FUmxINLR0zJK2pBH8JhXMNq67k6HCJUUdhLmGp-Ubqo4HXr0bmK01U7dzhkg6ZxPUFqoeZWukf-CNLhv4Sepj-XxIQFy1fKpjgn2JrpdWHubUAxNI1Vls3FBIn21cu5_KeI8XogbDJdeiTX1K-risvU9gzVUMBsBSzVffwMA1yN56MVulCJn8hH86hqusuv4JiggDFqeHKgWMS3YHs8QZlTKyBHlV_GpwxiTNGSA2fiLloJdw88INa9Bt5QWJ5gv_fOUnwoNFhRDzfL4sILOA_486qdyOOcSnmdWWaUvdijcM67gSmVEVo-ate-RNa0E5K3cKsVlre4xUOCHLT3lLbeu1jHf4vO3RuzPMcy3SlhaIA-SmW0NFx-gtTY7XryAeki8UQ9ZRBz7Mg_WMsZ7Nxsnm3SY_XihHC-hW-TiFYW7E5o8iB9BB4SSwsqoswPHMlpQrnHl5jjzsMHB_CJBH_3qWzf0vru1oQg63iwUe_6nWMoc3JjZd5kt7IKZEcWKnvNBHwnN36nZ4w_jl5bVGIe-B535xVtc-9B6T3f8v0BFI-hNS6kCN6svlPL8vHxP4UcSVLBdZOyMwgmzieCNXX7ylmOqp6e4M6ulStGcSagln8hKF4RfbaKCQrba5ui9N-vy3S4n8j94RngMQgpGqmGE_L2ygYI79u1yiBvB6F2bTu4ypuwSFWI8UQfNfQq4NLj5Y9QdjUrxIgtG7ZKYrfA7AVfGOPrAF2tZTDGDee7SNpaydkw0OheAGnovUH3b7k5Cmj70S9p8URrp0A1QGA-O138FjFNvyk-KPSPJZYZV3P9mS45bTwjYLr4cHwBUw7xK0uiB8xFkMT9NQmZ3hNmf6nvVW8AEBenMojC8eHNvA-NdEaHxByhk059ec8Hs7DijoFWpnXW6TGOZqqJKBKGCL_SE_akGuidDvqMcW15thEIV7vA4Gu43HKwCgYYQfEguOO109Oaq8vOchdpNy-yljhX7078oTEzfDINLdLVV5L-3El9-qNhYY6R4UR_GyoI44-xK3l96bak55KHMxmbFpri3F9ECtgpX4TDYsFeQkPC-c-JG7b35ETcsi15jWX8QQW7yO1mWa6QsFkmqls98lKO9VtrRH_oPB51ejRo58dz7QTc-Cbo02p1oASVFtZq9ubQn1KsKaSquNvD7eqUSJkQtl3MPuXYiCA843UQJ_hbmYA8BlXiW0h0mRt3O6rK2MYOlDtvfH99tUCCl0DRZkqzPbFMjDNLMGL3iA1mAMkXec4iSC8pH-dx-fUNgOI8JV-3zHX5kRGAQdnNZF47TmWPAx5QAcxPOaDI1wgDE8vf6IEWkubuMoYBFOzBNpTxCLE-tnbwSZkXHa3rWWhp8cYspar7i-gbvB8iEm6Sag1dbLrVaHdBgVnYlG850E3hXz6IMmNUFpxMS1qZE97detDTqozEaFrCryn1qv-z4LoP4&cid=CAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.theenemy.com.br%2F&ds=l&xdt=1&iif=1&cor=11083464243900895000&adk=2086295848&idt=261&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 586823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjA0MDczMDk5MjAyMwogIHNlcnZlcl9pcDogMTQ2NTIyNDkwCiAgcHJvY2Vzc19pZDogNzM5MTgxMjEzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame E80C 0
505 B 62ms
60ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjA0MDczMDk5MjAyMwogIHNlcnZlcl9pcDogMTQ2NTIyNDkwCiAgcHJvY2Vzc19pZDogNzM5MTgxMjEzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDgxOTI4MzkwMTg4NDY4NjI5MTIKZGVidWdfa2V5OiAyMTE2MDg3OTU4OTk4Mzg0NTg3CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wOCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTYwNDE2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTY5ODYKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xf4cbdbb8ea70e6e90000000000000000","13":"0xe172d6c0703af0c20000000000000000","14":"0xa59dcb1530a9695b0000000000000000","15":"0xe80c886ee81f3e6b0000000000000000"},"debug_key":"2116087958998384587","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"8192839018846862912"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame EB50 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 12:50:27 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BB29 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 12:50:27 GMT

GET
H/1.1 200
OK jf2y0amzcvu0 Show response
hal9000.redintelligence.net/zone/ Frame E80C 12 KB
4 KB 77ms
27ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1702040729707301&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChP2jmRRzZeWVK-jI9u8PzsaKmAum5b2gab2YnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0BseS_JfCxiWQTpuDhmT_C7jayXmG2ss8mO4qUmfdUZ5gvn29cC6G6BCMbnfIo17BfrwNDzA1Z3keYgErnHfxDOwZZqv_cthTQRLU814I_bhjPIh4Puh5-t2xasy6EtpJ9qUv9_KDejFPp5m5uIW0ZxS7WCl85KmcCQCi-6WkxL-9YCmnis2sWT8bJpgVzSQUuKtwCmqLg9iy3D33gDQ-DZ2E3Zk2D7uVLoPRkd_8sEK0AkJY-tms75gWBiC6ram7PfTHbGuCxixWINyzVyHsKvgQAnTo0Q3iIDrblTh8avpQbRhxskCYdiT-TlaCwXJbSvlxItW9rkpJ5hGS_95Dn1t3sJcLMRgpx3L1w3pZjtQRZlcWaq-5s-UYatCHmJ80kj_TksYa8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIs_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_0HA2NtHcoVX7uhLV5jjj21j-H9MA%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-C7OM3OfeljdYfA4HnHDxl3A0dyU9UplmtlHHpTHCr3zv40oL6UedijYBpy-aQ-QqUbS3N6UOu9LW0OwO7xy0Ovwbmnr4L4ND4JzVqI98tMzhm2j2athPNcys2iIgoMMAQt4YfJ4W1krd6iqGEPVicam51vsHh8x7rws88QinfERNIzni0%26cry%3D1%26dbm_d%3DAKAmf-B26y0DvVxGSOr59ScsJeQH5ZG55TSVMLbpI6sQR-knOuTQDnlDAVNIciy6RC1FxR2iWdbTfrAA4_uN2Nchy2r24nyHFuP-CJWG9QRKZfs8tFaMR3NdgC5q8YsZJ0x6yBGjGzIZcKPtpETSiRz6xUMxekUXQz0YSXsmMLPEAD01gfoAsloC5FvCw3-ljBbLbWK7Vr164VaSZ5lKxGBDtOZg73VZB2HSauJVheeoSHsCf1DupJHw9fbxWQKExrnKgHVwrhiysdUT8Ik6GOGtf3oSJront1iKbZE0ICE70eVkWSkIbtGG6J5FlqYBSoWfuvlK6v5WCiXBb5KDNtYXn98r_xqmA2YqKu9dnAwjqBq-LjFX4VxYtQZ1iHyY2pFUTtXDmc4g0hHBf0_TwAumkny3bHE7ovdNRxyaaLY3QGDeY2eMojrB7dBXjauIk3U1rQToexrygM3-Z_O8KfIS4BQCn0f_Qb26SLxJaBkMHpOfXCIwWZa-Ww9GUx3xeUO5kc50nVeoB_MA2C6qLQHhL36ZB9HZ7kpz1Gl2tDKLo6H9eW0cwLY%26adurl%3D
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: facd0e843bd613e7dc845069ce8af35bffdce4f31044c8ec87ca3e31c3fba127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4240
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4836 39 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 12:50:27 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame AE61 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 273246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:11:25 GMT
expires: Wed, 04 Dec 2024 09:11:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame A9C1 32 KB
11 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Dec 2023 19:43:44 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1E43 236 KB
63 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Dec 2023 13:05:31 GMT

GET
H3 200 roller-kwxx-300x250.js Show response
s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/ Frame 1E43 20 KB
4 KB 21ms
20ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/roller-kwxx-300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a6c60b8f725cd182a0a8119678751e8dfcd5f0c168865f6236101274f298bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4094
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:11:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 11:02:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D6E0 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BbP48mhRzZZXRL8eD1PIP85yr4A0AAAAAOAHgBAI&bg=!gIOlg8zNAAY3kmNgF5I7ADQBe5WfOHHqe2_loOT3cLG6ARYZBow0NahEeTe58kdt0fq8haROAsEMuQT9Rnx4OYJaoakrAgAAAGBSAAAAAmgBBwoATt2-_lgScywJ8xbxKC7ihddk75i1ZH2C89MpBv7azfnBOPzJxvizuJubWSo2FQSNnznT7Iu_cCfgRswtZZetCqgbto1vb1d0-Seqo8z47pkDQFaR71Rmk-IFDtFvPkqugNPW-MJow_yL3_iBHahjg2-4hautG853vOlRliWczOENNe46pKr1ZpsUhjJF5mY3mE9Bo2494z0xwpSLWs8UQ8OM8hzdmhPwFyYARaF6LlombyTaB_F_15EiCcxSV6Pe-6ovuqvg11PjNGybISGtucXoJkQEbICRkuyrDVb7_WhZZGYoSmn0hM9z_F7Pf_5hKCnBFr7Tj0XtgF-5lDT0RuL42Q5dkRoVu4vIDXCuj5dh4IuQ8G3SGNQmHd1VEhtbcgiEYaHc3sIgxXN3A63vwAJa8rUuTOu5l7rlVqdDvUuGs9gyrmFykP89enXzuy6Gc_yCdylYy4bZafqJFrmKjg6dtIBc39m-Fl19QKryYzjj2doOGtXWjqyDqsplm8BjWishvX2s8Bp-AQE4k8XAhnEciNO-3HqNQok_g5b3TXThPrmh0KobXX8JbToMFdM2JS0O7cvNbWMoJjg_wlTW1dWTOCM69XyEA3dYbqderXE8O1z-hEMRhgp9OXaGHafNM3Er9IPRFzOgZc7KlyLjPAKIDgNwThXLtoU_QGx69_RkS8GqClS2nTwC2pi3OvbE1jQV8uDOsHInnbOOE_e5FHtOnd_oKsMAok_ua2-zWchNysWv5Fgrn8z3_AzkoABug75aXe0H-EkykIhD64_bNki9d6KyonSyOaTKFXHCqnJrNjYoFSdxkT006iIdvRFiMOxh8fDhC4-ljAcdH_MF8dUbk_-0A9FEC_ozxGwswJY_BdfQ1ubd7UXxjVNWqEQ0ZC_AMaue3Rx4ufyRfMzDIJE2stQUYMmx7Ip5rPJPX72BFEX7uaQT6zk3YRP9FzL2h6C20pqPmIEz26IJQs_M6JZW9vIA4Kiz5h8q8oUUXPakyAZYjo30W29fxXhSkqAlvrpZRE9OEZ_u3x9F6wnAaDPFmw_JuR_Rltp_QFDTBNIak9GVGqJzMZywtbBfLxalS_UjQY_sesMk85NDe83s2hBUb0GfKVW5y6dgNe_Ga-7c1awCGJjkmzuHfmvFsdBlhsIRExJHFl0GfBjQR0ZsL1D56X34LGaNCiK93x1boTIEpw9GLTzKjHYl01pUEQrju2U

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request.php Show response
hal90007.redintelligence.net/ Frame E80C 4 KB
2 KB 164ms
103ms Script
application/x-javascript 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=403fc5e55c&subid=&uid=f1b7cc14988fcdcd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChP2jmRRzZeWVK-jI9u8PzsaKmAum5b2gab2YnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0BseS_JfCxiWQTpuDhmT_C7jayXmG2ss8mO4qUmfdUZ5gvn29cC6G6BCMbnfIo17BfrwNDzA1Z3keYgErnHfxDOwZZqv_cthTQRLU814I_bhjPIh4Puh5-t2xasy6EtpJ9qUv9_KDejFPp5m5uIW0ZxS7WCl85KmcCQCi-6WkxL-9YCmnis2sWT8bJpgVzSQUuKtwCmqLg9iy3D33gDQ-DZ2E3Zk2D7uVLoPRkd_8sEK0AkJY-tms75gWBiC6ram7PfTHbGuCxixWINyzVyHsKvgQAnTo0Q3iIDrblTh8avpQbRhxskCYdiT-TlaCwXJbSvlxItW9rkpJ5hGS_95Dn1t3sJcLMRgpx3L1w3pZjtQRZlcWaq-5s-UYatCHmJ80kj_TksYa8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIs_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_0HA2NtHcoVX7uhLV5jjj21j-H9MA%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-C7OM3OfeljdYfA4HnHDxl3A0dyU9UplmtlHHpTHCr3zv40oL6UedijYBpy-aQ-QqUbS3N6UOu9LW0OwO7xy0Ovwbmnr4L4ND4JzVqI98tMzhm2j2athPNcys2iIgoMMAQt4YfJ4W1krd6iqGEPVicam51vsHh8x7rws88QinfERNIzni0%26cry%3D1%26dbm_d%3DAKAmf-B26y0DvVxGSOr59ScsJeQH5ZG55TSVMLbpI6sQR-knOuTQDnlDAVNIciy6RC1FxR2iWdbTfrAA4_uN2Nchy2r24nyHFuP-CJWG9QRKZfs8tFaMR3NdgC5q8YsZJ0x6yBGjGzIZcKPtpETSiRz6xUMxekUXQz0YSXsmMLPEAD01gfoAsloC5FvCw3-ljBbLbWK7Vr164VaSZ5lKxGBDtOZg73VZB2HSauJVheeoSHsCf1DupJHw9fbxWQKExrnKgHVwrhiysdUT8Ik6GOGtf3oSJront1iKbZE0ICE70eVkWSkIbtGG6J5FlqYBSoWfuvlK6v5WCiXBb5KDNtYXn98r_xqmA2YqKu9dnAwjqBq-LjFX4VxYtQZ1iHyY2pFUTtXDmc4g0hHBf0_TwAumkny3bHE7ovdNRxyaaLY3QGDeY2eMojrB7dBXjauIk3U1rQToexrygM3-Z_O8KfIS4BQCn0f_Qb26SLxJaBkMHpOfXCIwWZa-Ww9GUx3xeUO5kc50nVeoB_MA2C6qLQHhL36ZB9HZ7kpz1Gl2tDKLo6H9eW0cwLY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=584645368429&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1702040729707301&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChP2jmRRzZeWVK-jI9u8PzsaKmAum5b2gab2YnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0BseS_JfCxiWQTpuDhmT_C7jayXmG2ss8mO4qUmfdUZ5gvn29cC6G6BCMbnfIo17BfrwNDzA1Z3keYgErnHfxDOwZZqv_cthTQRLU814I_bhjPIh4Puh5-t2xasy6EtpJ9qUv9_KDejFPp5m5uIW0ZxS7WCl85KmcCQCi-6WkxL-9YCmnis2sWT8bJpgVzSQUuKtwCmqLg9iy3D33gDQ-DZ2E3Zk2D7uVLoPRkd_8sEK0AkJY-tms75gWBiC6ram7PfTHbGuCxixWINyzVyHsKvgQAnTo0Q3iIDrblTh8avpQbRhxskCYdiT-TlaCwXJbSvlxItW9rkpJ5hGS_95Dn1t3sJcLMRgpx3L1w3pZjtQRZlcWaq-5s-UYatCHmJ80kj_TksYa8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIs_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_0HA2NtHcoVX7uhLV5jjj21j-H9MA%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-C7OM3OfeljdYfA4HnHDxl3A0dyU9UplmtlHHpTHCr3zv40oL6UedijYBpy-aQ-QqUbS3N6UOu9LW0OwO7xy0Ovwbmnr4L4ND4JzVqI98tMzhm2j2athPNcys2iIgoMMAQt4YfJ4W1krd6iqGEPVicam51vsHh8x7rws88QinfERNIzni0%26cry%3D1%26dbm_d%3DAKAmf-B26y0DvVxGSOr59ScsJeQH5ZG55TSVMLbpI6sQR-knOuTQDnlDAVNIciy6RC1FxR2iWdbTfrAA4_uN2Nchy2r24nyHFuP-CJWG9QRKZfs8tFaMR3NdgC5q8YsZJ0x6yBGjGzIZcKPtpETSiRz6xUMxekUXQz0YSXsmMLPEAD01gfoAsloC5FvCw3-ljBbLbWK7Vr164VaSZ5lKxGBDtOZg73VZB2HSauJVheeoSHsCf1DupJHw9fbxWQKExrnKgHVwrhiysdUT8Ik6GOGtf3oSJront1iKbZE0ICE70eVkWSkIbtGG6J5FlqYBSoWfuvlK6v5WCiXBb5KDNtYXn98r_xqmA2YqKu9dnAwjqBq-LjFX4VxYtQZ1iHyY2pFUTtXDmc4g0hHBf0_TwAumkny3bHE7ovdNRxyaaLY3QGDeY2eMojrB7dBXjauIk3U1rQToexrygM3-Z_O8KfIS4BQCn0f_Qb26SLxJaBkMHpOfXCIwWZa-Ww9GUx3xeUO5kc50nVeoB_MA2C6qLQHhL36ZB9HZ7kpz1Gl2tDKLo6H9eW0cwLY%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: fb1d315db976fcb0e9dcf2b6038b0e74c6ac5feea4d20e7ee23b10b224c239b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 13:05:31 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 60009900089143504444978012532007
Connection: close
Content-Length: 1352
Expires: Fri, 08 Dec 2023 13:05:31 +0100

GET
H2 200 main.19.8.464.js Show response
static.adsafeprotected.com/ Frame 0ACB 213 KB
66 KB 89ms
32ms Script
application/javascript 2600:9000:238d:1a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.464.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1863459/76904395/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014994355&ias_pubId=pub-1403787016703043&ias_chanId=1&ias_placementId=20821116200&bidurl=https://www.theenemy.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hwA36ZxKopAIZJSMp41tfl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:1a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:14:56 GMT
x-amz-version-id: UVhHGORh2DNEUMNNkt_WUa02s5tqiqCw
content-encoding: gzip
via: 1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 60636
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 07 Dec 2023 18:46:00 GMT
server: AmazonS3
etag: W/"abf69ba4c667ac44b2f9c28f5047f6bd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: fw-wHoX75UkkRrcbR8HI1vk0mVOhvE8Gext19NfXvgbdHvD0ubaCbQ==

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame AE61 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 12:50:27 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0ACB 0
0 61ms
61ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8dlni0Tm1sHwJFVQSy7PT3hrGrlClDEngG1pERWgK-GAnqqx3VLVILNbOyI4_JORJoxhvYvIGmIVM9TPlVtcDOuui-jQGHJ4ZRabw9NnMmamC2LdX0b_D-kzSvSX9Bj02hgrVQXakBJBiA0PZDCwUxsg3DCArCey0GhBhMFh5RYoDTc8wYyHN-6SIikACHf4ymBBzRizl0FE4SXNk8VPNiTGWHSFgiFUwppESSWaCjcsOOElfQVHjzYMAQBrK-JKttjb0Dq_8xguLpijySckxmadGDu7aymmGbX-iNYFC_B-xYvIz431IBkuwAb4nyqYFdFyl9QZE3ykEtpUgPEvbK0phkyljQJC5XHGaNaa6KxcmXG-gdPXrt7B1M4jCrYSYAAJLYinARHXh7xRTsIqkDVqIStdOtN1-aLExwED_M-ovYtWvSn1rGNgtEzY2Swub03QVkQaLYsHp3C6lx2NO_gQNXngh1ntBSBoOPhLggzZxtCfGTc_MM_Omfv_Tv8LXxOj62LZ8I9G34Btdq8Hwq6GCFMxMVY4I_XXQizVnq5VxrcV1RncQk3uDf6biRw_5Ew_UI9i_64niAaOs-3mpXpGEhUsHPII3AWO8K7HG4yg9M274HLWEutC4NIrMooA7mrKWFtSGsw4NZ2_y8lwbVDEjP3PGst--NV8uClN1w4LRQyRrEYl4hEu31nUSbL_kzFkATONhw3qo6cIfkAqk7BzUDjuUlvJQUkhh3SYkk8QlAM9QkTdyBendxYkqOzfvID30AoSU9zf3NvmjQGHR7YZL2jckAWkIOMTzWc_nRfpqU_nYc9BTzz3CWLaWClWrssntFIJ5E8hK1CkPupFviLCRBtj-62dpmZQz8kuEOf9i33R4STwUE4zZt2Dm63WyIIEIqvWpyhPTVorf1XkosdWtmFYCYFOlQQ_o0I06bSRkgeanJ1AI_rWf6Kx0oygaYE0rzgL2_jvKQoLin5-wvZyTtC9su2fPoQyex_8-iikho4zXIwD1URhc2yZ1uciYBuG0zRUrczWCz_MpTSe2DVUXshjfhpRDJZkqiZGcLk8uCp5HLgFTL9UP1vShH51hKneJvYPqB4PLdBv0s_czhfaS70bYQaV-bfKpKc6eIeoWhe-kVQfT3Qb32hzPQSK-Bi8Bb3HUO6gl3Kt80-GBf429R55g9J59DVZIMk_3TGx-xkccznCo-3HYJO1RyFuNXsQpjDs_8D2jXu7I3K9QYUIlMZICWHT7nW-GkUV8ns5LZ5KTEuPbsl1fnwS6MKp1FEGryMA8XvzAaJpTXD_3rnO3yGeL-xGRFlchjy0V94lT0McgTSuj4hgP0kdLC1JxDzQRqT5hMbL3un_zjS8WG7ZJ61pPd2hi7S9-B3bkmv90anFRxy4EpPSDpW0HXpz3DjC3KU9BoXCCHQqVunPKSWeZWbe-Vpn-gk_q5z0JFo-Q1SNkarKVk6mXPjsXawVUq9JX4P-K0MWf4G-7KRsceRwOEmrYpRjAY9ZthIPBtKOI2qwI7Jtnnq_XTg&sai=AMfl-YScU21kXdLSKxshhUjikmsBzdBh8XQ5s6de_R_Ikct5K9XKCtUEGo2g4_z4KVKY8b49kiviUkAYEsb0KSdUTICP8wdQBPXtWuW9o1dfhK_4vu5oaaOd1pVSmCc_UDlgJkxVWXt0t-8R2R7g8QOdLT5ZVPyGJ8Ro45_SV4aceZG96-v8Z286bPC2HJ7TwnTbOUhazB-SmRaMYLwcYZYqosd6X07K3spFSafP9OEFC62ZPCjjolf2wfzU334jzkH16-2S-3J1ZfwWTfWjo4IGA8DtkBA8YA&sig=Cg0ArKJSzKkIpD9JM5KCEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=250&vt=11&dtpt=153&dett=3&cstd=96&cisv=r20231206.84719&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 bg250.png
s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/images/ Frame 1E43 18 KB
18 KB 21ms
20ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/images/bg250.png

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72bbd78ce1b13b432a0d741356d19c0130ff245402e430d8a677db7339ac5cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:51:09 GMT
x-content-type-options: nosniff
age: 234862
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18552
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:11:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 19:51:09 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 548D 0
0 63ms
62ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrk3qB__9yLbpZhK4d0TwtIuu8dKb7ufhDjeByqyHypvd5yiUZrFanQ2yQYxahTy7d0GrEhDEAd1zjIlpf1SB8T0D2uQ9fXp3DsV33Ly-CHZ42d4tLXuWvk1u4BkqVkm_kvRdYjVC0gOxCtB33APGx0UGyhxuWa8bXX6JyJnyNC03d2Th17HqNN5u_f15UAV7PT88SShEwN7CR7bqFH5k8bUsc9uWDRRdMzYvPJ7xX13k0O69qvI0UaKAuiT1RbOrodEE7ydfBDH2Vfu390F44NWeg-IrpEPICTax2bodQbzeZIL2kq7olHAc7vznRejT0n9UP3816kG_1mFHypwmyQ5QlMfHYVqYtubNBtm7ArK8HKABTGcCy4LBm4JoHTOmCzL3GPXyh2maS2TTnkx9M2MwnQDYoYz5LQcx2yU0PwIaZTUWx2xSgoBtPN5AEyNtJW-NHZislOkS2VE_SIZ5B2HVXZeM-XS68Zrv9WeuHdHECyRc0AaHwDQlvMCqPJ4qThjk37HrI2t20KIEPX_6lJFQeFwKRPTBC-qhlGuKTEl7JuDh7VPuhJWrdJe2XA9qGgsJW-ncxRMki9q3PzziA28KHq7kOU4H1TxhxZab6EEMD9ZE-54014AoTmmBxAqty4E2Tjlw04Iiw5O2jfsoRDcgu_sTokRqjQQ3cxN9Hv6enjCAcdsnGpRiJeINEvQkziXglcfBIk_suo2bUvtq8zJ8XCiBaEZmfGw5Uz1lcE0ktDtDRB_DeXbRX9HLUeSsf2H2WyrgpkVVT3bBT2fs7RwhhK-vaBzJ93lHbAOZ-53zbrARqfxLcJV3D0QvPwEzRgrIKoY-qY2zsRRl9Ye1a91GykI_sgyh8k8j4aC3Bwp_3qw2FMD94dMZclF85a8WDT1wl79_9duF8PmXCJ7wvqhJyd7X-lDd9m_Y7Z5CKdU8Hyu_0GoG58OKYX-gLhtiD3iTdLeLRFwEfYikkdJRbtG1LH5oWBUnBeWgkKaq9wwR0z-aDsJxoEtUlWwKp2omA0oVr6Z8XLAD07F2IN0fTuFRIwqTTxP2LoSkUfamWY6qpm7r-DiSnBATWN32LROm5Hn8V0Vmr3kK_Y1uIzz6b6JllXT3d0I1FSrDNzwpvSyGae3MUJiXXucLY698b0kuLrurhWgo2D22duujJ_UDaPcxY_lT3L2U4PCuZ2JSqW89R1-nWWcEF77hIGbCNaMlA4uofOJGkVe5TvCdc5g4xyVjOuwUyonrCWl1iagCvyr1r2Zey0UnaqOnOsdftLOZ-zho3Rhzcb_LG7DXDaAPkV1vSz-1ZUjkCbiZt2px1NyzoEI6KZbFgnVSYQvdHUWOIhzDV-_0INscVX-q3m_R-O3tl13v64bZdzUOMMBq_G54bnIxJBfVswjYmgfpmcAqzWBThIWjrfYTM97Nc6mMvsPposm2BUxIyes8YllgU2f7JXOJJIEOxy6VG&sai=AMfl-YRNoMJHJMA2Qh1c4iCZ23xY-HMDa1rNwC-WPfR2ArJM7b_jQYcKhX0eU9qcZ-NYd6U3VWyE7xNohdtlS6_vp0gab7w_jrWlLubeynfYGKJOtqMKEqjyZ4vxhQTgMsM1LWtC82nHXKHbeDnKqP3THm23EKqLOMrFdlYreV2hbscUootiNvJeZGXrHmWH5gM3EY5CfwVk9jhNkakxhApFh7kql_SqRM4KYJOqx7E4TscJCyS5kdfXLiQGxiA9SDSa2WWD&sig=Cg0ArKJSzEJCL9IzNze0EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=315&vt=11&dtpt=180&dett=3&cstd=133&cisv=r20231206.77759&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 MM_Logo.png
s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/ Frame A9C1 8 KB
8 KB 26ms
25ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/MM_Logo.png

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a322175037694dac9c20b39d5f8a02337fa32be41bbb463fab6e5bf0b83b46ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:41:39 GMT
x-content-type-options: nosniff
age: 235432
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7948
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 16:52:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 19:41:39 GMT

GET
H3 200 SA_Logo.png
s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/ Frame A9C1 7 KB
7 KB 27ms
26ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/SA_Logo.png

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

489c2a643d355debe11f418da8e8c9486533049c9117c8d43d21d7d71f22b1ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:31:00 GMT
x-content-type-options: nosniff
age: 5671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6709
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 16:52:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:31:00 GMT

GET
H3 200 KV.png
s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/ Frame A9C1 5 KB
5 KB 25ms
24ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/KV.png

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ddd980644cbcd502ee2ba89217e2d557c3c75e61bc767598b3d451190403c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:52:10 GMT
x-content-type-options: nosniff
age: 306801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5054
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 16:52:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 23:52:10 GMT

GET
H3 200 Blackpatch.png
s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/ Frame A9C1 3 KB
3 KB 36ms
36ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/Blackpatch.png

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7029a96cd5d13c23d6473e830de036a53c191fb7b7967e85add865a613647d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:44:47 GMT
x-content-type-options: nosniff
age: 310844
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2574
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 16:52:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:44:47 GMT

GET
H3 200 Visual2.png
s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/ Frame A9C1 10 KB
10 KB 35ms
35ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/Visual2.png

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f2da3e5c0a3f72f874123e17509cb6aed8d3c2e03b9e1f9952ef3a7845616cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:44:47 GMT
x-content-type-options: nosniff
age: 310844
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10159
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 16:52:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:44:47 GMT

GET
H3 200 Prod.png
s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/ Frame A9C1 5 KB
5 KB 34ms
33ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/Prod.png

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f229058c250e2b3270ffd67d3b907236e760e502f06fc665eb455d1365922f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:40:09 GMT
x-content-type-options: nosniff
age: 5122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5325
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 16:52:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:40:09 GMT

GET
H3 200 Prise.png
s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/ Frame A9C1 2 KB
2 KB 34ms
34ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/Prise.png

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8765df0e719eacb870b74b6ac116870e48885a91082957b79d89cf0beac52e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:54:33 GMT
x-content-type-options: nosniff
age: 360658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2062
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 16:52:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 08:54:33 GMT

GET
H3 200 CTA.png
s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/ Frame A9C1 1 KB
1 KB 29ms
28ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/CTA.png

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

700c5217840eb7f1cccc8f8baae216fe6ffdb92eeee3081162cda5c7bc11834a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4644134146549435785/300x250/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:30:45 GMT
x-content-type-options: nosniff
age: 5686
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1123
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 16:52:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:30:45 GMT

GET
H2 200 e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame FD14 0
326 B 575ms
34ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=55692500086365404444990012532009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=f06f2ec8b4&subid=&uid=ebce8839f517614c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu8lwmRRzZd2VK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0AyIJtCtVB9Qjwu-p29_Nhj27pBXHosV7PGRZy9idDqnDfvaJA_VDXNB4GTuRB6KaJsxx0Vx6fBu1iZ958YXbWLWJsFmOfPIz9QHuZ6YSFKqD29ADQXRrbxFzx2kpWV6fdqnR4PzWIrr5OJYoC-ofwDNEzz7Z27Jg7ATAVGMkwPERfd2bTEZdlA78dG9pheilHb7lZfzxLN6IZO53T7nomVabl3hM9xHi27GoakNED-h7MJBJAjQagZ8j-y-PTmaigkXNXmiOjivzL0BXGpFG1CxSPipKwVYhqCajqKKmQudcEdj6zMuHkHy-rJ61tqqYuera_B3v_P1z2eP1xBV3ZQaT-leDRaWcc_HyRwuNXF5e14argBSOe0S-IT4SYaE_-5zhZRX0cAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIp_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_05Y94UlYrgkMStRBv1neiKUbc5Ng%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BEG6qTYIrbVp8y9ujXFbM1y5r-4TnLlz0Nfznoqih2VM0jJDizwNFya05cXtYgl994oYC1n9eGt5mzyoJknrP5GSv-0LRK6zxv75ss5bGZ25jL3eYwYmtLC3ryGbaJg5IAiTnc4UDvX7jop2R9SRzojR_BUzaI1HYBOARJEXsOTY9yZqU%26cry%3D1%26dbm_d%3DAKAmf-DS2ggjLYJnSI3UDBbmtXg3BbTcfhVgS4rr9kuf40eIedeIxo6_55JUsmiKk9rARSF-1b9X2yO_-NSn1VGMEs_R4FVO0-LDOz9j5y2FYCQOzI9HFeslmbcyPwNAMK2fDefREYup_I0CT7vzp5mu00wvqRs3Vm-nMUWRifz1WwumweeQJqUGsgKye0G1nEB1UldwFeWd2gSeJPJJ7TMY6dLJ5iq40z1FsO5kV0G-OTQaJwcQoeCDekGp1Wnpmds-v9705Xk-VzrQiYudpSOx5mq3oyI1zovW4sLoa4CLuHdY7aDzGsbf2nMVt4Rx87QBsUEsN6XiuAca23mcsrPdh-4pHGHjo_u7LOqtXJZuR1XXvnMKTSvUkMOu0qy2qwOzMeuLMK52D8PE5C_whXCbRDT2TZoaHm6kN3bF8XT-BqE6Yx2akZ7DDM-eXJRm5wutfYMO5gNNrGzveLO41-6in87mUktyYDHf5ED_s47LLD903tsq9Op3Tv9_aKaMmGiBOM0t0bTYHS3zkbbLSJ-agQ7EWGEtCIrKdZXbNfnXK7RfiEw8SY4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=2973323777324&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Fri, 08 Dec 2023 13:05:31 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame E236 930 B
923 B 69ms
19ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=f06f2ec8b4&subid=&uid=ebce8839f517614c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu8lwmRRzZd2VK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0AyIJtCtVB9Qjwu-p29_Nhj27pBXHosV7PGRZy9idDqnDfvaJA_VDXNB4GTuRB6KaJsxx0Vx6fBu1iZ958YXbWLWJsFmOfPIz9QHuZ6YSFKqD29ADQXRrbxFzx2kpWV6fdqnR4PzWIrr5OJYoC-ofwDNEzz7Z27Jg7ATAVGMkwPERfd2bTEZdlA78dG9pheilHb7lZfzxLN6IZO53T7nomVabl3hM9xHi27GoakNED-h7MJBJAjQagZ8j-y-PTmaigkXNXmiOjivzL0BXGpFG1CxSPipKwVYhqCajqKKmQudcEdj6zMuHkHy-rJ61tqqYuera_B3v_P1z2eP1xBV3ZQaT-leDRaWcc_HyRwuNXF5e14argBSOe0S-IT4SYaE_-5zhZRX0cAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIp_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_05Y94UlYrgkMStRBv1neiKUbc5Ng%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BEG6qTYIrbVp8y9ujXFbM1y5r-4TnLlz0Nfznoqih2VM0jJDizwNFya05cXtYgl994oYC1n9eGt5mzyoJknrP5GSv-0LRK6zxv75ss5bGZ25jL3eYwYmtLC3ryGbaJg5IAiTnc4UDvX7jop2R9SRzojR_BUzaI1HYBOARJEXsOTY9yZqU%26cry%3D1%26dbm_d%3DAKAmf-DS2ggjLYJnSI3UDBbmtXg3BbTcfhVgS4rr9kuf40eIedeIxo6_55JUsmiKk9rARSF-1b9X2yO_-NSn1VGMEs_R4FVO0-LDOz9j5y2FYCQOzI9HFeslmbcyPwNAMK2fDefREYup_I0CT7vzp5mu00wvqRs3Vm-nMUWRifz1WwumweeQJqUGsgKye0G1nEB1UldwFeWd2gSeJPJJ7TMY6dLJ5iq40z1FsO5kV0G-OTQaJwcQoeCDekGp1Wnpmds-v9705Xk-VzrQiYudpSOx5mq3oyI1zovW4sLoa4CLuHdY7aDzGsbf2nMVt4Rx87QBsUEsN6XiuAca23mcsrPdh-4pHGHjo_u7LOqtXJZuR1XXvnMKTSvUkMOu0qy2qwOzMeuLMK52D8PE5C_whXCbRDT2TZoaHm6kN3bF8XT-BqE6Yx2akZ7DDM-eXJRm5wutfYMO5gNNrGzveLO41-6in87mUktyYDHf5ED_s47LLD903tsq9Op3Tv9_aKaMmGiBOM0t0bTYHS3zkbbLSJ-agQ7EWGEtCIrKdZXbNfnXK7RfiEw8SY4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=2973323777324&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 08 Dec 2023 13:05:31 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 15 Dec 2023 13:05:31 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame 024D
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=55692500086365404444990012532009&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3371125725

350 B
400 B

97ms
33ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3371125725
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=f06f2ec8b4&subid=&uid=ebce8839f517614c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu8lwmRRzZd2VK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0AyIJtCtVB9Qjwu-p29_Nhj27pBXHosV7PGRZy9idDqnDfvaJA_VDXNB4GTuRB6KaJsxx0Vx6fBu1iZ958YXbWLWJsFmOfPIz9QHuZ6YSFKqD29ADQXRrbxFzx2kpWV6fdqnR4PzWIrr5OJYoC-ofwDNEzz7Z27Jg7ATAVGMkwPERfd2bTEZdlA78dG9pheilHb7lZfzxLN6IZO53T7nomVabl3hM9xHi27GoakNED-h7MJBJAjQagZ8j-y-PTmaigkXNXmiOjivzL0BXGpFG1CxSPipKwVYhqCajqKKmQudcEdj6zMuHkHy-rJ61tqqYuera_B3v_P1z2eP1xBV3ZQaT-leDRaWcc_HyRwuNXF5e14argBSOe0S-IT4SYaE_-5zhZRX0cAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIp_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_05Y94UlYrgkMStRBv1neiKUbc5Ng%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BEG6qTYIrbVp8y9ujXFbM1y5r-4TnLlz0Nfznoqih2VM0jJDizwNFya05cXtYgl994oYC1n9eGt5mzyoJknrP5GSv-0LRK6zxv75ss5bGZ25jL3eYwYmtLC3ryGbaJg5IAiTnc4UDvX7jop2R9SRzojR_BUzaI1HYBOARJEXsOTY9yZqU%26cry%3D1%26dbm_d%3DAKAmf-DS2ggjLYJnSI3UDBbmtXg3BbTcfhVgS4rr9kuf40eIedeIxo6_55JUsmiKk9rARSF-1b9X2yO_-NSn1VGMEs_R4FVO0-LDOz9j5y2FYCQOzI9HFeslmbcyPwNAMK2fDefREYup_I0CT7vzp5mu00wvqRs3Vm-nMUWRifz1WwumweeQJqUGsgKye0G1nEB1UldwFeWd2gSeJPJJ7TMY6dLJ5iq40z1FsO5kV0G-OTQaJwcQoeCDekGp1Wnpmds-v9705Xk-VzrQiYudpSOx5mq3oyI1zovW4sLoa4CLuHdY7aDzGsbf2nMVt4Rx87QBsUEsN6XiuAca23mcsrPdh-4pHGHjo_u7LOqtXJZuR1XXvnMKTSvUkMOu0qy2qwOzMeuLMK52D8PE5C_whXCbRDT2TZoaHm6kN3bF8XT-BqE6Yx2akZ7DDM-eXJRm5wutfYMO5gNNrGzveLO41-6in87mUktyYDHf5ED_s47LLD903tsq9Op3Tv9_aKaMmGiBOM0t0bTYHS3zkbbLSJ-agQ7EWGEtCIrKdZXbNfnXK7RfiEw8SY4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=2973323777324&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 08 Dec 2023 13:05:31 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3371125725
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 219F 2 KB
2 KB 205ms
95ms Script
text/html 3.11.198.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=55692500086365404444990012532009&nw=1
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.198.160 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e32d6c408b9c03d9470996287d30f755377520b42665c0a332cdd41777d3a41e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
last-modified: Fri, 08 Dec 2023 13:05:31 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 08 Dec 2023 13:06:31 GMT

GET
H2

200

activityi;dc_pre=CJ-4v-nz_4IDFbDHOwIdqmMNUg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9700838007636.314 Show response
5994599.fls.doubleclick.net/ Frame 3B91
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9700838007636.314?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ-4v-nz_4IDFbDHOwIdqmMNUg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9700838007636.314?

391 B
286 B

67ms
66ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ-4v-nz_4IDFbDHOwIdqmMNUg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9700838007636.314?

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

a8ac86a5ec73587741d8de5ac8d3e8e349902f5efc68e5ba1608e0688f576457

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:31 GMT
expires: Fri, 08 Dec 2023 13:05:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ-4v-nz_4IDFbDHOwIdqmMNUg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9700838007636.314?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90009.redintelligence.net/ Frame BF39 7 KB
3 KB 72ms
25ms Document
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request_content.php?s=55692500086365404444990012532009&a=a021c2a0
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=f06f2ec8b4&subid=&uid=ebce8839f517614c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu8lwmRRzZd2VK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0AyIJtCtVB9Qjwu-p29_Nhj27pBXHosV7PGRZy9idDqnDfvaJA_VDXNB4GTuRB6KaJsxx0Vx6fBu1iZ958YXbWLWJsFmOfPIz9QHuZ6YSFKqD29ADQXRrbxFzx2kpWV6fdqnR4PzWIrr5OJYoC-ofwDNEzz7Z27Jg7ATAVGMkwPERfd2bTEZdlA78dG9pheilHb7lZfzxLN6IZO53T7nomVabl3hM9xHi27GoakNED-h7MJBJAjQagZ8j-y-PTmaigkXNXmiOjivzL0BXGpFG1CxSPipKwVYhqCajqKKmQudcEdj6zMuHkHy-rJ61tqqYuera_B3v_P1z2eP1xBV3ZQaT-leDRaWcc_HyRwuNXF5e14argBSOe0S-IT4SYaE_-5zhZRX0cAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIp_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_05Y94UlYrgkMStRBv1neiKUbc5Ng%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BEG6qTYIrbVp8y9ujXFbM1y5r-4TnLlz0Nfznoqih2VM0jJDizwNFya05cXtYgl994oYC1n9eGt5mzyoJknrP5GSv-0LRK6zxv75ss5bGZ25jL3eYwYmtLC3ryGbaJg5IAiTnc4UDvX7jop2R9SRzojR_BUzaI1HYBOARJEXsOTY9yZqU%26cry%3D1%26dbm_d%3DAKAmf-DS2ggjLYJnSI3UDBbmtXg3BbTcfhVgS4rr9kuf40eIedeIxo6_55JUsmiKk9rARSF-1b9X2yO_-NSn1VGMEs_R4FVO0-LDOz9j5y2FYCQOzI9HFeslmbcyPwNAMK2fDefREYup_I0CT7vzp5mu00wvqRs3Vm-nMUWRifz1WwumweeQJqUGsgKye0G1nEB1UldwFeWd2gSeJPJJ7TMY6dLJ5iq40z1FsO5kV0G-OTQaJwcQoeCDekGp1Wnpmds-v9705Xk-VzrQiYudpSOx5mq3oyI1zovW4sLoa4CLuHdY7aDzGsbf2nMVt4Rx87QBsUEsN6XiuAca23mcsrPdh-4pHGHjo_u7LOqtXJZuR1XXvnMKTSvUkMOu0qy2qwOzMeuLMK52D8PE5C_whXCbRDT2TZoaHm6kN3bF8XT-BqE6Yx2akZ7DDM-eXJRm5wutfYMO5gNNrGzveLO41-6in87mUktyYDHf5ED_s47LLD903tsq9Op3Tv9_aKaMmGiBOM0t0bTYHS3zkbbLSJ-agQ7EWGEtCIrKdZXbNfnXK7RfiEw8SY4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=2973323777324&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ab1034172dd3e18a2b5bde21648b85a2a846e0b6b84fa45aff5f8923b32c54ce

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2211
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Dec 2023 13:05:31 GMT
Expires: Fri, 08 Dec 2023 13:05:31 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 219F
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=55692500086365404444990012532009&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=55692500086365404444990012532009&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
360 B

469ms
36ms

Image
image/gif

91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=55692500086365404444990012532009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=55692500086365404444990012532009&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Fri, 08 Dec 2023 13:05:31 GMT
server: nginx
content-length: 138
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 219F 43 B
702 B 145ms
62ms Image
image/gif 23.199.221.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=55692500086365404444990012532009&pv=1

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.199.221.167 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-221-167.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 13:05:31 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 logo2dwhite.png
s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/images/ Frame 1E43 5 KB
5 KB 20ms
20ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/images/logo2dwhite.png

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43897b4750dad91cd470f62f0396b7e6513c2ad005f231d0ac756f7483a0438b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:45:13 GMT
x-content-type-options: nosniff
age: 148818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5587
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:11:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Dec 2024 19:45:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E1B4 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74841
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Fri, 08 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 219F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40dd265530d90f529fb8ee69cdb704b7bd91bd449470e3eafcffc45a7bc229d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB50 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5f4RmhRzZYOiM9DC7gPY64awAgAAAAA4AeAEAg&bg=!q6ilqOfNAAY3kmNgF5I7ADQBe5WfOPOJSrmRlXtbcsGz2eTY4l3kmwj5x_9SQs_XpnC36Mx3TSYNHsT3JiU3QYkr72J7AgAAAJNSAAAAAmgBB5kDRrFVjqszcMKN_Mq9omizyoIBjuWyh2pGsEvCgA9TDS383nKZHVotEffcmMOf5EyV-KchjK7Z2PT5QHjGnR5ROF20dA1Bx5NfKJotYW8mIRKJIN6UN_nGzrXj9BwXks6k1wKvtPooeAUmv9MbS37quybE8yOEGl0-CF8ZR_rpMCMYcM9WLU4dvbrsV028cWZVsxfMbm_gB1fO0vgscEJRX2zrFb-bUpW8Dg7rj5uO7Pk1LxfzIXiMmL_nDC7TpmZkbVVujAqnXGrzdtjxBErEscyEOrbLOdJA9dBAz-JsQjhkwG6Z2vWfl0Qz8M66579I0EsG8wO51X--UvTqMIPheQiW0R7QIrQPy1uJbCf9qfnMb4kH8FzdGNMH5skfNC-SY2ODy8EMA_EPnCrP2A1z_ABijBJFaEqJNlDUvswV1Aka8WJUTv_N22lR3wCb7bl_eWw3u33KDXYlYHcBvhfnX6KmTb8C4gBs0xPzl2qAMAVgiKXnRXHY8GzypIY8uzOEDZAsDqPuVmA4DVQm4jpu35TiVqd3Aw4QbDLuEznPqyz0YUgLiZZpDtAmFWwcfsd2OWQEDYrdpPCjJdfljrRkvr4EOcEfFmLLoO0hzC6EOQxWuU7VYF3AlMqRidTxhfWbpRSW-b1gARJfIB34WxFggpvKXl61hELjoIhxz-r8B7nIf84lsZfgrHkagzzUTfqIonl4hQz72OxUduYtc1gDIfYI5-P4aCMRtQJL8Dweevvs2N0_3HpPjqhcOg-Kd9cpmvUu3DU9iZ5GrOi7Gt-DAWuUB5PI0o2OleKM3K9rs8gXAUd_F47rYrz_ErSuOpOVUEc78bIF0aAhDpIAlaiTvQr2gjERkTGjveUeLvUstlV_zOy2-iF4OcQPFapEz_JzClvNIicUnjVznol0dhiXNrAKlfLwL2HAt4fspYk6Y8PHVuj0_a-RWL9M4-ZgyOz3a-JUX3NDWlB0R98fJd8Y98oAwHUq_5Qn6I_Dc5GzxLPDKIEm0CM6q_SS4n7vYdNKdGerjJhQgcK965D1b8R4mTI23XibNXQbGgZYvI9pM5vz_hjgL9OYu9q7PeB0kMQjCs_rXor0oj3pXoIMIyUfB8XgaWKYkME

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame B2AF 0
326 B 499ms
34ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=47445800082620104444990012532003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=820972cc0a&subid=&uid=0534883079166214&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-6-VmRRzZeCVK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0KtPNLZYKnAy7zj32f20epEqdVL5T_yAnkpCRfIYRh2LqiABMx4ho-bO7DQV4wRG3QrMdYKf373mSaw2WfYtDq1mjdahdwVMEemSrmJ0ItfJ1K9BHqEO0kkuBjLWlSzOLJSH7iPB3HgXaNf-UPv_I7Re7dnXKGk78uOgpLH9kRSTHa0Dtxtgh1eGgdsqYW-R2PA0Xu1Re8HWMn-v_hkek5XqLgGtLfz2hNecDNjctXT9FZiodPmZSUE40EsLzZuO9Jc2XSHKGfw5yiwFuGvbsEecIeDho3v8o09XnhUuFmnrMHftQMhkiwjr3upk6jR6fTd_j54cmWreHugL00GPTFBhv6RvLO3YiHcWdxJdgzu0VsIRfDFmrEgw1igr2519rzz9lVVdk8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIq_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_3jXszsTY7fYLqtjwD1e3vUnjZ0Yw%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BGmK5v2Dte-zm43pnizFE6wsLpdMTQN0M0Z3zllF9iqOlqEyxO_rQeM0Suh9xWbni3a7N730ffXQsqQ49qsLX4DFZJzS7rb4j_U24NNYaDcjqcEBZknHpbkFemQhDMdBYBNLlXKK-_o3eZCU3_fQomsSl38Xdy9R25qBmxddaECsbCL6M%26cry%3D1%26dbm_d%3DAKAmf-Bc4yH_0gQJGK75zDTVnxOzg-QPz7eaNj92AmdQKi_Clh_mkkIbZeBTdMV-OgGAYPAtUiawXjRBiUYChvxhWEmHVKwSmr66StZJUWYSnhkAdTocaG9Nh5dKIWIjpe5lkSX80i8bw3pYqNjc0zNLJRTNOaa4xm-A7CvxwUB9OOybTQkJbIqeVGnK1kPiNHssDvdKPe2ARSnIPZiFxU55kMsBioCY-5auPnxBOqEe4Lm7ko9M-_PlgJXgWbZr2yuFhsOmKJBROM0CEQiOkZhwcfhFzKc3dYYWGZn2npOhLgZuimc_cEihdmgLDOkdsEX1-X636SgzWTV67d55-lN1hYwNmVO05lvHk9XMF_e5GIjTPqn3X4u8tjRAlvSl46R_IoZyg83HUy0dqnb8xtDR8aAtHm2TMw4WY7C9eKQfHL3E-eFYYky2XBsjhAHJ_XbWI7UOTCpCTjz7wEgorZlNydsNJkzrbg41mIKXc2QNJ4q-kDvmSp34xp6aT3YzktsH7wJCgiUHSVD4ngfmcudzEUvi3skQ0x4QMTard-FtKkrKve_ATN4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=733063580157&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Fri, 08 Dec 2023 13:05:31 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame 3992 930 B
922 B 20ms
19ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=820972cc0a&subid=&uid=0534883079166214&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-6-VmRRzZeCVK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0KtPNLZYKnAy7zj32f20epEqdVL5T_yAnkpCRfIYRh2LqiABMx4ho-bO7DQV4wRG3QrMdYKf373mSaw2WfYtDq1mjdahdwVMEemSrmJ0ItfJ1K9BHqEO0kkuBjLWlSzOLJSH7iPB3HgXaNf-UPv_I7Re7dnXKGk78uOgpLH9kRSTHa0Dtxtgh1eGgdsqYW-R2PA0Xu1Re8HWMn-v_hkek5XqLgGtLfz2hNecDNjctXT9FZiodPmZSUE40EsLzZuO9Jc2XSHKGfw5yiwFuGvbsEecIeDho3v8o09XnhUuFmnrMHftQMhkiwjr3upk6jR6fTd_j54cmWreHugL00GPTFBhv6RvLO3YiHcWdxJdgzu0VsIRfDFmrEgw1igr2519rzz9lVVdk8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIq_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_3jXszsTY7fYLqtjwD1e3vUnjZ0Yw%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BGmK5v2Dte-zm43pnizFE6wsLpdMTQN0M0Z3zllF9iqOlqEyxO_rQeM0Suh9xWbni3a7N730ffXQsqQ49qsLX4DFZJzS7rb4j_U24NNYaDcjqcEBZknHpbkFemQhDMdBYBNLlXKK-_o3eZCU3_fQomsSl38Xdy9R25qBmxddaECsbCL6M%26cry%3D1%26dbm_d%3DAKAmf-Bc4yH_0gQJGK75zDTVnxOzg-QPz7eaNj92AmdQKi_Clh_mkkIbZeBTdMV-OgGAYPAtUiawXjRBiUYChvxhWEmHVKwSmr66StZJUWYSnhkAdTocaG9Nh5dKIWIjpe5lkSX80i8bw3pYqNjc0zNLJRTNOaa4xm-A7CvxwUB9OOybTQkJbIqeVGnK1kPiNHssDvdKPe2ARSnIPZiFxU55kMsBioCY-5auPnxBOqEe4Lm7ko9M-_PlgJXgWbZr2yuFhsOmKJBROM0CEQiOkZhwcfhFzKc3dYYWGZn2npOhLgZuimc_cEihdmgLDOkdsEX1-X636SgzWTV67d55-lN1hYwNmVO05lvHk9XMF_e5GIjTPqn3X4u8tjRAlvSl46R_IoZyg83HUy0dqnb8xtDR8aAtHm2TMw4WY7C9eKQfHL3E-eFYYky2XBsjhAHJ_XbWI7UOTCpCTjz7wEgorZlNydsNJkzrbg41mIKXc2QNJ4q-kDvmSp34xp6aT3YzktsH7wJCgiUHSVD4ngfmcudzEUvi3skQ0x4QMTard-FtKkrKve_ATN4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=733063580157&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 08 Dec 2023 13:05:31 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 15 Dec 2023 13:05:31 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame B1F4
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=47445800082620104444990012532003&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3371125726

350 B
401 B

74ms
28ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3371125726
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=820972cc0a&subid=&uid=0534883079166214&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-6-VmRRzZeCVK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0KtPNLZYKnAy7zj32f20epEqdVL5T_yAnkpCRfIYRh2LqiABMx4ho-bO7DQV4wRG3QrMdYKf373mSaw2WfYtDq1mjdahdwVMEemSrmJ0ItfJ1K9BHqEO0kkuBjLWlSzOLJSH7iPB3HgXaNf-UPv_I7Re7dnXKGk78uOgpLH9kRSTHa0Dtxtgh1eGgdsqYW-R2PA0Xu1Re8HWMn-v_hkek5XqLgGtLfz2hNecDNjctXT9FZiodPmZSUE40EsLzZuO9Jc2XSHKGfw5yiwFuGvbsEecIeDho3v8o09XnhUuFmnrMHftQMhkiwjr3upk6jR6fTd_j54cmWreHugL00GPTFBhv6RvLO3YiHcWdxJdgzu0VsIRfDFmrEgw1igr2519rzz9lVVdk8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIq_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_3jXszsTY7fYLqtjwD1e3vUnjZ0Yw%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BGmK5v2Dte-zm43pnizFE6wsLpdMTQN0M0Z3zllF9iqOlqEyxO_rQeM0Suh9xWbni3a7N730ffXQsqQ49qsLX4DFZJzS7rb4j_U24NNYaDcjqcEBZknHpbkFemQhDMdBYBNLlXKK-_o3eZCU3_fQomsSl38Xdy9R25qBmxddaECsbCL6M%26cry%3D1%26dbm_d%3DAKAmf-Bc4yH_0gQJGK75zDTVnxOzg-QPz7eaNj92AmdQKi_Clh_mkkIbZeBTdMV-OgGAYPAtUiawXjRBiUYChvxhWEmHVKwSmr66StZJUWYSnhkAdTocaG9Nh5dKIWIjpe5lkSX80i8bw3pYqNjc0zNLJRTNOaa4xm-A7CvxwUB9OOybTQkJbIqeVGnK1kPiNHssDvdKPe2ARSnIPZiFxU55kMsBioCY-5auPnxBOqEe4Lm7ko9M-_PlgJXgWbZr2yuFhsOmKJBROM0CEQiOkZhwcfhFzKc3dYYWGZn2npOhLgZuimc_cEihdmgLDOkdsEX1-X636SgzWTV67d55-lN1hYwNmVO05lvHk9XMF_e5GIjTPqn3X4u8tjRAlvSl46R_IoZyg83HUy0dqnb8xtDR8aAtHm2TMw4WY7C9eKQfHL3E-eFYYky2XBsjhAHJ_XbWI7UOTCpCTjz7wEgorZlNydsNJkzrbg41mIKXc2QNJ4q-kDvmSp34xp6aT3YzktsH7wJCgiUHSVD4ngfmcudzEUvi3skQ0x4QMTard-FtKkrKve_ATN4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=733063580157&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 08 Dec 2023 13:05:31 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3371125726
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 0D5D 2 KB
2 KB 124ms
91ms Script
text/html 3.11.198.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=47445800082620104444990012532003&nw=1
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.198.160 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 2e314dca51d688515c16b191f195be96e9e718c0468164f21519228cf55ca2ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
last-modified: Fri, 08 Dec 2023 13:05:31 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 08 Dec 2023 13:06:31 GMT

GET
H2

200

activityi;dc_pre=CJC7v-nz_4IDFRzBOwIdxI8Luw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=49979420186.161415 Show response
5994599.fls.doubleclick.net/ Frame D28C
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=49979420186.161415?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJC7v-nz_4IDFRzBOwIdxI8Luw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=49979420186.161415?

392 B
325 B

66ms
65ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJC7v-nz_4IDFRzBOwIdxI8Luw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=49979420186.161415?

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

8035d503a693832d4ce62d0c302858599c235e1aba38391310c8765c2e749d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:31 GMT
expires: Fri, 08 Dec 2023 13:05:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJC7v-nz_4IDFRzBOwIdxI8Luw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=49979420186.161415?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame 6E19 7 KB
3 KB 80ms
27ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=47445800082620104444990012532003&a=029bc3fe
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=820972cc0a&subid=&uid=0534883079166214&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-6-VmRRzZeCVK-jI9u8PzsaKmAum5b2gaZWTnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0KtPNLZYKnAy7zj32f20epEqdVL5T_yAnkpCRfIYRh2LqiABMx4ho-bO7DQV4wRG3QrMdYKf373mSaw2WfYtDq1mjdahdwVMEemSrmJ0ItfJ1K9BHqEO0kkuBjLWlSzOLJSH7iPB3HgXaNf-UPv_I7Re7dnXKGk78uOgpLH9kRSTHa0Dtxtgh1eGgdsqYW-R2PA0Xu1Re8HWMn-v_hkek5XqLgGtLfz2hNecDNjctXT9FZiodPmZSUE40EsLzZuO9Jc2XSHKGfw5yiwFuGvbsEecIeDho3v8o09XnhUuFmnrMHftQMhkiwjr3upk6jR6fTd_j54cmWreHugL00GPTFBhv6RvLO3YiHcWdxJdgzu0VsIRfDFmrEgw1igr2519rzz9lVVdk8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIq_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_3jXszsTY7fYLqtjwD1e3vUnjZ0Yw%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-BGmK5v2Dte-zm43pnizFE6wsLpdMTQN0M0Z3zllF9iqOlqEyxO_rQeM0Suh9xWbni3a7N730ffXQsqQ49qsLX4DFZJzS7rb4j_U24NNYaDcjqcEBZknHpbkFemQhDMdBYBNLlXKK-_o3eZCU3_fQomsSl38Xdy9R25qBmxddaECsbCL6M%26cry%3D1%26dbm_d%3DAKAmf-Bc4yH_0gQJGK75zDTVnxOzg-QPz7eaNj92AmdQKi_Clh_mkkIbZeBTdMV-OgGAYPAtUiawXjRBiUYChvxhWEmHVKwSmr66StZJUWYSnhkAdTocaG9Nh5dKIWIjpe5lkSX80i8bw3pYqNjc0zNLJRTNOaa4xm-A7CvxwUB9OOybTQkJbIqeVGnK1kPiNHssDvdKPe2ARSnIPZiFxU55kMsBioCY-5auPnxBOqEe4Lm7ko9M-_PlgJXgWbZr2yuFhsOmKJBROM0CEQiOkZhwcfhFzKc3dYYWGZn2npOhLgZuimc_cEihdmgLDOkdsEX1-X636SgzWTV67d55-lN1hYwNmVO05lvHk9XMF_e5GIjTPqn3X4u8tjRAlvSl46R_IoZyg83HUy0dqnb8xtDR8aAtHm2TMw4WY7C9eKQfHL3E-eFYYky2XBsjhAHJ_XbWI7UOTCpCTjz7wEgorZlNydsNJkzrbg41mIKXc2QNJ4q-kDvmSp34xp6aT3YzktsH7wJCgiUHSVD4ngfmcudzEUvi3skQ0x4QMTard-FtKkrKve_ATN4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=733063580157&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d0bfbab23ec3687da860b5f2874bf44771d2cc188397d031d540d48c4c7a1060

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2214
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Dec 2023 13:05:31 GMT
Expires: Fri, 08 Dec 2023 13:05:31 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 0D5D
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47445800082620104444990012532003&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47445800082620104444990012532003&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
360 B

468ms
35ms

Image
image/gif

91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47445800082620104444990012532003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47445800082620104444990012532003&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Fri, 08 Dec 2023 13:05:31 GMT
server: nginx
content-length: 138
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0D5D 43 B
702 B 105ms
57ms Image
image/gif 23.199.221.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=47445800082620104444990012532003&pv=1

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.199.221.167 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-221-167.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 13:05:31 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB29 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BmoNBmhRzZdHhM6-79u8Pn76woAYAAAAAOAHgBAI&bg=!cnGlcT7NAAY3kmNgF5I7ADQBe5WfOBeJpCiDvhEUkQ2PQrUwuVzsi9Fr8EoWx6aoRFSs7VPL2qHRIudS3TUg8bjuWhzSAgAAAJ9SAAAABGgBB5kDRu0TPQ00gN_-JSoA7ABNhAznqO2MrWZgGzgKrKgMuJnDyRVIZ_kFEFtt8eXrE__YbQp4kAaktkdQW71U7e4e8HdmHn5MJE9MhnsUu-r87A-AePYzc5kKNgtodo-n2ttqIoADtCtrxsSZ2_p-cy1ou37IeEd5UMEZil5WGQSP5AZNBOniV8k0IpDsqaBjgcdk-8pTcr7TzanOjZAHdpqDOEglPw4L-7hsV4ovVtpjwrKggmCMCaehuUewVDvqCCB_j-kMnxGgxSanlEDR2HhFjPumrY1Ywk5pOQVK-LAeh7QPvbBxZ2mIGJ_lhdE3yqC_2yHCh1Xd0WFcZfjCBux-pcNRO0U60y2g8Jv_3x440v_Gw_3mV0LtNv-Ct_eX_mBndLgkn5DK-K3k2M8LGlaaoHRtBQ3tQNYwtcrYWAlcBsro-W9gp30BW4nyq2Gipk1uZqAJXH4ERwR-JEyOl8-1OJL0TlpphbUSB97Pw3_orUoxikaq0rzVdmFWsaWAIowjRC4j0bGnykI7XGU8lw2JpGcW5nFUfzzmt0tojplaZ2Iq66PcniCJvvBniIYJglKKnMn3g5IjgZA0MOKqj23n5GqdbL-ejTMWSkhPSuC9hWyzJfI4LbV2pvyWbOMwLhsD0qrmJnH2MukMOhNEtgxnnVubH-bHkoXsKKMKzcXRmVWmRhHIe95IulxFMDelYQxnI3R1p4NsNJWhxUQcBJhzqsZMNWGq-ocCsAACKy5wlsi7IiU3fzzznaQEYRV_2GFf0NUXo5x3YDSPlmVlaSkvy4LmHTbvwtMnB5fdOrPvgPxno0tJGx406PRcYfxgUg_fp9YchqN1yFVONOuax-Opueg8Y26XtyNvaQ1BCz0SClOpc7pdD9U3A92xJy5QsyYEu5EBpADDm_8hllkWZCONLvsYvPgOUmtlSR2XKjvVKiyf7TbGnFV_mAkwkIsRC8ksQevZ9sIvLpEiCobLwNj_AzX3SfAsPGKgtCEGByQxw11O8RnM4_dxYhIoenv41IbUBnmqrdL3l95MYNuuLd-jxXmsh0bcLztDxFX3KLj2bscuoPw3UjU_YnnmrJxLLtCWYFRWlbi-y88-QrjfYhhYJ9u1b0gUNQU

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BF39 5 KB
778 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=55692500086365404444990012532009&a=a021c2a0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 13:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 11:23:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 13:05:31 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame BF39 64 KB
64 KB 203ms
151ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=55692500086365404444990012532009&a=a021c2a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: eae9cfe1c3661142488cf8ed9c73ca7e13910f2fdfd6b4003f030275983706b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame BF39 56 KB
56 KB 208ms
157ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=55692500086365404444990012532009&a=a021c2a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: d6f577c7d9d2483626245486cd464a93e3bcae028534431aea13e1fa81ee5f52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 57466
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame BF39 36 KB
37 KB 219ms
167ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=55692500086365404444990012532009&a=a021c2a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e768fb5e28d6fe3f2c42f8f394960ef54290ab8c0e4bbbed13acaa9c4cdf72f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 37340
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame BF39 46 KB
46 KB 78ms
27ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=55692500086365404444990012532009&a=a021c2a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 600978e2f97a5b97fa2ac8e0b20d6fa4e8593adaf72c024df9680315ff232aa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 47177
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8FB8 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74841
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Fri, 08 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0D5D 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99e4cb1484fb75209265c26b9bcc45ef125652287bb7026c437867a911add563

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1B4
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKcia8l-xSDCZzB0MdC7B-I&google_cver=1&google_push=AXcoOmTp4LeycZCwx7bu5aqiqBnnJqe8UjnxLpc4p3Wt_FwcDS-2h2Kmn-AdFQGyn0sKXdD7a-j97AsaBS4...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTp4LeycZCwx7bu5aqiqBnnJqe8UjnxLpc4p3Wt_FwcDS-2h2Kmn-AdFQGyn0sKXdD7a-j97AsaBS4iikW0HBHmwbYtyZfqiQ&google_hm=-JEN1n3YTkuJdnisSs...

170 B
188 B

31ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTp4LeycZCwx7bu5aqiqBnnJqe8UjnxLpc4p3Wt_FwcDS-2h2Kmn-AdFQGyn0sKXdD7a-j97AsaBS4iikW0HBHmwbYtyZfqiQ&google_hm=-JEN1n3YTkuJdnisSsCdyBQ

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTp4LeycZCwx7bu5aqiqBnnJqe8UjnxLpc4p3Wt_FwcDS-2h2Kmn-AdFQGyn0sKXdD7a-j97AsaBS4iikW0HBHmwbYtyZfqiQ&google_hm=-JEN1n3YTkuJdnisSsCdyBQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1B4
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEPspatzx1ksMyzqHJOAM8Uo&google_cver=1&google_push=AXcoOmRb_mNl2B7h4Go2n-sL6TZB28JAc9pfUp0e-ZOrxJtcqw-ryMTXbwRcMLjICAsfxy0FON7IKKwQCzSLaDAyyqyUJtg...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPspatzx1ksMyzqHJOAM8Uo&google_cver=1&google_push=AXcoOmRb_mNl2B7h4Go2n-sL6TZB28JAc9pfUp0e-ZOrxJtcqw-ryMTXbwRcMLjICAsfxy0FON7IKKwQCzSLaDAyyqyUJ...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRb_mNl2B7h4Go2n-sL6TZB28JAc9pfUp0e-ZOrxJtcqw-ryMTXbwRcMLjICAsfxy0FON7IKKwQCzSLaDAyyqyUJtggcfVoFg

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRb_mNl2B7h4Go2n-sL6TZB28JAc9pfUp0e-ZOrxJtcqw-ryMTXbwRcMLjICAsfxy0FON7IKKwQCzSLaDAyyqyUJtggcfVoFg

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRb_mNl2B7h4Go2n-sL6TZB28JAc9pfUp0e-ZOrxJtcqw-ryMTXbwRcMLjICAsfxy0FON7IKKwQCzSLaDAyyqyUJtggcfVoFg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame E1B4 43 B
236 B 80ms
28ms Image
image/gif 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENSlWqaUzDHI-jHLKXHeJpA&google_cver=1&google_push=AXcoOmTr8WMG7INeqMsV7_iTC9D-U3q2D5LkEec_WEFu7Uq7AP56TwVqi4h4iYD0-ewjSW0hD8tsTuuyMYIAF6ySystM15kDgCsjqw
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1B4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJk0HDmgb01l-SLPoA_6HT4&google_cver=1&google_push=AXcoOmR-3fFcHUevGbj2YjbIx5BQevQvdHE-nQ2v7_v8XTsV2q8pKGq3PD4QAMm_8DWWvVNO83i...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXTjNSTlAtTS0yNE01&google_push=AXcoOmR-3fFcHUevGbj2YjbIx5BQevQvdHE-nQ2v7_v8XTsV2q8pKGq3PD4QAMm_8DWWvVNO83ispPN_4iURGwiJ4ZGfkHbLiBL_

170 B
188 B

41ms
41ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXTjNSTlAtTS0yNE01&google_push=AXcoOmR-3fFcHUevGbj2YjbIx5BQevQvdHE-nQ2v7_v8XTsV2q8pKGq3PD4QAMm_8DWWvVNO83ispPN_4iURGwiJ4ZGfkHbLiBL_

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXTjNSTlAtTS0yNE01&google_push=AXcoOmR-3fFcHUevGbj2YjbIx5BQevQvdHE-nQ2v7_v8XTsV2q8pKGq3PD4QAMm_8DWWvVNO83ispPN_4iURGwiJ4ZGfkHbLiBL_
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: bcdac959321a8cf7d38f9eb638bfa14f
Expires: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame E1B4 0
75 B 105ms
29ms Image
text/plain 81.17.55.109
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHUM-vBeMMkxp0gWCz0FmsE&google_cver=1&google_push=AXcoOmTlVWQr6aK8nNcL6dmeEatrkX8q8tpG88rAmLT2oGUCWKJTUPkpSPwrZHuYBDhqFXYWNtNZmDvgiQNvAf6HudVK7QScOKeh
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.109 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame E1B4
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPXfu4eHYunY...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmShM2f9zXYKkhR5pbalw5l_w8-kCauu_wfaN8a-Yy0iYqqllGiQYfRvfWx6Hz6_i8YNE6Dh9DaPYBS1wsONk0cy7fVKRU7fNMI
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

58ms
58ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Fri, 08 Dec 2023 13:05:31 GMT
pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame E1B4 43 B
145 B 23ms
23ms Image
image/gif 3.123.203.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEO8-BWL_Wu1GEZscJMBXLJg&google_cver=1&google_push=AXcoOmSid1WaHEG1c6drWxSot7bdt7QIV6o6lfitR_7mWhT8qoWbFoFe2wmIh6JcA3k14ihJVRv3LwHMDPwR-pMPzB-xcSLumeskSUI
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.203.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-203-242.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E1B4 0
12 B 28ms
28ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IYuXR2QEOtNRiYfQEeB8wP24JTwvaYwLlmlrrNjsjkyarbVsZXj19dvW6O-w7-c2jR5_FJU6Q

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame E236 175 KB
63 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c765f5c9b0e8ac0d1abc9e7a2a3204c45619d0080cbc67a3a7c1ced80b918a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64123
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Dec 2023 13:05:31 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 0ACB
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1863459/76904395/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014994355&ias_pubId=pub-1403787016703043&ias_chanId=1&ias_placementId=20821116200&bi...
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=

17 B
472 B

29ms
28ms

Script
application/javascript

2600:9000:238d:1a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:238d:1a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 6255853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: VfHQLslMh7aWkwCyc-y3QuTTXcCwt0iOnNiUaFEgE55ZoKN2ps3V1w==

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: nginx
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 72C3 91 KB
23 KB 31ms
31ms Script
application/javascript 2600:9000:238d:1a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:1a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 6785781
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: LC3Mqb2JoyIOap8fCH-d4S6IHVYUyXxAwrtyf97bA_4LbNas3vhAKA==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4836 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bc8QkmhRzZdejM-WujuwP7rOPuAwAAAAAOAHgBAI&bg=!dXaldjnNAAY3kmNgF5I7ADQBe5WfOBouZ5UabpOTzBx5sYWVuT4axOANt_C-CG9JDtlgt_rnMJlre4crreBJi6x3xDn_AgAAAK1SAAAAAWgBB5kDTH8-9plf3aknqSfkCq1s4CrBmxhpgJlM-_kqdbdDVGpoL3reu4uuIOTuo4kngDQkwMaLVWLQWk28MTiEjQcQugArcTcqfUwpiInIj8HMaUwvooqCuKuE_4ANelkcSX6zABWMCUWbnm2N7qteJpwGCqiL6LXKHyydyit-31noA4pa_Vy704hHPxREoSUAxgUtRz64MbAj5qbWM2_u1gVPbGaat340EsE-rIobP1NvEvaNCvvMrBX-AKDfUDqq9piQugb5347u8lZPsBAUP48Rigitof2fwSZtSiC0ZkjPxhwsLHepmvBCQcMMQiX2xuGPA9FWhCL8PaGyPhmZrC9yayWM3MOavphFtRCR4lS2GblcgcZmF2ebr0caMV_4Y-KpuHs1mvCeUu_mco_0Ej8TdmWTiAL-PouXSWxsbYm31VXpBtiDLtuRuHWrzUUVblHdsIfIjC2BgILQIY8ChJwo5bcmdcJINhM8NgTIYx2ug5O_0M-1quT-ujn7zwpXVinGW0S4dzOIOvbG38VaAJr559UCyP5ytFERyZMfCE4oThrAbSND8KamMANUXhSx8fQwA6ap6hYbD4b5EbT3HvQ9JHIt7ggq_k8QK_F9MzchRfMqLVGzU7mRcmFhHpjRu2oCzj3LnQ095N9s9ZobAw8IxOiypLlutCB5l3raNbgklJlVpQvcCsv5ZrURYWXpcEZ4jniB_IcAYdxyag2l8o3FYu9GnAoK2O3yiFZrd06B3xPsYQbvFdtwuYWfbaZtKQKq_Bl7umbFzqOL917ui6x2fwZFLqRaLhAivjouyeQVdajjCmCA9Vl5odIIeb2Sv6dRleLOdDeKb1On9iHV7RvwLjFdYf7eWi2aKjg5_xNtVNIaW6rPbruznOilKIbma9tEXFCWtSfga4JKSqQcvuBMuK8-18MOoHlNqibU4cgfcwhjKAtLkVdBZBxeeOsKEznlnUof9U76U2opWaOFwtPnlKlhQzC2Nu04lFtd9Zj3tfaLjRYIN7zC_qfdPdd1YS5KytBsZLO8TDa-LbM8migdg4UaDyG_8757yAFKoszlDnbPkwAtvKe6IAywJhhso7oD2_tzNVLm370RdHa22Xi_gSQSOWrxvKYh-EcERiY

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 3325 0
327 B 347ms
33ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=60009900089143504444978012532007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=403fc5e55c&subid=&uid=f1b7cc14988fcdcd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChP2jmRRzZeWVK-jI9u8PzsaKmAum5b2gab2YnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0BseS_JfCxiWQTpuDhmT_C7jayXmG2ss8mO4qUmfdUZ5gvn29cC6G6BCMbnfIo17BfrwNDzA1Z3keYgErnHfxDOwZZqv_cthTQRLU814I_bhjPIh4Puh5-t2xasy6EtpJ9qUv9_KDejFPp5m5uIW0ZxS7WCl85KmcCQCi-6WkxL-9YCmnis2sWT8bJpgVzSQUuKtwCmqLg9iy3D33gDQ-DZ2E3Zk2D7uVLoPRkd_8sEK0AkJY-tms75gWBiC6ram7PfTHbGuCxixWINyzVyHsKvgQAnTo0Q3iIDrblTh8avpQbRhxskCYdiT-TlaCwXJbSvlxItW9rkpJ5hGS_95Dn1t3sJcLMRgpx3L1w3pZjtQRZlcWaq-5s-UYatCHmJ80kj_TksYa8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIs_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_0HA2NtHcoVX7uhLV5jjj21j-H9MA%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-C7OM3OfeljdYfA4HnHDxl3A0dyU9UplmtlHHpTHCr3zv40oL6UedijYBpy-aQ-QqUbS3N6UOu9LW0OwO7xy0Ovwbmnr4L4ND4JzVqI98tMzhm2j2athPNcys2iIgoMMAQt4YfJ4W1krd6iqGEPVicam51vsHh8x7rws88QinfERNIzni0%26cry%3D1%26dbm_d%3DAKAmf-B26y0DvVxGSOr59ScsJeQH5ZG55TSVMLbpI6sQR-knOuTQDnlDAVNIciy6RC1FxR2iWdbTfrAA4_uN2Nchy2r24nyHFuP-CJWG9QRKZfs8tFaMR3NdgC5q8YsZJ0x6yBGjGzIZcKPtpETSiRz6xUMxekUXQz0YSXsmMLPEAD01gfoAsloC5FvCw3-ljBbLbWK7Vr164VaSZ5lKxGBDtOZg73VZB2HSauJVheeoSHsCf1DupJHw9fbxWQKExrnKgHVwrhiysdUT8Ik6GOGtf3oSJront1iKbZE0ICE70eVkWSkIbtGG6J5FlqYBSoWfuvlK6v5WCiXBb5KDNtYXn98r_xqmA2YqKu9dnAwjqBq-LjFX4VxYtQZ1iHyY2pFUTtXDmc4g0hHBf0_TwAumkny3bHE7ovdNRxyaaLY3QGDeY2eMojrB7dBXjauIk3U1rQToexrygM3-Z_O8KfIS4BQCn0f_Qb26SLxJaBkMHpOfXCIwWZa-Ww9GUx3xeUO5kc50nVeoB_MA2C6qLQHhL36ZB9HZ7kpz1Gl2tDKLo6H9eW0cwLY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=584645368429&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Fri, 08 Dec 2023 13:05:31 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame 3FC7 930 B
922 B 22ms
21ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=403fc5e55c&subid=&uid=f1b7cc14988fcdcd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChP2jmRRzZeWVK-jI9u8PzsaKmAum5b2gab2YnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0BseS_JfCxiWQTpuDhmT_C7jayXmG2ss8mO4qUmfdUZ5gvn29cC6G6BCMbnfIo17BfrwNDzA1Z3keYgErnHfxDOwZZqv_cthTQRLU814I_bhjPIh4Puh5-t2xasy6EtpJ9qUv9_KDejFPp5m5uIW0ZxS7WCl85KmcCQCi-6WkxL-9YCmnis2sWT8bJpgVzSQUuKtwCmqLg9iy3D33gDQ-DZ2E3Zk2D7uVLoPRkd_8sEK0AkJY-tms75gWBiC6ram7PfTHbGuCxixWINyzVyHsKvgQAnTo0Q3iIDrblTh8avpQbRhxskCYdiT-TlaCwXJbSvlxItW9rkpJ5hGS_95Dn1t3sJcLMRgpx3L1w3pZjtQRZlcWaq-5s-UYatCHmJ80kj_TksYa8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIs_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_0HA2NtHcoVX7uhLV5jjj21j-H9MA%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-C7OM3OfeljdYfA4HnHDxl3A0dyU9UplmtlHHpTHCr3zv40oL6UedijYBpy-aQ-QqUbS3N6UOu9LW0OwO7xy0Ovwbmnr4L4ND4JzVqI98tMzhm2j2athPNcys2iIgoMMAQt4YfJ4W1krd6iqGEPVicam51vsHh8x7rws88QinfERNIzni0%26cry%3D1%26dbm_d%3DAKAmf-B26y0DvVxGSOr59ScsJeQH5ZG55TSVMLbpI6sQR-knOuTQDnlDAVNIciy6RC1FxR2iWdbTfrAA4_uN2Nchy2r24nyHFuP-CJWG9QRKZfs8tFaMR3NdgC5q8YsZJ0x6yBGjGzIZcKPtpETSiRz6xUMxekUXQz0YSXsmMLPEAD01gfoAsloC5FvCw3-ljBbLbWK7Vr164VaSZ5lKxGBDtOZg73VZB2HSauJVheeoSHsCf1DupJHw9fbxWQKExrnKgHVwrhiysdUT8Ik6GOGtf3oSJront1iKbZE0ICE70eVkWSkIbtGG6J5FlqYBSoWfuvlK6v5WCiXBb5KDNtYXn98r_xqmA2YqKu9dnAwjqBq-LjFX4VxYtQZ1iHyY2pFUTtXDmc4g0hHBf0_TwAumkny3bHE7ovdNRxyaaLY3QGDeY2eMojrB7dBXjauIk3U1rQToexrygM3-Z_O8KfIS4BQCn0f_Qb26SLxJaBkMHpOfXCIwWZa-Ww9GUx3xeUO5kc50nVeoB_MA2C6qLQHhL36ZB9HZ7kpz1Gl2tDKLo6H9eW0cwLY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=584645368429&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 08 Dec 2023 13:05:31 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 15 Dec 2023 13:05:31 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame E80C 0
326 B 347ms
33ms Script
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=60009900089143504444978012532007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=403fc5e55c&subid=&uid=f1b7cc14988fcdcd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChP2jmRRzZeWVK-jI9u8PzsaKmAum5b2gab2YnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0BseS_JfCxiWQTpuDhmT_C7jayXmG2ss8mO4qUmfdUZ5gvn29cC6G6BCMbnfIo17BfrwNDzA1Z3keYgErnHfxDOwZZqv_cthTQRLU814I_bhjPIh4Puh5-t2xasy6EtpJ9qUv9_KDejFPp5m5uIW0ZxS7WCl85KmcCQCi-6WkxL-9YCmnis2sWT8bJpgVzSQUuKtwCmqLg9iy3D33gDQ-DZ2E3Zk2D7uVLoPRkd_8sEK0AkJY-tms75gWBiC6ram7PfTHbGuCxixWINyzVyHsKvgQAnTo0Q3iIDrblTh8avpQbRhxskCYdiT-TlaCwXJbSvlxItW9rkpJ5hGS_95Dn1t3sJcLMRgpx3L1w3pZjtQRZlcWaq-5s-UYatCHmJ80kj_TksYa8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIs_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_0HA2NtHcoVX7uhLV5jjj21j-H9MA%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-C7OM3OfeljdYfA4HnHDxl3A0dyU9UplmtlHHpTHCr3zv40oL6UedijYBpy-aQ-QqUbS3N6UOu9LW0OwO7xy0Ovwbmnr4L4ND4JzVqI98tMzhm2j2athPNcys2iIgoMMAQt4YfJ4W1krd6iqGEPVicam51vsHh8x7rws88QinfERNIzni0%26cry%3D1%26dbm_d%3DAKAmf-B26y0DvVxGSOr59ScsJeQH5ZG55TSVMLbpI6sQR-knOuTQDnlDAVNIciy6RC1FxR2iWdbTfrAA4_uN2Nchy2r24nyHFuP-CJWG9QRKZfs8tFaMR3NdgC5q8YsZJ0x6yBGjGzIZcKPtpETSiRz6xUMxekUXQz0YSXsmMLPEAD01gfoAsloC5FvCw3-ljBbLbWK7Vr164VaSZ5lKxGBDtOZg73VZB2HSauJVheeoSHsCf1DupJHw9fbxWQKExrnKgHVwrhiysdUT8Ik6GOGtf3oSJront1iKbZE0ICE70eVkWSkIbtGG6J5FlqYBSoWfuvlK6v5WCiXBb5KDNtYXn98r_xqmA2YqKu9dnAwjqBq-LjFX4VxYtQZ1iHyY2pFUTtXDmc4g0hHBf0_TwAumkny3bHE7ovdNRxyaaLY3QGDeY2eMojrB7dBXjauIk3U1rQToexrygM3-Z_O8KfIS4BQCn0f_Qb26SLxJaBkMHpOfXCIwWZa-Ww9GUx3xeUO5kc50nVeoB_MA2C6qLQHhL36ZB9HZ7kpz1Gl2tDKLo6H9eW0cwLY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=584645368429&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame E80C 43 B
360 B 348ms
34ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=60009900089143504444978012532007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=403fc5e55c&subid=&uid=f1b7cc14988fcdcd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChP2jmRRzZeWVK-jI9u8PzsaKmAum5b2gab2YnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0BseS_JfCxiWQTpuDhmT_C7jayXmG2ss8mO4qUmfdUZ5gvn29cC6G6BCMbnfIo17BfrwNDzA1Z3keYgErnHfxDOwZZqv_cthTQRLU814I_bhjPIh4Puh5-t2xasy6EtpJ9qUv9_KDejFPp5m5uIW0ZxS7WCl85KmcCQCi-6WkxL-9YCmnis2sWT8bJpgVzSQUuKtwCmqLg9iy3D33gDQ-DZ2E3Zk2D7uVLoPRkd_8sEK0AkJY-tms75gWBiC6ram7PfTHbGuCxixWINyzVyHsKvgQAnTo0Q3iIDrblTh8avpQbRhxskCYdiT-TlaCwXJbSvlxItW9rkpJ5hGS_95Dn1t3sJcLMRgpx3L1w3pZjtQRZlcWaq-5s-UYatCHmJ80kj_TksYa8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIs_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_0HA2NtHcoVX7uhLV5jjj21j-H9MA%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-C7OM3OfeljdYfA4HnHDxl3A0dyU9UplmtlHHpTHCr3zv40oL6UedijYBpy-aQ-QqUbS3N6UOu9LW0OwO7xy0Ovwbmnr4L4ND4JzVqI98tMzhm2j2athPNcys2iIgoMMAQt4YfJ4W1krd6iqGEPVicam51vsHh8x7rws88QinfERNIzni0%26cry%3D1%26dbm_d%3DAKAmf-B26y0DvVxGSOr59ScsJeQH5ZG55TSVMLbpI6sQR-knOuTQDnlDAVNIciy6RC1FxR2iWdbTfrAA4_uN2Nchy2r24nyHFuP-CJWG9QRKZfs8tFaMR3NdgC5q8YsZJ0x6yBGjGzIZcKPtpETSiRz6xUMxekUXQz0YSXsmMLPEAD01gfoAsloC5FvCw3-ljBbLbWK7Vr164VaSZ5lKxGBDtOZg73VZB2HSauJVheeoSHsCf1DupJHw9fbxWQKExrnKgHVwrhiysdUT8Ik6GOGtf3oSJront1iKbZE0ICE70eVkWSkIbtGG6J5FlqYBSoWfuvlK6v5WCiXBb5KDNtYXn98r_xqmA2YqKu9dnAwjqBq-LjFX4VxYtQZ1iHyY2pFUTtXDmc4g0hHBf0_TwAumkny3bHE7ovdNRxyaaLY3QGDeY2eMojrB7dBXjauIk3U1rQToexrygM3-Z_O8KfIS4BQCn0f_Qb26SLxJaBkMHpOfXCIwWZa-Ww9GUx3xeUO5kc50nVeoB_MA2C6qLQHhL36ZB9HZ7kpz1Gl2tDKLo6H9eW0cwLY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=584645368429&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E80C 43 B
702 B 61ms
61ms Image
image/gif 23.199.221.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=60009900089143504444978012532007&pv=1

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=403fc5e55c&subid=&uid=f1b7cc14988fcdcd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChP2jmRRzZeWVK-jI9u8PzsaKmAum5b2gab2YnKfJD_AuEAEgvNuVN2CVgoCAsAfIAQmpAjgdRBsxF7I-qAMByAObBKoEqAJP0BseS_JfCxiWQTpuDhmT_C7jayXmG2ss8mO4qUmfdUZ5gvn29cC6G6BCMbnfIo17BfrwNDzA1Z3keYgErnHfxDOwZZqv_cthTQRLU814I_bhjPIh4Puh5-t2xasy6EtpJ9qUv9_KDejFPp5m5uIW0ZxS7WCl85KmcCQCi-6WkxL-9YCmnis2sWT8bJpgVzSQUuKtwCmqLg9iy3D33gDQ-DZ2E3Zk2D7uVLoPRkd_8sEK0AkJY-tms75gWBiC6ram7PfTHbGuCxixWINyzVyHsKvgQAnTo0Q3iIDrblTh8avpQbRhxskCYdiT-TlaCwXJbSvlxItW9rkpJ5hGS_95Dn1t3sJcLMRgpx3L1w3pZjtQRZlcWaq-5s-UYatCHmJ80kj_TksYa8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlij2NXo8_-CA4AKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CREXiDRMIs_DW6PP_ggMVaKT9Bx1OowKzsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE%26sig%3DAOD64_0HA2NtHcoVX7uhLV5jjj21j-H9MA%26client%3Dca-pub-1403787016703043%26dbm_c%3DAKAmf-C7OM3OfeljdYfA4HnHDxl3A0dyU9UplmtlHHpTHCr3zv40oL6UedijYBpy-aQ-QqUbS3N6UOu9LW0OwO7xy0Ovwbmnr4L4ND4JzVqI98tMzhm2j2athPNcys2iIgoMMAQt4YfJ4W1krd6iqGEPVicam51vsHh8x7rws88QinfERNIzni0%26cry%3D1%26dbm_d%3DAKAmf-B26y0DvVxGSOr59ScsJeQH5ZG55TSVMLbpI6sQR-knOuTQDnlDAVNIciy6RC1FxR2iWdbTfrAA4_uN2Nchy2r24nyHFuP-CJWG9QRKZfs8tFaMR3NdgC5q8YsZJ0x6yBGjGzIZcKPtpETSiRz6xUMxekUXQz0YSXsmMLPEAD01gfoAsloC5FvCw3-ljBbLbWK7Vr164VaSZ5lKxGBDtOZg73VZB2HSauJVheeoSHsCf1DupJHw9fbxWQKExrnKgHVwrhiysdUT8Ik6GOGtf3oSJront1iKbZE0ICE70eVkWSkIbtGG6J5FlqYBSoWfuvlK6v5WCiXBb5KDNtYXn98r_xqmA2YqKu9dnAwjqBq-LjFX4VxYtQZ1iHyY2pFUTtXDmc4g0hHBf0_TwAumkny3bHE7ovdNRxyaaLY3QGDeY2eMojrB7dBXjauIk3U1rQToexrygM3-Z_O8KfIS4BQCn0f_Qb26SLxJaBkMHpOfXCIwWZa-Ww9GUx3xeUO5kc50nVeoB_MA2C6qLQHhL36ZB9HZ7kpz1Gl2tDKLo6H9eW0cwLY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theenemy.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.theenemy.com.br&random=584645368429&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.199.221.167 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-221-167.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 13:05:31 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 6E19 5 KB
682 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=47445800082620104444990012532003&a=029bc3fe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 13:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 11:23:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 13:05:31 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6E19 64 KB
64 KB 74ms
26ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=47445800082620104444990012532003&a=029bc3fe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: eae9cfe1c3661142488cf8ed9c73ca7e13910f2fdfd6b4003f030275983706b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6E19 56 KB
56 KB 78ms
27ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=47445800082620104444990012532003&a=029bc3fe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: d6f577c7d9d2483626245486cd464a93e3bcae028534431aea13e1fa81ee5f52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 57466
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6E19 36 KB
37 KB 236ms
117ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=47445800082620104444990012532003&a=029bc3fe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e768fb5e28d6fe3f2c42f8f394960ef54290ab8c0e4bbbed13acaa9c4cdf72f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 37340
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6E19 46 KB
46 KB 146ms
27ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=47445800082620104444990012532003&a=029bc3fe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 600978e2f97a5b97fa2ac8e0b20d6fa4e8593adaf72c024df9680315ff232aa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 47177
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame B1F4 5 KB
5 KB 25ms
24ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3371125726
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 024D 5 KB
5 KB 27ms
24ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3371125725
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3 200 Cairo-Bold.woff2
s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/ Frame 1E43 35 KB
35 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/Cairo-Bold.woff2

Requested by

Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3449973958008fa462efb86ad67ac29a4e2bc5f38ac081947fbe2f627ac42065

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:22:38 GMT
x-content-type-options: nosniff
age: 322973
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35836
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:11:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 19:22:38 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0ACB 43 B
215 B 574ms
203ms Image
image/gif 2600:1f13:800:7781:6f80:690b:cb6e:6bb0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1863459&asId=81d2e783-60a0-abcb-83c4-16e7bc29e91c&tv=%7Bc:wdk5Ig,pingTime:-3,time:336,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:231%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:336,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B135~0%5D,as:%5B135~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXQVs5K+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C16*.1863459-76904395%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C183%7C184%7C191%7C1921,idMap:16*,rmeas:1,rend:0,renddet:na,siq:231%7D&br=c
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:6f80:690b:cb6e:6bb0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0ACB 43 B
215 B 574ms
205ms Image
image/gif 2600:1f13:800:7781:6f80:690b:cb6e:6bb0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1863459&asId=81d2e783-60a0-abcb-83c4-16e7bc29e91c&tv=%7Bc:wdk5Ii,pingTime:-6,time:338,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:338,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B137~0%5D,as:%5B137~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXQVs5K+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C16*.1863459-76904395%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C183%7C184%7C191%7C1921,idMap:16*,rmeas:1,rend:0,renddet:na,siq:231%7D&tpiLookup=ao:www.theenemy.com.br*&br=c
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:6f80:690b:cb6e:6bb0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dc_pre=CJC7v-nz_4IDFRzBOwIdxI8Luw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=49979420186.161415
adservice.google.com/ddm/fls/z/ Frame D28C 42 B
401 B 108ms
61ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJC7v-nz_4IDFRzBOwIdxI8Luw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=49979420186.161415

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJC7v-nz_4IDFRzBOwIdxI8Luw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=49979420186.161415?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJ-4v-nz_4IDFbDHOwIdqmMNUg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9700838007636.314
adservice.google.com/ddm/fls/z/ Frame 3B91 42 B
107 B 105ms
62ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ-4v-nz_4IDFbDHOwIdqmMNUg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9700838007636.314

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ-4v-nz_4IDFbDHOwIdqmMNUg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9700838007636.314?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 3992 175 KB
63 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd8ab263add13dbe1107e4ec649cc1c6701ffb6590ee793601ac2cc447cf3767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64118
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Dec 2023 13:05:31 GMT

GET
H/1.1 200
OK viewability Show response
hal90009.redintelligence.net/ Frame BF39 0
150 B 74ms
25ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/viewability?s=55692500086365404444990012532009&a=504cc382&vb=m
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=55692500086365404444990012532009&a=a021c2a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/request_content.php?s=55692500086365404444990012532009&a=a021c2a0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0ACB 43 B
216 B 546ms
202ms Image
image/gif 2600:1f13:800:7781:6f80:690b:cb6e:6bb0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1863459&asId=81d2e783-60a0-abcb-83c4-16e7bc29e91c&tv=%7Bc:wdk5IH,pingTime:-2,time:363,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:683,beZ:684,mfA:882,cmA:883,inA:883,inZ:885,prA:885,prZ:911,si:914,poA:915,poZ:974,cmZ:974,mfZ:974,loA:1021,loZ:1022,ltA:1046,ltZ:1047,mdA:684,mdZ:807%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:231%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:363,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B162~0%5D,as:%5B162~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXQVs5K+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C16*.1863459-76904395%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C183%7C184%7C191%7C1921,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:231,sinceFw:131,readyFired:true%7D&br=c
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:6f80:690b:cb6e:6bb0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8FB8
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDMtr5BqcCmAhE7hyGgjcpw&google_cver=1&google_push=AXcoOmQN9tnXYN4FArJ9z86XJGtE0Yo6z-vnxaHZ6AeFbqNuatW3ClAA4A0wb8HegpSMCYfdQ2VSR90TqNZGOWFaeZIiNPpgD9g
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg4NDUxMTI3NTExNTI2NzcxNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMtr5BqcCmAhE7hyGgjcpw&google_cver=1

43 B
398 B

59ms
27ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMtr5BqcCmAhE7hyGgjcpw&google_cver=1
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMtr5BqcCmAhE7hyGgjcpw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8FB8 35 B
465 B 154ms
23ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGkf4y3EZ0bO2olc7KPIOpU&google_cver=1&google_push=AXcoOmQV3BjQS1jG46D4jpF6OKwESNyvOMeKzkA41SKeTHaBsNy0mZGKsTyuYaN8_oHLnu-XyR8FKz0D-Ub3S5PDJFTfU17hhtmn

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8FB8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDYkdIgrJtMTRP5yNiksv6s&google_cver=1&google_push=AXcoOmQ8spuo6DS-R5AdrUcGAcvVI00TKOLKxFZ0eNVt_FW-inp3f8AXXhXoIPtziOoWZQaxRLOSRa7mOoBlEOJB20d7vsUMfeo
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A0202FE2E52544E0AAB09019150C705C&google_push=AXcoOmQ8spuo6DS-R5AdrUcGAcvVI00TKOLKxFZ0eNVt_FW-inp3f8AXXhXoIPtziOoWZQaxRLOSRa7mOoBlEOJ...

170 B
188 B

31ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A0202FE2E52544E0AAB09019150C705C&google_push=AXcoOmQ8spuo6DS-R5AdrUcGAcvVI00TKOLKxFZ0eNVt_FW-inp3f8AXXhXoIPtziOoWZQaxRLOSRa7mOoBlEOJB20d7vsUMfeo

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Dec 2023 13:05:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A0202FE2E52544E0AAB09019150C705C&google_push=AXcoOmQ8spuo6DS-R5AdrUcGAcvVI00TKOLKxFZ0eNVt_FW-inp3f8AXXhXoIPtziOoWZQaxRLOSRa7mOoBlEOJB20d7vsUMfeo
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 07 Dec 2023 13:05:31 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8FB8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJKfVHHpidveh7C_TlcabmI&google_cver=1&google_push=AXcoOmSrs_HesBaVAI5XNjZ2NYUpB6zJxgRBWKUf_9ODtggsDf5tkf9ehHGWVjJUmYC9sTCYp7xuodwFyaS2UbyCDdS2ixH...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSrs_HesBaVAI5XNjZ2NYUpB6zJxgRBWKUf_9ODtggsDf5tkf9ehHGWVjJUmYC9sTCYp7xuodwFyaS2UbyCDdS2ixHlKx4V&google_hm=eS1Cb1Y0TDVWRTJwSGhRaT...

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSrs_HesBaVAI5XNjZ2NYUpB6zJxgRBWKUf_9ODtggsDf5tkf9ehHGWVjJUmYC9sTCYp7xuodwFyaS2UbyCDdS2ixHlKx4V&google_hm=eS1Cb1Y0TDVWRTJwSGhRaTdsXzhRLmR1YjlDRFRfUGM5aX5B

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Dec 2023 13:05:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSrs_HesBaVAI5XNjZ2NYUpB6zJxgRBWKUf_9ODtggsDf5tkf9ehHGWVjJUmYC9sTCYp7xuodwFyaS2UbyCDdS2ixHlKx4V&google_hm=eS1Cb1Y0TDVWRTJwSGhRaTdsXzhRLmR1YjlDRFRfUGM5aX5B
content-length: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 8FB8 0
41 B 37ms
35ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENFKPQPck0E8JBhqxgYuGis&google_cver=1&google_push=AXcoOmSQ5uFZxxVKToN3WXXi8rVne6Dqrg_zhpvfhOeQ-0eDLLZMs9vv-nmUNjtPa4bFM5-2bpcl50aZ3ABjCKdhffCI_6pdtMRw
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 08 Dec 2023 13:05:31 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8FB8
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.targeting.unrulymedia.com/csync/RX-6c1845b1-96cd-456d-8172-8e84b920dd48-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSBPpY7bpQQSPHqnFbek...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSBPpY7bpQQSPHqnFbek6mdwarTMBv9dJBzIBdzbXAdwzNqiOcto2_P_8WdINUCBQdfAgHAT-yHD-0iie4z1CIX95yiKi64&google_hm=A2wYRbGWzUVtgXKOhLkg3Ug

170 B
188 B

34ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSBPpY7bpQQSPHqnFbek6mdwarTMBv9dJBzIBdzbXAdwzNqiOcto2_P_8WdINUCBQdfAgHAT-yHD-0iie4z1CIX95yiKi64&google_hm=A2wYRbGWzUVtgXKOhLkg3Ug

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSBPpY7bpQQSPHqnFbek6mdwarTMBv9dJBzIBdzbXAdwzNqiOcto2_P_8WdINUCBQdfAgHAT-yHD-0iie4z1CIX95yiKi64&google_hm=A2wYRbGWzUVtgXKOhLkg3Ug
date: Fri, 08 Dec 2023 13:05:31 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX6c1845b196cd456d81728e84b920dd48003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8FB8
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBZjRYlVGLeeFVXit-TGN1o&google_cver=1&google_push=AXcoOmRpkO732bTyWo8zPrb2I0TwJnOAOX3wy4Z1IlmcLujWXLU5QBLYLKgEV8lZ1h_eqJdCjIUGtfi_jrOcjDXhxA_dnW1AQA8o
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4ODYxNDA0OTA2OTE1MDcyNTMwMA%3D%3D&google_push=AXcoOmRpkO732bTyWo8zPrb2I0TwJnOAOX3wy4Z1IlmcLujWXLU5QBLY...

170 B
188 B

34ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4ODYxNDA0OTA2OTE1MDcyNTMwMA%3D%3D&google_push=AXcoOmRpkO732bTyWo8zPrb2I0TwJnOAOX3wy4Z1IlmcLujWXLU5QBLYLKgEV8lZ1h_eqJdCjIUGtfi_jrOcjDXhxA_dnW1AQA8o

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4ODYxNDA0OTA2OTE1MDcyNTMwMA%3D%3D&google_push=AXcoOmRpkO732bTyWo8zPrb2I0TwJnOAOX3wy4Z1IlmcLujWXLU5QBLYLKgEV8lZ1h_eqJdCjIUGtfi_jrOcjDXhxA_dnW1AQA8o
date: Fri, 08 Dec 2023 13:05:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8FB8 0
12 B 31ms
30ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lht0ZF3NnzxcnZwxNnOTK3LqRbT4nrtJznxmKnovhgSxNeb6SEQtOb8wSNI-WRXfABYKf-

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 0D5D 53 KB
19 KB 158ms
38ms Script
application/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=47445800082620104444990012532003&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 01:58:47 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 40005
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: BGwjhT01iVd5vLM_Y14dZJ40lkI_xkuZOuss1zzGIoVCusxq6bMFyQ==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 0D5D 3 KB
3 KB 141ms
21ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1702041031&Signature=ddbtXkS2UG7ZVg~T3IGk4GHKAJzLRh-56vdp2~IAHhm63syhhE0GqBuhQAKT4GyfB4hSxhwEA9klXVZGH8K44UHG15NiZ1SzI960J5MULyUgCBYAnPLHAG6xQpyG2rFlhQnlJrjIx0SJ1BoiroRYI8RnNabzPwOGbgT1-3tJW73Qo9-~SArDYmUjiSkEmMT8qY~Ga69EtmUFQ1FvEyIhnAr127mDwphnmnYmNeq-d9Vrz9xOJ40ofcxz9fLnQgj2iQMGBLg-w4LL0GXSw8ty8shSeqv8BUmXZS6ImKHTohv4Sqfu-VQXvLBfhEjNDDMKMCht9WUYc5kHTgNRNdwMbQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 08 Dec 2023 03:42:50 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 33762
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: 9wxVcEsk7rMSl2vIRlN7rZ81zlCoTMPZMMxQGUZWP5zrIrDvpb7kAA==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 219F 53 KB
19 KB 142ms
23ms Script
application/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=55692500086365404444990012532009&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 01:58:47 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 40005
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JnB_PATwhP1XSf65lM3si3OSTmBU4Jq9rWhRaHk9xL8YdtneoIO4Zw==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 219F 85 B
436 B 141ms
22ms Image
image/gif 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1702041031&Signature=gF4qXs~MT1UC9bs709sWRdYqBMk9iVk6C8Xdy-MZm7ZANhNMHuMeI9cfhl4NHcWdX~yYRGZwLjUoJj9ouZvSFxw1X4NagdpxsV2RLBVvNSBMbQC2cAL6cYfoqBFNZEb3Kpq1tXik~gs5TjCcqqM9DQEBAcL1J5KzG0hQcWgZUgvMNnZzVexlOotHMV6phQHY4WMPksT6je~xlQzq4o5E4dLbKJcmll~eg69Utl6KoafaoL8pMKElrfd1V7nInFT6ScZO4y-XoHN--wywsdDoTb5nwtpVtBcd5E5SVpLVBSNQ~filzebvDIA0hiMmPyxOK1xG5LJqrEibfdMQOZjhMw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 08 Dec 2023 10:08:25 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 19756
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: NIbOZ0YJaS3G3U56c41vN_HUWb-3vWHY2SghEsQPodXMnrOlcWcEyA==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 3FC7 175 KB
63 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd8ab263add13dbe1107e4ec649cc1c6701ffb6590ee793601ac2cc447cf3767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64118
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Dec 2023 13:05:31 GMT

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame 6E19 0
150 B 80ms
27ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=47445800082620104444990012532003&a=8b12904d&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=47445800082620104444990012532003&a=029bc3fe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=47445800082620104444990012532003&a=029bc3fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame BF39 14 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90009.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:14:15 GMT
x-content-type-options: nosniff
age: 64276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:14:15 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame BF39 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90009.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:13:55 GMT
x-content-type-options: nosniff
age: 6696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 11:13:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame E236 274 KB
91 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f7b9285fda4e6cad906a87263b0e87fb6c75418a63e7a67938b76eb35f759fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93072
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 13:05:31 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 6E19 14 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:14:15 GMT
x-content-type-options: nosniff
age: 64276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:14:15 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 6E19 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:13:55 GMT
x-content-type-options: nosniff
age: 6696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 11:13:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3992 274 KB
91 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3354be800f8c050adae81198a5e001b9dc7d51f76485778dc551b949ae057b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93074
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 13:05:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE61 0
20 B 60ms
58ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBL1RmhRzZZfGPPqC7_UPnYW84AIAAAAAOAHgBAI&bg=!iIuli8TNAAY3kmNgF5I7ADQBe5WfOL8ch23o7GOMb7WLyjagLfarKGC4pqwQuqQmDeY7DKvzL34WVi9mUSb8UBJm3RGqAgAAAWVSAAAAAWgBBwoAJc8fB4tNobxojB0OHNox0F4FeN6VqyFLjDtNlIZNahAcrEs5K-eZAz48RqAnxaUP6qe1kGirRp7vErud_U32yogq4dniD5VOzMvKvu6FbWbBYqpbT8-tnPNxvAtUMlYCMkhxTIhwUstwdpNbYD0ktyl-_-Jqaqn1vbiy2iFKw_X0e0GTqj6M1i_K-lp8KEbRsyLrTIZjtVZgdi2TTyLvMrIf1CrCHiCVllR54Vz1q8jOnyYD5GCg2rjWhyF6NTo2ziE4XhCvdLCn-lvlnt8qHaRSUR0fZ3mI--zS1rfvKaoM25snY_UVT91_k_Egv0XDymYEbreqXv6UJJlaLNz_vlQ3cN_qVPv_q_Ca5Rc89pDfc0ywYkg3nsuIJBnnk92l3rbgtMfv1HGNPig69qPBdxxNIGTPAV6gOew1oCUa10xV_nz5pWZK8cdA55gQKu83vp0ssYnxMMKcrthvueUzEF_SjVw9f9wpWy0LuqR1d--5fzrfMN0Dbq1qfsza_4-tkEExioHF-Xdpz7lnNbXk2DiOvL9lBWMb1nqJRunzVB_FjG-TW7oduYct3B8tazm6JosN-DFkpRh5YMfvu4e_qnSe2TOk5-14dwYkmrsZCukMvvMf8uPneurNmgNLEd8tIqz6AgOPxOxzQxY_AZpy0LpDfd3r286RWlCVC8bw0ZkD-bDDiAPYAhqFClAQCOl5O5d-afUYlPs93gsq8HAf0_78g3o_qsvshbizwwasdispQ6AfAUWXwwjvbTJ6Hl8QYCWY9tRBo7lNujaza2PxFyRJnC_Y3ZM4rdEm83uaW1HS-Xz0n94CGZB9dPD9ZxWScwbmC41gxNJsMKaXINEIr0j-bg7sLxJE_uk5NzcFDjAk0PWHg1sqDAqUo1vFVYf5_YL-7rPJGj6-uU_USANcLEdelHdeB45CbsuyCHZtQycqf94GT3aAorBn9LWGnKCsPBmPeVVIkN6q0OhEoUkZ6AzSUNgk_UPUChPxqM2M0hFq1zWKKaQhzwOiKNx8MHxr69Z5SRmJEzXTT2CTdKKQATEjfPzPURlbTXcYD8ydj5n7O93XG6rvCz9jvt96g55kvemmicNhljY1yWa2R3HAh8nsYS73UvzFJxUKNX2DpxSHUiZunEbXQLVKj7GT5B_FXjEHd0j48w

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3FC7 274 KB
91 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f7b9285fda4e6cad906a87263b0e87fb6c75418a63e7a67938b76eb35f759fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93072
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 13:05:31 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0ACB 43 B
215 B 213ms
204ms Image
image/gif 2600:1f13:800:7781:6f80:690b:cb6e:6bb0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1863459&asId=81d2e783-60a0-abcb-83c4-16e7bc29e91c&tv=%7Bc:wdk5O1,pingTime:-10,time:693,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702040731873%7C%7C38881bf4ae0ec23511d7a77b307a8e1a%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C14e15ae43dd9334e34a26a27e35e7755%7C%7Cff3f09730c71e6269bdd6ba2e935ffa0%7C%7Cb0d846a6d7ab948573519a9a41382877%7C%7Ca8b3e44fb2e1468cbd1d397f95f8e9d3%7C%7C93326e1674acb27c0a26e3b5c03d5be9%7C%7C1663701684%7D
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:6f80:690b:cb6e:6bb0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 link.html Show response
track.webgains.com/ Frame E80C 2 KB
2 KB 96ms
96ms Script
text/html 3.11.198.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=60009900089143504444978012532007&nw=1
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.198.160 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: dff6c821c031c85f115c8683b1f3652bbd869d0e5c7c62c82a7207c65bfb8cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
last-modified: Fri, 08 Dec 2023 13:05:31 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 08 Dec 2023 13:06:31 GMT

GET
H3

200

activityi;dc_pre=CLOJ4Onz_4IDFRPMmgodvaEDfQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4042926430978.3643 Show response
5994599.fls.doubleclick.net/ Frame 1C51
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4042926430978.3643?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOJ4Onz_4IDFRPMmgodvaEDfQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4042926430978.3643?

392 B
241 B

149ms
148ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOJ4Onz_4IDFRPMmgodvaEDfQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4042926430978.3643?

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

691a4a8920f9a1eac1eb634fcafcaaa53806dace3122cf7b7454daf0fd9b3fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:31 GMT
expires: Fri, 08 Dec 2023 13:05:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOJ4Onz_4IDFRPMmgodvaEDfQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4042926430978.3643?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90007.redintelligence.net/ Frame D54E 7 KB
2 KB 77ms
28ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=60009900089143504444978012532007&a=b4bd6c63
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 03465a08b6cdb3e1ffa62e6249a2e3fa392ea9ae92e7bf8d51a8f1a558a8719d

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2031
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Dec 2023 13:05:31 GMT
Expires: Fri, 08 Dec 2023 13:05:31 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7DC6 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74841
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Fri, 08 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E80C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef5c3cb2a118019973619343c710510f0d46c69a48aaba600d04e64841882936

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DC6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlhNVW13QUZhdkFTYmdCSA==&google_gid=CAESEPvCGgPrO5O7vGpboK7uQDU&google_cver=1&google_push=AXcoOmTTdrHixL4BMOMu9Uik6SU-V_NGF6...

170 B
188 B

35ms
35ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlhNVW13QUZhdkFTYmdCSA==&google_gid=CAESEPvCGgPrO5O7vGpboK7uQDU&google_cver=1&google_push=AXcoOmTTdrHixL4BMOMu9Uik6SU-V_NGF6Vq7PuHwt8Ywisg9fX4aBW7vWgIqfYFABhgo9G3lkTzDfPqy-ETLg8qXH9yFo3uiYPv

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cph2320025-CPH
pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1702040732.940477,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlhNVW13QUZhdkFTYmdCSA==&google_gid=CAESEPvCGgPrO5O7vGpboK7uQDU&google_cver=1&google_push=AXcoOmTTdrHixL4BMOMu9Uik6SU-V_NGF6Vq7PuHwt8Ywisg9fX4aBW7vWgIqfYFABhgo9G3lkTzDfPqy-ETLg8qXH9yFo3uiYPv
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DC6
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBFbsfgQTXlCPt10QzlA06k&google_cver=1&google_push=AXcoOmQ7xpE0LgoxzyR42fG_SxOIJwBknPCe15EimBHaD7aPrTKhmrqmDBqE2wpVijc9tHpvJ54f2_S5m3vzml...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQ7xpE0LgoxzyR42fG_SxOIJwBknPCe15EimBHaD7aPrTKhmrqmDBqE2wpVijc9tHpvJ54f2_S5m3vzml3XoyHXCv06h2Tqow&google_hm=hmVzFJt4tTBJA3b...

170 B
188 B

37ms
36ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQ7xpE0LgoxzyR42fG_SxOIJwBknPCe15EimBHaD7aPrTKhmrqmDBqE2wpVijc9tHpvJ54f2_S5m3vzml3XoyHXCv06h2Tqow&google_hm=hmVzFJt4tTBJA3bIEQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6573149B78B530490376C811BLIS

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQ7xpE0LgoxzyR42fG_SxOIJwBknPCe15EimBHaD7aPrTKhmrqmDBqE2wpVijc9tHpvJ54f2_S5m3vzml3XoyHXCv06h2Tqow&google_hm=hmVzFJt4tTBJA3bIEQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6573149B78B530490376C811BLIS
date: Fri, 08 Dec 2023 13:05:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 7DC6 0
41 B 37ms
35ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENFKPQPck0E8JBhqxgYuGis&google_cver=1&google_push=AXcoOmSjCBdebS4bxoidGTwSRm64Ah4Nko6up7Kh0J4vSzlPCFAUhCIRUCiK37i-SEWpDPfhvP-1BEeAfbTNY8CyuZjO3ZN83WBQWg
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 08 Dec 2023 13:05:31 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DC6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJk0HDmgb01l-SLPoA_6HT4&google_cver=1&google_push=AXcoOmSrUZWUrS1ynFvK-DGs5UoxzaVw-O15pu0It10qIFkF28T45CZMaEGwIKwCjLfR159IIiV...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXTjNSTlAtTS0yNE01&google_push=AXcoOmSrUZWUrS1ynFvK-DGs5UoxzaVw-O15pu0It10qIFkF28T45CZMaEGwIKwCjLfR159IIiVD-cLnEoHcL8FDlBNOOpw_rSClcg

170 B
188 B

48ms
47ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXTjNSTlAtTS0yNE01&google_push=AXcoOmSrUZWUrS1ynFvK-DGs5UoxzaVw-O15pu0It10qIFkF28T45CZMaEGwIKwCjLfR159IIiVD-cLnEoHcL8FDlBNOOpw_rSClcg

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXTjNSTlAtTS0yNE01&google_push=AXcoOmSrUZWUrS1ynFvK-DGs5UoxzaVw-O15pu0It10qIFkF28T45CZMaEGwIKwCjLfR159IIiVD-cLnEoHcL8FDlBNOOpw_rSClcg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: bcdac959321a8cf7d38f9eb638bfa14f
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DC6
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAnV8puUNoVCTjKIgrwcjuw&google_cver=1&google_push=AXcoOmTeEOKqjSdNRZfUnYLgb5gdgm4D1rj8GDq6hQ7pLqv_LJQ6M7gtLYYOS792VdbRdzFOtIjsVyNxsT4w...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTeEOKqjSdNRZfUnYLgb5gdgm4D1rj8GDq6hQ7pLqv_LJQ6M7gtLYYOS792VdbRdzFOtIjsVyNxsT4w2h70_BGl0XwbcvrOwA

170 B
188 B

38ms
38ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTeEOKqjSdNRZfUnYLgb5gdgm4D1rj8GDq6hQ7pLqv_LJQ6M7gtLYYOS792VdbRdzFOtIjsVyNxsT4w2h70_BGl0XwbcvrOwA

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTeEOKqjSdNRZfUnYLgb5gdgm4D1rj8GDq6hQ7pLqv_LJQ6M7gtLYYOS792VdbRdzFOtIjsVyNxsT4w2h70_BGl0XwbcvrOwA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 7DC6 0
75 B 29ms
28ms Image
text/plain 81.17.55.109
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHUM-vBeMMkxp0gWCz0FmsE&google_cver=1&google_push=AXcoOmSQiivvglBAIf-PPE-r7XWbhNJljFXTbMHfq_gubTcDYavRJlfNASWbF2FxByJkrQiFdC8ZCmOQPhMgUzgl10YdH6O5u4igxw
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.109 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:30 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DC6
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGpj49D7BtPCUHubRR8W-vo&google_cver=1&google_push=AXcoOmQEyrEiMtqhT...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDU5NjAwNDUxMDg0NjU2MzA2&google_gid=CAESEGpj49D7BtPCUHubRR8W-vo&google_cver=1&google_push=AXcoOmQEyrEiMtqhTzkEiNqhdGFRmd2eU2MxJnWYt7...

170 B
188 B

105ms
102ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDU5NjAwNDUxMDg0NjU2MzA2&google_gid=CAESEGpj49D7BtPCUHubRR8W-vo&google_cver=1&google_push=AXcoOmQEyrEiMtqhTzkEiNqhdGFRmd2eU2MxJnWYt7eL-2JRuwAAdV-NMOok4Ldo15lSwaG4_y8HljQXqbGu71TVgJvOZOtLdftSFg

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:31 GMT
an-x-request-uuid: 690e946c-a87c-4ab1-a177-2c1c6f75181a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDU5NjAwNDUxMDg0NjU2MzA2&google_gid=CAESEGpj49D7BtPCUHubRR8W-vo&google_cver=1&google_push=AXcoOmQEyrEiMtqhTzkEiNqhdGFRmd2eU2MxJnWYt7eL-2JRuwAAdV-NMOok4Ldo15lSwaG4_y8HljQXqbGu71TVgJvOZOtLdftSFg
x-proxy-origin: 217.114.218.20; 217.114.218.20; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7DC6 0
12 B 31ms
30ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQvwsVj0-8rOu0jo0A8OddbWsfKdET90d9uP4ZwLVHOvrbGNTJ77Y-y89_E74LjGi1IpXOSQ

Requested by

Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame D54E 5 KB
682 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=60009900089143504444978012532007&a=b4bd6c63

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 13:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 11:22:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 13:05:31 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D54E 95 KB
95 KB 283ms
145ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=60009900089143504444978012532007&a=b4bd6c63
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: ef06c548307b60b151c8a56d96fe9f27a43995753091c7593e7e03b27f2e861b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:32 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D54E 81 KB
81 KB 165ms
27ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=60009900089143504444978012532007&a=b4bd6c63
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 3cdf2912e630af5f8cff5ad05cb11cbbecd3bcebcde36204892f79a509a56815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:32 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D54E 54 KB
54 KB 258ms
121ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=60009900089143504444978012532007&a=b4bd6c63
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 1ed64f1ffeaf9393ac08f840d7453262bebb88a1fa1106657a08b6f05e0b3a40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:32 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 55238
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame E80C 53 KB
19 KB 106ms
99ms Script
application/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=60009900089143504444978012532007&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 01:58:47 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 40005
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: R2FD_ThIurPc-Gv4xPzZN9zy1xz99-wDE2qlaQWC9RKQ73E2xd4OCw==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame E80C 85 B
436 B 104ms
97ms Image
image/gif 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1702041031&Signature=gF4qXs~MT1UC9bs709sWRdYqBMk9iVk6C8Xdy-MZm7ZANhNMHuMeI9cfhl4NHcWdX~yYRGZwLjUoJj9ouZvSFxw1X4NagdpxsV2RLBVvNSBMbQC2cAL6cYfoqBFNZEb3Kpq1tXik~gs5TjCcqqM9DQEBAcL1J5KzG0hQcWgZUgvMNnZzVexlOotHMV6phQHY4WMPksT6je~xlQzq4o5E4dLbKJcmll~eg69Utl6KoafaoL8pMKElrfd1V7nInFT6ScZO4y-XoHN--wywsdDoTb5nwtpVtBcd5E5SVpLVBSNQ~filzebvDIA0hiMmPyxOK1xG5LJqrEibfdMQOZjhMw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
URL: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 08 Dec 2023 10:08:25 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 19756
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: hVfvCdFCGo_fuwI-UJ69SCepbNGjpSVMocJXXgPe2JcE9Z2dggAc6g==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0ACB 42 B
64 B 198ms
80ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvES1IUZ98Gx8WoOuX5HK2D500w3V6ra-15bbHuqsMLOJXuphbQWll3e0T3r1SQlXH9e5RC4OKGANoJ6wGH9lObtvRbSv1TKtxEkP2IyC6OzVFx3UezH3LA9FOJR6FIZVLGbBOHlElxrdUI&sai=AMfl-YQ3l-FU7l1bsvRX_Jn2UeKpeUTl1lKB0ZrqPbgtqQCluRDZP1n9eDN_5bqdtyd8SuxlbZDeJo5d4bZktVx4g-CIH0ayMsBXuFBOo0QwxNqW9ZdFYT2Qp9-JRjKll8MHMUVz7rBdJg&sig=Cg0ArKJSzJ2v6OrK3Vb_EAE&cid=CAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE&id=lidar2&mcvt=1006&p=552,1117,802,1417&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=515290081&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702040730497&rpt=487&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame D54E 0
150 B 143ms
26ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=60009900089143504444978012532007&a=e0a30252&vb=m
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=60009900089143504444978012532007&a=b4bd6c63
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/request_content.php?s=60009900089143504444978012532007&a=b4bd6c63
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:32 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D54E 14 KB
15 KB 95ms
94ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90007.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:14:15 GMT
x-content-type-options: nosniff
age: 64277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:14:15 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D54E 15 KB
15 KB 95ms
95ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90007.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:13:55 GMT
x-content-type-options: nosniff
age: 6697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 11:13:55 GMT

GET
H2 200 dc_pre=CLOJ4Onz_4IDFRPMmgodvaEDfQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4042926430978.3643
adservice.google.com/ddm/fls/z/ Frame 1C51 42 B
107 B 65ms
58ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLOJ4Onz_4IDFRPMmgodvaEDfQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4042926430978.3643

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLOJ4Onz_4IDFRPMmgodvaEDfQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4042926430978.3643?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 548D 0
20 B 57ms
55ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7255359214160&version=m202309260101&ct=119&x=1&cor=11276397166074057000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dw-check.html Show response
experiences.mrf.io/marfeelpass/statics/ Frame A3D3 3 KB
1 KB 117ms
40ms Document
text/html 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607

Request headers

Referer: https://www.theenemy.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 818729
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400, s-maxage=2592000
cf-cache-status: HIT
cf-ray: 832538725fca153d-CDG
content-encoding: gzip
content-type: text/html
date: Fri, 08 Dec 2023 13:05:32 GMT
last-modified: Thu, 23 Nov 2023 12:08:24 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-envoy-upstream-service-time: 2

GET
H2 200 azion-pulse.js Show response
client.azionrum.net/1955r/ 884 B
733 B 3499ms
904ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://client.azionrum.net/1955r/azion-pulse.js
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: /
Resource Hash: 16e6a887b5101ff52be821611d7d6e08e2123f0b34471d169f01dc15203ded32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:35 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 18:46:11 GMT
etag: W/"40844c3f424a934e4a6585bab15c914b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: 86400
expires: 86400

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 74ms
74ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dc89e18bfe0a60f999ae16f5c1d8ecbed07e46c6e97054b788efedb8b6919da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12138
x-xss-protection: 0

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
783 B 31ms
30ms Ping
application/json 141.94.219.171
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.219.171 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy06.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 08 Dec 2023 13:05:32 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.theenemy.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 130ms
34ms Preflight 3.10.29.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 08 Dec 2023 13:05:32 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 219F 16 B
209 B 69ms
69ms Fetch
application/json 3.10.29.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-29-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Dec 2023 13:05:32 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 0D5D 16 B
209 B 81ms
81ms Fetch
application/json 3.10.29.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-29-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Dec 2023 13:05:32 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 123ms
35ms Preflight 3.10.29.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 08 Dec 2023 13:05:32 GMT
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0D5D 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCGRlJC6J99aXnVcsSyEfSLd5mUD3Dlkf8A62H6XZOP43j01neS4cxuiSmKE0ktdLPS1bLwgYJbxVv-1cZcSezid_XsMbC3mApEaHmD1YIse3ofCWz-HOPDieShdOymE0&sai=AMfl-YRKgEQCHFZhnfu95CQu6jkW0JI_g-DfjucrM5uWAV0NiD_HM85pqBhkCLBniTEMvYMZaQBUiaJOmYFJ4EUFuJbs0FSxH1xsc3ct2_7gm3dl_VHVsl4RaIM8I_IPfP-PvlBEJR-tMQ&sig=Cg0ArKJSzFVXl20D-ejdEAE&cid=CAQSOwDICaaNcxulkhUlPGOZpFSo1qaivVid3Kx2ZWmh6AyXhf1fvYvVYpQnLSEKyFeU1cySjI2Y19MdMsFDGAE&id=lidar2&mcvt=1012&p=184,315,434,1285&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3928882360&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702040730500&rpt=869&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0ACB 43 B
215 B 181ms
181ms Image
image/gif 2600:1f13:800:7781:6f80:690b:cb6e:6bb0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1863459&asId=81d2e783-60a0-abcb-83c4-16e7bc29e91c&tv=%7Bc:wdk5Yo,time:1336,type:e,im:%7Bpci:%7Btdr:1010%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1336,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1135~0%5D,as:%5B1135~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:899,fm:tXQVs5K+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C16*.1863459-76904395%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C183%7C184%7C191%7C1921,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:231,sis:432%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:6f80:690b:cb6e:6bb0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:32 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 13:05:32 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 7814 28 B
55 B 36ms
36ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Goog-Request-Time: 1702040732526
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/nAtoaDv-tWQ?si=HvxCkBVIEMpqg_G7&enablejsapi=1
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgszb0RkTG82MWg2SSiZqcyrBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1702040730139&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C356%2C200&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 08 Dec 2023 13:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 08 Dec 2023 13:05:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 086C 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theenemy.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 09:15:41 GMT
expires: Sat, 07 Dec 2024 09:15:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E9B6 829 B
559 B 35ms
34ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e9800d2d84d7ed0f727a7304ce21b9c3994c24998e0d1a1b9629c9d4eb5bf60d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W1gdajQ9yLNKMe6qVcpt0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theenemy.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-W1gdajQ9yLNKMe6qVcpt0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 13:05:32 GMT
expires: Fri, 08 Dec 2023 13:05:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9ABB 28 B
56 B 34ms
33ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Goog-Request-Time: 1702040732576
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jQdFe0Wiugw?si=-6WegZye7WoVVihb&enablejsapi=1
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgszb0RkTG82MWg2SSiZqcyrBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1702040730163&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C356%2C200&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 08 Dec 2023 13:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 08 Dec 2023 13:05:32 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 086C 39 KB
15 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 12:50:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E9B6 0
0 56ms
55ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3936386077936602&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame 6E19 0
150 B 81ms
28ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=47445800082620104444990012532003&a=8b12904d&vb=v
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=47445800082620104444990012532003&a=029bc3fe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=47445800082620104444990012532003&a=029bc3fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:32 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 37ms
37ms Preflight 3.10.29.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 08 Dec 2023 13:05:32 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame E80C 16 B
209 B 93ms
93ms Fetch
application/json 3.10.29.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-29-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Dec 2023 13:05:32 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 086C 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KmcKRg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D5D 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=424640310485&version=m202309260101&ct=77&x=1&cor=2051373236828092000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 219F 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6632250516021&version=m202309260101&ct=77&x=1&cor=14330109358231212000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3936386077936602&bg=!lZalltnNAAY3kmNgF5I7ADQBe5WfOLvXkpkIUbZ5pE_6GSvYvVErUl7fiOSv1gg3Ro7wPePwDtMYCuaKrJ82gMUxahMSAgAAAEdSAAAAAWgBBwoAT3HZA9VjeoJ2CjRzE8OsDAe6PQXSe97AQTtN90KimHqXM5Z766hNePcs1yKHF4pbVylfznZ3BfoHfHNWxBEncOTXNf54qUbeK5wLrteqG2KZAvA0Fd_5ujqFNdnYTa5K9hdSolvyd8lA8tRlrIzbPCrarcUgboXsK0BpogtesZOeMzGQ3Vd0czo8olJri3wXBUChKGbpYZnc4PGMGs1j4an94yr04sEebO416Tb_g6fqJy9dHr7ZVB8Do9y0ssWw0eFFwEPY_1hYnM5pGMK3FU49cbA01Xry000qNh8cjpjDJAL1nZKlEjorSuXyRgrnTSND2OmvoUxrVglrCniLBc_36Fz9qnRxvQQGd5edujIha1TrwEJPIsJUMViN_BGOpK2I-LX1YgaRuoBRV97U3gZEk3icVeXl2cxGWh3EaDXHXSf49ASHMjmiygc-3tOea1jZj0EMhwDK6oet36NWS4xdQWf6mlemWUKYQ3CTeUIXrb6SksINLSwQ64LHPEyFhAzp9rIxfeLF1_2ZB4nEzcHCXJLzPus3xBjdp584O-PTJN1TtR5WAmoelh7Og-PYgYOIyV0XZ-K-1kFI1FPI6_Usdh5RyTPpsfhgK6NFF8VMklvHRY6oXd5DWdLEq5iqTn7NEJNXyAN8ZBd0Yy5FJ0wSHxyZcHvFPirDEYu01R7wGqEThzI4smhSQj3cf664oquAq8Ly4EWERUVKIwcV0ORzqn-GGTgzqdtka06RaY73bPLAAXBZpGeVOjdEsCKZohnXELXBabHPmM_2nX8LdJ6u-bUJ7nLM2f7RwAVG9Af15trO-Pa7gdhnsuJ38lHfFJM9EPsL1B1EhQT0WkkfxpVahz3Qyklb6Efo3lvMIHuxBC2CilGBMOZHIBpYfISo1u0ULSPJf1Wq9T79StOIkKIjSCKo--z7Fx6kbPGQO4NQOW_Y6nXql9QAL1BslVSOUIPSLvX0hbHUVGme1Zpq5yxjyirNXnDcse2xHLH3zkd5R4_CiAqsihkUc-va-UoxHf2-Tk_3hJmZJqD8trHvPQ9Y57kb0U-rSxaH1EBagNoVrWljE2jk2MsNP_LCzuOoaJIS9zHYb9N_rFSyGQqLHfYynw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0ACB 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4335187873312&version=m202309260101&ct=76&x=1&cor=72798649850702800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E80C 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9580968413286&version=m202309260101&ct=77&x=1&cor=11083464243900895000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0ACB 43 B
215 B 183ms
182ms Image
image/gif 2600:1f13:800:7781:6f80:690b:cb6e:6bb0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1863459&asId=81d2e783-60a0-abcb-83c4-16e7bc29e91c&tv=%7Bc:wdk6f3,pingTime:1,time:2369,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:231%7D,%7Bpiv:100,vs:i,r:,t:1368%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1368,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1167~0,0~100%5D,as:%5B1167~300.250%5D%7D%7D,%7Bsl:i,t:1368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:244,fm:tXQVs5K+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C16*.1863459-76904395%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C183%7C184%7C191%7C1921,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:231,sis:432%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:6f80:690b:cb6e:6bb0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:33 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0ACB 43 B
215 B 181ms
181ms Image
image/gif 2600:1f13:800:7781:6f80:690b:cb6e:6bb0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1863459&asId=81d2e783-60a0-abcb-83c4-16e7bc29e91c&tv=%7Bc:wdk6f3,pingTime:1,time:2369,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:231%7D,%7Bpiv:100,vs:i,r:,t:1368%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1368,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1167~0,0~100%5D,as:%5B1167~300.250%5D%7D%7D,%7Bsl:i,t:1368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:244,fm:tXQVs5K+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C16*.1863459-76904395%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C183%7C184%7C191%7C1921,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:231,sis:432%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:6f80:690b:cb6e:6bb0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:33 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 30ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9SH3GR3Z9Q&gtm=45je3bt0v876057138z8889266690&_p=1702040728841&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1291061657.1702040729&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1702040729&sct=1&seg=0&dl=https%3A%2F%2Fwww.theenemy.com.br%2F&dt=The%20Enemy%20-%20A%20maior%20plataforma%20de%20games%20do%20Brasil&en=collect_dimensions&ep.page_author_name=null&ep.page_content_type=null&ep.page_date=null&ep.page_theme=null&ep.page_section=null&_et=2&tfd=8564
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9SH3GR3Z9Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theenemy.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Cairo-Black.woff2
s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/ Frame 1E43 35 KB
35 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/Cairo-Black.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9b6400102f47473a74ad2024b0ce14b70f3ff887f5bca6cc234e14366ab2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18194001191956541226/roller-kwxx-300x250/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:59:08 GMT
x-content-type-options: nosniff
age: 363986
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35908
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:11:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 07:59:08 GMT

POST
H2 200 multimedia.php
events.newsroom.bi/ 12 B
0 32ms
31ms Fetch
application/json 141.94.219.171
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/multimedia.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/1f9abcbfcbfcbedd764d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.219.171 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy06.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Dec 2023 13:05:35 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.theenemy.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

POST
H2 200 multimedia.php
events.newsroom.bi/ 12 B
0 30ms
30ms Fetch
application/json 141.94.219.171
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/multimedia.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/1f9abcbfcbfcbedd764d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.219.171 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy06.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Dec 2023 13:05:35 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.theenemy.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12

GET
H2 200 context.min.js Show response
rum.azion.com/pulsejs/ 10 KB
4 KB 565ms
521ms Fetch
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.azion.com/pulsejs/context.min.js
Requested by: Host: client.azionrum.net
URL: https://client.azionrum.net/1955r/azion-pulse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: /
Resource Hash: eba320a10cf3534d438e74799891be52f4a0c04f289cf0f281ac404316f97dc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:36 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 18:46:12 GMT
etag: W/"6a13358802ef6ec5192bfd921f97ab7e"
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, POST, PUT, DELETE, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: 86400
expires: 86400

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0ACB 43 B
215 B 181ms
181ms Image
image/gif 2600:1f13:800:7781:6f80:690b:cb6e:6bb0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1863459&asId=81d2e783-60a0-abcb-83c4-16e7bc29e91c&tv=%7Bc:wdk7hz,pingTime:5,time:6369,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:231%7D,%7Bpiv:100,vs:i,r:,t:1368%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1368,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1167~0,0~100%5D,as:%5B1167~300.250%5D%7D%7D,%7Bsl:i,t:1368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:184,fm:tXQVs5K+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C16*.1863459-76904395%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C183%7C184%7C191%7C1921,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:231,sis:432%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:6f80:690b:cb6e:6bb0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:37 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0ACB 43 B
215 B 182ms
182ms Image
image/gif 2600:1f13:800:7781:6f80:690b:cb6e:6bb0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1863459&asId=81d2e783-60a0-abcb-83c4-16e7bc29e91c&tv=%7Bc:wdk7hz,pingTime:5,time:6369,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:231%7D,%7Bpiv:100,vs:i,r:,t:1368%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1368,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1167~0,0~100%5D,as:%5B1167~300.250%5D%7D%7D,%7Bsl:i,t:1368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:184,fm:tXQVs5K+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C16*.1863459-76904395%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C183%7C184%7C191%7C1921,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:231,sis:432%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:6f80:690b:cb6e:6bb0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:37 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H/1.1 204
No Content navigation
rum.azion.net/beacon/ 0
0 566ms
175ms Fetch 35.236.21.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.azion.net/beacon/navigation
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.236.21.45 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.21.236.35.bc.googleusercontent.com
Software: azion webserver /
Resource Hash

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Dec 2023 13:05:38 GMT
Server: azion webserver
Accept-Language: en, pt-br
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: POST
Content-Language: en, pt-br
Access-Control-Allow-Origin: *
Accept: text/plain;charset=utf-8
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET

probes
b82a9e08-62e7-47d9-a5a6-e6ce5a77d089.rum.azioncdn.net/
Redirect Chain

https://rum.azion.com/probes?netinfo=true
https://b82a9e08-62e7-47d9-a5a6-e6ce5a77d089.rsv.azioncdn.net/probes?netinfo=true
https://b82a9e08-62e7-47d9-a5a6-e6ce5a77d089.rum.azioncdn.net/probes?netinfo=true

0
0

GET
H2 200 dc_oe=ChMI0Zaf6fP_ggMVr539Bx0fHwxkEAAYACC32K5YQhMIo8bZ6PP_ggMVaKT9Bx1OowKz;dc_eps=AHas8cBvC2SAhkBtGwf1BLP9qqHnUHJIhtLECxw_HdeY5EwfVeFwvFutmlgcYsPG12-FZfgpsRZaWog;met=1;&timestamp=1702040741223;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 548D 42 B
401 B 123ms
57ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0Zaf6fP_ggMVr539Bx0fHwxkEAAYACC32K5YQhMIo8bZ6PP_ggMVaKT9Bx1OowKz;dc_eps=AHas8cBvC2SAhkBtGwf1BLP9qqHnUHJIhtLECxw_HdeY5EwfVeFwvFutmlgcYsPG12-FZfgpsRZaWog;met=1;&timestamp=1702040741223;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

probes Show response
f9c0ee4d-4a15-4178-841e-44917a694fbf.rum.azioncdn.net/
Redirect Chain

https://530001a.ha.azioncdn.net/probes?netinfo=true
https://f9c0ee4d-4a15-4178-841e-44917a694fbf.rsv.azioncdn.net/probes?netinfo=true
https://f9c0ee4d-4a15-4178-841e-44917a694fbf.rum.azioncdn.net/probes?netinfo=true

806 B
568 B

1035ms
686ms

Fetch
application/json

179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://f9c0ee4d-4a15-4178-841e-44917a694fbf.rum.azioncdn.net/probes?netinfo=true
Protocol: H2
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: /
Resource Hash: 3c1412e9f308863b98a0842ab985cb5d0c539860f3d7ad6b08ab7089dbf5d991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Dec 2023 13:05:44 GMT
cache-control: no-cache
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

Redirect headers

location: //f9c0ee4d-4a15-4178-841e-44917a694fbf.rum.azioncdn.net/probes?netinfo=true
pragma: no-cache
date: Fri, 08 Dec 2023 13:05:43 GMT
cache-control: no-cache
access-control-allow-origin: *
content-length: 0
content-type: text/plain

GET
H2 200 dc_oe=ChMI19ie6fP_ggMVZZeDBx3u2QPHEAAYACChsr1iQhMIn8bZ6PP_ggMVaKT9Bx1OowKz;dc_eps=AHas8cCBb6rE_cwf0CVQOexrXkEBSRCTtCZN7rBWTh2pn6IzcydxE-JGtwaUAm1UzMOxZ47t1hShYKw;met=1;&timestamp=1702040742423;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 0ACB 42 B
107 B 57ms
57ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI19ie6fP_ggMVZZeDBx3u2QPHEAAYACChsr1iQhMIn8bZ6PP_ggMVaKT9Bx1OowKz;dc_eps=AHas8cCBb6rE_cwf0CVQOexrXkEBSRCTtCZN7rBWTh2pn6IzcydxE-JGtwaUAm1UzMOxZ47t1hShYKw;met=1;&timestamp=1702040742423;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1k-a.gif Show response
478d81f566ccd664e6f1f83927d96c5c14da1d44.rum.azioncdn.net/probe/ 1 KB
1 KB 318ms
20ms Fetch
image/gif 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://478d81f566ccd664e6f1f83927d96c5c14da1d44.rum.azioncdn.net/probe/1k-a.gif
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: /
Resource Hash: e41d520cabbd961f44a8d2cb3a751cc5bb1a3456a7edba1dc1fe861dbcbce2ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:44 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, POST, PUT, DELETE, HEAD
content-type: image/gif
access-control-allow-origin: https://www.theenemy.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
content-length: 1024

GET
H2 200 1k-b.gif Show response
fa7d057471c13251cd5e25bbfa8d091e8620d65a.rum.azioncdn.net/probe/ 1 KB
1 KB 660ms
32ms Fetch
image/gif 179.191.181.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://fa7d057471c13251cd5e25bbfa8d091e8620d65a.rum.azioncdn.net/probe/1k-b.gif
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.181.65 Paris, France, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: /
Resource Hash: a846ba5d593f0bcd2b4041276fc5b411a354bab9a1b2c92d04381d06a8ac5f1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:46 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, POST, PUT, DELETE, HEAD
content-type: image/gif
access-control-allow-origin: https://www.theenemy.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
content-length: 1024

GET
H2 200 1k-c.gif Show response
6f41c7e53d4ec762a5708e2f13b37c2b98086ac1.rum.azioncdn.net/probe/ 1 KB
1 KB 1087ms
97ms Fetch
image/gif 206.41.74.3
BSO

General

Check archive.org

Show headers Download Go to

Full URL: https://6f41c7e53d4ec762a5708e2f13b37c2b98086ac1.rum.azioncdn.net/probe/1k-c.gif
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.41.74.3 , United Kingdom, ASN4455 (BSO, GB),
Reverse DNS
Software: /
Resource Hash: 158247ecd42983db21f6e3751b23f0e97b7ab832af6e6eebc4c18ab1fe3ba0b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theenemy.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:48 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, POST, PUT, DELETE, HEAD
content-type: image/gif
access-control-allow-origin: https://www.theenemy.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
content-length: 1024

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
783 B 31ms
31ms Ping
application/json 141.94.219.171
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2812
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.219.171 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy06.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 08 Dec 2023 13:05:47 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.theenemy.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0ACB 43 B
215 B 182ms
181ms Image
image/gif 2600:1f13:800:7781:6f80:690b:cb6e:6bb0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1863459&asId=81d2e783-60a0-abcb-83c4-16e7bc29e91c&tv=%7Bc:wdk9SR,pingTime:15,time:16369,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:231%7D,%7Bpiv:100,vs:i,r:,t:1368%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:15001,o:1368,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1167~0,0~100%5D,as:%5B1167~300.250%5D%7D%7D,%7Bsl:i,t:1368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15001~100%5D,as:%5B15001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:185,fm:tXQVs5K+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C16*.1863459-76904395%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C183%7C184%7C191%7C1921,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:231,sis:432%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:6f80:690b:cb6e:6bb0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:47 GMT
server: nginx
x-server-name: dt26.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0ACB 43 B
215 B 183ms
183ms Image
image/gif 2600:1f13:800:7781:6f80:690b:cb6e:6bb0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1863459&asId=81d2e783-60a0-abcb-83c4-16e7bc29e91c&tv=%7Bc:wdk9SR,pingTime:15,time:16369,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:231%7D,%7Bpiv:100,vs:i,r:,t:1368%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:15001,o:1368,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:230,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1167~0,0~100%5D,as:%5B1167~300.250%5D%7D%7D,%7Bsl:i,t:1368,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15001~100%5D,as:%5B15001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:185,fm:tXQVs5K+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C16*.1863459-76904395%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C181%7C182%7C183%7C184%7C191%7C1921,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:231,sis:432%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:6f80:690b:cb6e:6bb0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:47 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H/1.1 204
No Content probe
rum.azion.net/beacon/ 0
0 173ms
172ms Fetch 35.236.21.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.azion.net/beacon/probe
Requested by: Host: www.theenemy.com.br
URL: https://www.theenemy.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.236.21.45 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.21.236.35.bc.googleusercontent.com
Software: azion webserver /
Resource Hash

Request headers

Referer: https://www.theenemy.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Dec 2023 13:05:49 GMT
Server: azion webserver
Accept-Language: en, pt-br
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: POST
Content-Language: en, pt-br
Access-Control-Allow-Origin: *
Accept: text/plain;charset=utf-8
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H3 200 dc_oe=ChMI0Zaf6fP_ggMVr539Bx0fHwxkEAAYACC32K5YQhMIo8bZ6PP_ggMVaKT9Bx1OowKz;dc_eps=AHas8cBvC2SAhkBtGwf1BLP9qqHnUHJIhtLECxw_HdeY5EwfVeFwvFutmlgcYsPG12-FZfgpsRZaWog;met=1;&timestamp=1702040751223;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 548D 42 B
63 B 57ms
57ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame 6E19 0
150 B 75ms
25ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=47445800082620104444990012532003&a=8b12904d&vb=v20
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=47445800082620104444990012532003&a=029bc3fe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=47445800082620104444990012532003&a=029bc3fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 13:05:51 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 dc_oe=ChMI19ie6fP_ggMVZZeDBx3u2QPHEAAYACChsr1iQhMIn8bZ6PP_ggMVaKT9Bx1OowKz;dc_eps=AHas8cCBb6rE_cwf0CVQOexrXkEBSRCTtCZN7rBWTh2pn6IzcydxE-JGtwaUAm1UzMOxZ47t1hShYKw;met=1;&timestamp=1702040752423;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 0ACB 42 B
63 B 58ms
58ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 13:05:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.theenemy.com.br&pubid=eeaed78c-8268-4bca-9715-9bd07ae4a091

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=1l7ZCn8wuhrX4IEM&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fwww.theenemy.com.br%2F&lact=576&cl=588227172&mos=0&volume=100&cbr=Chrome&cbrver=120.0.6099.71&c=WEB_EMBEDDED_PLAYER&cver=1.20231205.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=18380&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C176963%2C53633%2C60171%2C24566%2C25688%2C9541%2C1089%2C5877%2C394%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C8128%2C859%2C1094%2C2316%2C7197%2C4684%2C709%2C1518%2C7726%2C2008%2C4552%2C8263&muted=0&docid=nAtoaDv-tWQ

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=RliYOZRPy8fFO-7l&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fwww.theenemy.com.br%2F&lact=555&cl=588227172&mos=0&volume=100&cbr=Chrome&cbrver=120.0.6099.71&c=WEB_EMBEDDED_PLAYER&cver=1.20231205.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=93&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C153843%2C23120%2C53633%2C84737%2C25688%2C9541%2C1089%2C5877%2C394%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C8128%2C859%2C1094%2C2316%2C7197%2C125%2C4559%2C710%2C1517%2C7726%2C2008%2C4552%2C3859%2C4405&muted=0&docid=jQdFe0Wiugw

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGnTw1ZwxbJZpYL8fJ_zQLI&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGnTw1ZwxbJZpYL8fJ_zQLI&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Domain: b82a9e08-62e7-47d9-a5a6-e6ce5a77d089.rum.azioncdn.net
URL: https://b82a9e08-62e7-47d9-a5a6-e6ce5a77d089.rum.azioncdn.net/probes?netinfo=true

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theenemy.com.br/	1970-01-20 16:48:47	Name: _gid Value: GA1.3.1946401071.1702040729
.theenemy.com.br/	1970-01-20 16:47:20	Name: _gat Value: 1
.adnxs.com/	1970-01-20 18:56:56	Name: icu Value: ChgI74h_EAoYASABKAEwmanMqwY4AUABSAEQmanMqwYYAA..
.adnxs.com/	1970-01-20 18:56:56	Name: uuid2 Value: 459600451084656306
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: uwKHYv50-Jo
.youtube.com/	1970-01-20 21:06:32	Name: VISITOR_INFO1_LIVE Value: 3oDdLo61h6I
.theenemy.com.br/	1969-12-31 23:59:59	Name: ___nrbic Value: %7B%22previousVisit%22%3A1702040729%2C%22currentVisitStarted%22%3A1702040729%2C%22sessionId%22%3A%220804ef54-abb4-4623-afe9-44cfe2352c5c%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.theenemy.com.br/%22%2C%22referrer%22%3A%22%22%7D
.theenemy.com.br/	1970-01-20 21:10:48	Name: ___nrbi Value: %7B%22firstVisit%22%3A1702040729%2C%22userId%22%3A%2288f337e3-2ef7-40b4-b888-bb94ec673ef4%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1702040729%2C%22timesVisited%22%3A1%7D
.theenemy.com.br/	1970-01-20 21:10:48	Name: compass_uid Value: 88f337e3-2ef7-40b4-b888-bb94ec673ef4
.theenemy.com.br/	1970-01-20 18:56:56	Name: _gcl_au Value: 1.1.504336937.1702040729
events.newsroom.bi/	1970-01-20 21:06:32	Name: 2812_u Value: 88f337e3-2ef7-40b4-b888-bb94ec673ef4
events.newsroom.bi/	1969-12-31 23:59:59	Name: 2812_s Value: 0804ef54-abb4-4623-afe9-44cfe2352c5c
events.newsroom.bi/	1970-01-20 17:30:32	Name: 2812_lv Value: null
events.newsroom.bi/	1970-01-20 17:30:32	Name: 2812_ut Value: 0
.theenemy.com.br/	1970-01-21 02:23:20	Name: _ga Value: GA1.1.1291061657.1702040729
.theenemy.com.br/	1970-01-21 02:23:20	Name: _ga_9SH3GR3Z9Q Value: GS1.1.1702040729.1.0.1702040729.60.0.0
.rubiconproject.com/	1970-01-21 01:32:56	Name: khaos Value: LPWN3RNP-M-24M5
.rubiconproject.com/	1970-01-21 01:32:56	Name: audit Value: 1\|naVuGyos1qoc2pQj5F4eiLU1ZxogGjlwOA+xFj1I9scmP1H4Ec1c+7gUilDpvgCDBGjdoagGteM3a0jtQkwvxM4/a9yhEZmggt1rzd1wi7jJ5U2FUoSXaL7FQD2yB//hsqlSNZOaaDQ=
.theenemy.com.br/	1970-01-20 18:56:56	Name: _fbp Value: fb.2.1702040729670.2133760753
.navdmp.com/	1970-01-21 01:33:17	Name: ac3 Value: 1
.navdmp.com/	1970-01-21 02:23:20	Name: nid Value: 13c51b18fc27fe2dfff22d8b4610\|1\|368
.doubleclick.net/	1970-01-21 02:08:56	Name: IDE Value: AHWqTUknVMKab8tgSihAoPA6H-vb9TaSd6GwoSbvdpB7e7pekikQSEo9CpOzs4ROA8A
.theenemy.com.br/	1970-01-21 01:32:56	Name: nvg88270 Value: 13c51b18fc8f97301548a1379910\|0_343
.theenemy.com.br/	1970-01-21 02:08:56	Name: __gads Value: ID=67dfe3587ad27f90:T=1702040729:RT=1702040729:S=ALNI_MYRUfz3UBFph69R16tVm1SuaIEpWg
.theenemy.com.br/	1970-01-21 02:08:56	Name: __gpi Value: UID=00000d0f96f209d6:T=1702040729:RT=1702040729:S=ALNI_MZaOWVqTWdyXo91nBYcoR57rnQ4-A
.yahoo.com/	1970-01-21 01:33:18	Name: A3 Value: d=AQABBJoUc2UCEDnhX-WpIA05APuZDAa-uO0FEgEBAQFmdGV8ZeANyiMA_eMAAA&S=AQAAAu4ktXOPViDxbpNUuqx0_rY
.adnxs.com/	1970-01-20 18:56:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVLi_!OW!]tbPl1M>e)ZlrFUfJ+tGXxp.YQ7.<M*nf::F]:9FQpPNDF+xq[8/P#F6+C43If)y3KL9D3I?+9V50gF
m.exactag.com/	1970-01-20 18:56:56	Name: exactag_new_gk Value: 834e49dfc08c4bf5a9c443f71d41c571%7C06.02.2024%2013%3A05%3A30
m.exactag.com/	1970-01-20 21:06:32	Name: exactag_new_uk Value: a00e2b0d8ab542a883ca41c5baf46e87%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: d2cd50fc456740729ef448c9
.doubleclick.net/	1970-01-20 21:06:32	Name: APC Value: AfxxVi4hEdifrlv47E-Sb2ijaIy0jv1a1E_-nv7oiVQncOKqC9Qhvw
.casalemedia.com/	1970-01-20 18:56:56	Name: CMPS Value: 3172
.casalemedia.com/	1970-01-21 01:32:56	Name: CMID Value: ZXMUmhEX6mob2uzTmKpSnwAA
.casalemedia.com/	1970-01-20 18:56:56	Name: CMPRO Value: 3172
.doubleclick.net/	1970-01-20 17:30:32	Name: ar_debug Value: 1
.3lift.com/	1970-01-20 18:56:56	Name: tluid Value: 1588614049069150725300
.adform.net/	1970-01-20 17:31:59	Name: C Value: 1
.adfarm1.adition.com/	1970-01-20 18:56:56	Name: UserID1 Value: 7310209276107946139
.blismedia.com/	1970-01-21 01:33:00	Name: b Value: 6573149B78B530490376C811BLIS
.adform.net/	1970-01-20 18:13:44	Name: uid Value: 8144086690601420283
.1rx.io/	1970-01-21 01:32:56	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-6c1845b1-96cd-456d-8172-8e84b920dd48-003%22%7D
.everesttech.net/	1970-01-21 01:32:56	Name: everest_g_v2 Value: g_surferid~ZXMUmwAFavASbgBH
.redintelligence.net/	1970-01-20 18:56:56	Name: 8lcfmzhxc8d6_uid Value: 6541407927ee70b4
.targeting.unrulymedia.com/	1970-01-21 01:32:56	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-6c1845b1-96cd-456d-8172-8e84b920dd48-003%22%7D
.retailads.net/	1970-01-20 17:30:32	Name: ppb2172 Value: 3371125726
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.ctnsnet.com/	1970-01-21 01:32:56	Name: cid_f8910dd67dd84e4b897678ac4ac09dc8 Value: 1
.ctnsnet.com/	1970-01-21 01:32:56	Name: gid_CAESEKcia8l-xSDCZzB0MdC7B-I Value: 1
.bluekai.com/	1970-01-20 21:06:32	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 21:06:32	Name: bkpa Value: KJyN06WvQY9xCKcENeS5zzjzHJLrWiR6AY/k7qXyVfbw2yIUke9Tjmn8AYCkD7lKJjDolYsPeCKJrzA3tfrjDY+cpUyNNJG9fJdbL0GGJZOnteCdlhW1QpwT9sWsJmG=
.bluekai.com/	1970-01-20 21:06:32	Name: bku Value: ts6O9JLDztPuIIAf
pixel.rubiconproject.com/	1970-01-20 18:56:56	Name: receive-cookie-deprecation Value: 1
.de17a.com/	1970-01-21 01:25:44	Name: guid Value: 1.4391836697877197530
.awin1.com/	1970-01-20 16:57:25	Name: awpv11601 Value: 113440\|1702040731\|77771790-95ca-11ee-bd07-2236e1f32b64
.futalis.de/	1970-01-20 18:13:44	Name: raSIDb Value: 3371125725
.office-partner.de/	1970-01-21 02:23:20	Name: source Value: {"webgains_webgains":{"timestamp":1702040731647,"clickCookie":false}}
.quantserve.com/	1970-01-20 18:56:56	Name: d Value: EHwBCQHOKoEA
.quantserve.com/	1970-01-21 02:17:35	Name: mc Value: 6573149b-a9d8f-005f6-04dd2
.turn.com/	1970-01-20 21:06:32	Name: uid Value: 3884511275115267714
.simpli.fi/	1970-01-21 01:34:23	Name: suid Value: A0202FE2E52544E0AAB09019150C705C
www.theenemy.com.br/	1970-01-20 18:56:56	Name: dinTrafficSource Value: eyJ1cmwiOiJodHRwczovL3d3dy50aGVlbmVteS5jb20uYnIvIiwicmVmZXJlciI6IiJ9

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.theenemy.com.br/(Line 1005) Message: Unrecognized feature: 'web-share'.
javascript	error	URL: https://www.theenemy.com.br/ Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.theenemy.com.br&pubid=eeaed78c-8268-4bca-9715-9bd07ae4a091' from origin 'https://www.theenemy.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.theenemy.com.br&pubid=eeaed78c-8268-4bca-9715-9bd07ae4a091 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://connect.facebook.net/signals/config/458666847632026?v=2.9.138&r=stable&domain=www.theenemy.com.br(Line 137) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGnTw1ZwxbJZpYL8fJ_zQLI&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGnTw1ZwxbJZpYL8fJ_zQLI&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

478d81f566ccd664e6f1f83927d96c5c14da1d44.rum.azioncdn.net
530001a.ha.azioncdn.net
5994599.fls.doubleclick.net
669f8048cc46e1803620d57ac2d238d6.safeframe.googlesyndication.com
6f41c7e53d4ec762a5708e2f13b37c2b98086ac1.rum.azioncdn.net
a.teads.tv
aax.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
at.teads.tv
b82a9e08-62e7-47d9-a5a6-e6ce5a77d089.rum.azioncdn.net
c.amazon-adsystem.com
c1.adform.net
cdn.navdmp.com
cdn.ome.lt
cdn.retailads.net
cdn.track.production.webgains.team
client.azionrum.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
compassdata.mrf.io
config.aps.amazon-adsystem.com
connect.facebook.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
events.newsroom.bi
experiences.mrf.io
f9c0ee4d-4a15-4178-841e-44917a694fbf.rsv.azioncdn.net
f9c0ee4d-4a15-4178-841e-44917a694fbf.rum.azioncdn.net
fa7d057471c13251cd5e25bbfa8d091e8620d65a.rum.azioncdn.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90003.redintelligence.net
hal90007.redintelligence.net
hal90009.redintelligence.net
i.scdn.co
i.ytimg.com
ib.adnxs.com
image6.pubmatic.com
jnn-pa.googleapis.com
m.exactag.com
marfeelexperimentsexperienceengine.mrf.io
match.adsrvr.org
medialead.de
onetag-sys.com
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.rubiconproject.com
play.google.com
player.twitch.tv
pr-bh.ybp.yahoo.com
prg.smartadserver.com
pv.medialead.de
r.turn.com
region1.analytics.google.com
rtb.openx.net
rum.azion.com
rum.azion.net
s.ad.smaato.net
s0.2mdn.net
sdk.mrf.io
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.adsafeprotected.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync2.navdmp.com
tag.navdmp.com
tags.bluekai.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.navdmp.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.theenemy.com.br
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
b82a9e08-62e7-47d9-a5a6-e6ce5a77d089.rum.azioncdn.net
c.amazon-adsystem.com
play.google.com
sync.search.spotxchange.com
www.youtube.com
104.18.36.155
138.201.63.117
138.201.63.149
138.201.63.157
141.94.219.171
142.250.181.226
142.250.181.230
142.250.184.226
144.76.238.55
146.75.118.167
151.101.2.49
162.19.56.86
162.19.96.32
172.217.18.98
178.250.1.9
179.191.181.65
179.191.182.65
18.66.147.52
185.86.138.122
198.47.127.19
2.19.216.243
2.19.217.66
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
206.41.74.3
213.155.156.185
216.58.206.38
23.199.221.167
23.35.237.56
2600:1f13:800:7781:6f80:690b:cb6e:6bb0
2600:9000:211e:7200:1b:5138:8a40:93a1
2600:9000:238d:1a00:8:48e:53c0:93a1
2602:803:c003:200::61
2606:4700:3033::6815:325a
2606:4700::6810:df3
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:806::200e
2a00:1450:4001:808::2006
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2016
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:4005:801::2003
2a00:1450:400c:c0a::9a
2a01:4f8:d0a:2321::2
2a02:26f0:480:3::210:ee92
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:d29:3601:11b1:8ae0:b180:1e1
2a0b:4d07:101::1
3.10.29.13
3.11.198.160
3.123.203.242
3.75.62.37
34.96.105.8
34.98.64.218
35.186.193.173
35.204.158.49
35.227.252.103
35.236.21.45
35.71.131.137
37.157.2.228
37.252.172.123
46.228.174.117
49.12.16.151
51.75.86.98
52.212.68.218
52.222.208.154
52.222.253.136
69.173.144.139
76.223.111.18
81.17.55.109
85.114.159.118
85.14.248.72
91.121.248.44
94.23.99.218
95.101.149.35
99.86.4.36
99.86.4.39
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
023bb6e45ba849319cff8cb3dd2e2e62e7d4b8450f23dd0c87472ba3ca2f8460
028ce310ba136eda31503c707bd67df172c181dc9d7ec65136d5dd08236abf42
02944691b48bd17a861fa44e6a509676ca03800b4e7b3197e23132cd0bb9c781
02bb83b7b7e8d2a52abca25504e3a68cbb06117b98b324ce3647efd694f34b52
03465a08b6cdb3e1ffa62e6249a2e3fa392ea9ae92e7bf8d51a8f1a558a8719d
03d570589a4e10536726675d4c97a786e40f1fadbba9ce027e64ccc0cb868a62
04d6e634f436c7531571d6ba121d01527cc4058a582a050973bef36a9ac154da
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e291b04ae5a729b4e8c48679c097cc817a6ef2270259ffb46be8eb118aa209
07d1d12dabe3ba3d534215e8ed1d3113b034b7a0bc350487cc3fe0b5c198ff57
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0842c5ecc37061ec567a20b5224e880b9cce32867d650636682a029f4f44f7e0
0a0f6055054da323433c71897dded5115e973c90cf06f9ce2aebc39b67ead1e6
0a53626c228848fbc75bf2f199fbb2e6b66f30751c5d29e97e6f4e956d1366ab
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c161dae3ec1c4a337b2531ea815565f6a2dc7bc787aaa074490ac483274371c
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1070630d9a850013eec8b6337cba1962de2d0f337b9e9744494c93015d7c26cc
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
128c7c4a9f37521c3964e8d147213c2e11dc7391c6b64aabbef3c9e05e638087
12f2fc2866f13662d8bf55dba50a1d059dc07af84986b4b652acedd7a6477b90
158247ecd42983db21f6e3751b23f0e97b7ab832af6e6eebc4c18ab1fe3ba0b7
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16e6a887b5101ff52be821611d7d6e08e2123f0b34471d169f01dc15203ded32
16fe1dc7e3ed4ad94c49b89ce7145d3d1305eb6880c56492b3bf6439a2b3d5e9
1a17cce79dd4a0147fd6c622324c2bac69be712c91a9f374a7978ba6ebd66d33
1b3b0fb6e99fbd2a892e31efbcb6b28e16fd4c28b70bdc71f00cf6e3c1250280
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d31c7823120af450b13a77841ec9209f008f9046d1efb466914639c2d25656a
1ed64f1ffeaf9393ac08f840d7453262bebb88a1fa1106657a08b6f05e0b3a40
1f2da3e5c0a3f72f874123e17509cb6aed8d3c2e03b9e1f9952ef3a7845616cf
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
21ca702ba891c81f30e484b9cb3544cf76a550c777db17f0e164da2228039da3
2281afa9450ecb8fea2d98a7771aaa3798422183d1d6f17f052a65b4bf0fafca
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2887cb728b33a9adac1b6b6f643017d8acbc6fdd01418a8cc198dba02c945ddb
2bda70acd8cade0b42ffd2d57af39ca2594da5567d62e52807b2c483bffa00dd
2dc58391d9b89c37e4e98ff9270085d7d43e21a83b844a687c6f24a01223abf8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e314dca51d688515c16b191f195be96e9e718c0468164f21519228cf55ca2ca
2f2dc0f79582a5e98a211b6c745c71b7cf7cc92330f77fc68b517272cffd54b1
2f774eb038bce5333e2b1b74ea2d48c5edb0d59a224c59f9044e4233e4fe417a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31703a5222232442b11a9289100e020151c45c5f93631c654b562c691d53588e
31c38edc2db68aa9c98181c19073a61e1eaff95da16fc523c35b11eb825d4e84
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3354be800f8c050adae81198a5e001b9dc7d51f76485778dc551b949ae057b64
3449973958008fa462efb86ad67ac29a4e2bc5f38ac081947fbe2f627ac42065
34a1700cc30b602ef67f9733dd1a2964caa8f7ae335159dbf9e41ec3d1682d26
34f389410a7c00bca7ca2822478e236e1b5f388c49519ef8147bf035b2e20417
35f753de7141e0418b84ea608d307677b90cd2267c27d0a80d4820d68c472783
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37e5e049b6a4ce6d718314d4e28a5199ae0ae5cdeb63dd063e92211a08fe7686
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b2360cdbd0314bda6958c8b468cc8fe1b7926957d3e1ed94320462906c35180
3b5a43448ccee7c689f8ba5f70533b2e07b1c8e50bf9bf4508c6435438b4ab4a
3c1412e9f308863b98a0842ab985cb5d0c539860f3d7ad6b08ab7089dbf5d991
3cdf2912e630af5f8cff5ad05cb11cbbecd3bcebcde36204892f79a509a56815
3d24ef4276a92518287ca48d4ed5a57d00283f70a01bfd860d5d4931a6db46f3
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f229058c250e2b3270ffd67d3b907236e760e502f06fc665eb455d1365922f6
3f921ad528f18411472daf5a169f99678086aec6ac4a71f00730575a092621f5
40dd265530d90f529fb8ee69cdb704b7bd91bd449470e3eafcffc45a7bc229d1
4171ca1536fb5ac0ca4aa6bf2e48a53e05d86eba0b7690415535475e9d4a7c34
41a6c60b8f725cd182a0a8119678751e8dfcd5f0c168865f6236101274f298bb
41de0823999e3321a77262cfcd3dd03ffa0d9a518b757042b0cde85300fe7d54
428b6016d531ad595e2c21d92bb897f46f5c262779b4ec013f7cd079cc15e3b6
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43897b4750dad91cd470f62f0396b7e6513c2ad005f231d0ac756f7483a0438b
43e3d07dfa928cb3adefc7c2f0924abf5589581a40395f1baa049519293573fb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44bbba2224d66500b9f17796315678c50abc00168255798f508d56390a81c480
45d444d0d0eb19a328090bce7921f39647ce778c635e168151a21ea7702d52b7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
489c2a643d355debe11f418da8e8c9486533049c9117c8d43d21d7d71f22b1ed
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49846b6d3651e7aca747d099504d2c437db3db49e88c21ce6f35203d2a7f0948
49d497e7fe1fd4a3636a85dd4d8fb94992de503c944924b6f5a984b586566814
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b92decc9e727f7606ea5c95da71eb9085f53bf8bc5588aa052fb687ed4b7669
4bffddca8c0174b71781e39a8d23e89c30f572101e5f44b0e778899469c524f7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ba56cdd6bd2032fb651c1e1ad866f2cdd186080f76ee0232747a0703cb6bc6
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
52999cb857fd3cee0c35f1bbc50e427350126ba3d1a66aadee3aaf7daec4e0b7
534d13810fefd3f05ef7f4d12aa1178371679a782b4f56c8691c4e7e8196c7a1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55544214bf04e6631b753bcf812facd76a230b1d5c56c6b805bf6f156039b595
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
581696da59b452da41d5ed744205e71fabf175b3183db16a2129b76bce38f08a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b9b6400102f47473a74ad2024b0ce14b70f3ff887f5bca6cc234e14366ab2be
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f33d6b93ca23ba19a18fb973ac90c412ded639bf2d11ffdbccd98ba84ef6505
600978e2f97a5b97fa2ac8e0b20d6fa4e8593adaf72c024df9680315ff232aa0
602d839611f3f71da51fe2cb8947b4c0e78083a19e9157b454b69940f3b5c52b
6070ede0ee7c9b444c8c8c9f6e38dd80baae1e6b97d84f8dda9d5b90fd40762c
609248866a07c585475ca587be1b2c4c3a7478657f99dad2781789d447441942
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642b0656152fe1742b27d15fa5f55838a4a67c35548cb5dfa33c03e5020bd222
6468e85639dd72c15d5a04311fe0a83a9b8ca00278d316cf9ec1a98e76510321
64efcfac75bc9e7a086db5e4da0d2a50c967506db82b4e7765ca2956d4b31cad
6788654596cbffd1766579fa98b46b18664e0725b345e61e22ac857d8e33eee1
67cd506664df682baa90fcdc8f630c749a7c6dd6fe1f6131444f7bcc3f6afaa0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
691a4a8920f9a1eac1eb634fcafcaaa53806dace3122cf7b7454daf0fd9b3fec
69d2930bbe5e3c643a9c5ae79f2b842f013cd9b954fa6f5e3ced97ac1e509ecb
6bffdfea157f4029b71cc2910979fd69cc9617814fbf01147beb66aa46179092
6ddd980644cbcd502ee2ba89217e2d557c3c75e61bc767598b3d451190403c94
6ecd239de9c5af5a96cfb5e068a6982d9299ec92ed30a415f2f588fbe309ce6b
6f7b9285fda4e6cad906a87263b0e87fb6c75418a63e7a67938b76eb35f759fc
700c5217840eb7f1cccc8f8baae216fe6ffdb92eeee3081162cda5c7bc11834a
7029a96cd5d13c23d6473e830de036a53c191fb7b7967e85add865a613647d8b
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
72024d35ceaa12091843570a0fd8003af9a2a25cd2e93dcb9fbca2dc9556f84c
72bbd78ce1b13b432a0d741356d19c0130ff245402e430d8a677db7339ac5cc8
7306acd306559a232e4e88d5060e4856115de0b9e565e736c9b1488872787807
735b71e3f1348f934ba9579e5f5453f11b3fea297b814326827aa8db96e949be
736f5e1c309015e4605c7160e394f7062b8fcdf21c0ba8c9f1d572be29e5b737
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
749b479a8548e5751006d04e185368e48db0d7ceac3ba359d25db43fd6c24089
74a32a7bd43ec04ced348765d939c63c31252b119993e21c193f7d06e22454c2
74cf226adbff17485304cb68054926b87f7e7eb74714d07b9c46bb38d4e62d83
760802e88fde37fce039f875d18d98432685cbc671f63bc1aec4261b0ad0fdb4
7634f03562aaf45da02ffa5432ba79dedcbb913b7e308fec2816fa527eea781f
7823b1367d52373228c844143eee811b2795494b8d2d6e1a0c589e37f8989ae8
78547bfd866cbc2a798d866c9d3c9cdd49ce056968a4cbeab4653d063b8bcc2a
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7a6ab8b2b8809f2ea0712eff127fc60ac3c785a8d8602a18e25106a49a69ee6d
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bb9f8c8c6164aa642d93fd8df773e3e049a2f87f4c8e9fdc79f7cd0de829967
7ef3193705592a1b10edcbe136f417f1e582593c23b0f8dc823e3cbd7bb87db3
8035d503a693832d4ce62d0c302858599c235e1aba38391310c8765c2e749d0a
8043f5c065dc69bd1ebdef225df0cee8d2eaeb27714ee151f476f90d206c5129
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ae428702e4fc11e671f55c8ab64e586cd6d292b7f21c25fe074b2658233e87
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8547aade2e3f00b3cb94b6eb1d15339b238fa447005f81de7500217910b3ada2
859eea31141a904ce5de7a480430ac7a3885424bdf21624969e50f7ce5098f2d
8765df0e719eacb870b74b6ac116870e48885a91082957b79d89cf0beac52e77
87acae7e86047f050bc56ae3713379f5b438cbafc766a04f805d780ccc37b390
87bdcc200f277993446443fa1ae2132b6ab99bfcf5625bc6954131d23356447c
87d22781c187c85522a285d71cb7dc8dabca484e1de628bfd8b825796b637c79
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b039ac807d6fbd6687e33b4766f52a2e6747afa6c2861943d087a395b7e902c
8b930e1f28a5b183e59d9ffcf213150d92861e9436e93c38876e988a37862de5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e6b69db295a362329fae317ae549293e0d215dfeba49adc86245237937fc33c
925782e1b938c91cf8fd732e4349c37ca12d81072af942bccede60f700950337
92923e7ea94444b385afba025c7848d21f243be8358d35dc293275553863d97a
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9941c2049062915e60d5e6ee77f85dd9c85d5e5421ce4c02d2f11e9136d9f094
9957cf4d112d4abd0a52958c2ec3f086bdbc43b6c31585cb9f5c1156924fe638
9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a
99a105320b3ffee719b135858fd7f6e46e4daee7b3361b0d1c2275cc571a5d1d
99e4cb1484fb75209265c26b9bcc45ef125652287bb7026c437867a911add563
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c7aff346825b25ac576063bb0f6da52d3dfdc648033daaca9c73b61e75b123d
9dc89e18bfe0a60f999ae16f5c1d8ecbed07e46c6e97054b788efedb8b6919da
9e5b2e3d4eb96275f868d1d24c9a8d7c621635aa67c547885f48cfb64b86d3fe
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b343ed9034c811730cc9712dc8c94906fe55c37671201512fd68755d6493b9
a322175037694dac9c20b39d5f8a02337fa32be41bbb463fab6e5bf0b83b46ec
a846ba5d593f0bcd2b4041276fc5b411a354bab9a1b2c92d04381d06a8ac5f1e
a8867358520eeca66a25176cd83311f217bdc331713d85cdb9f9a48eaf046a8e
a8ac86a5ec73587741d8de5ac8d3e8e349902f5efc68e5ba1608e0688f576457
ab1034172dd3e18a2b5bde21648b85a2a846e0b6b84fa45aff5f8923b32c54ce
abfba5cf35c3d48b14cfd092b6280dd4b0be6032087932f0eb81678c915b1cf4
ad0fdec0f53d5188736b251948d20915dd40af435d2bd6d2ae1c72b95b175727
adad200d0ccf26355027731577d4587291fe22f6e0f25429fdacbf5f4b9f85b9
ae4b7ac136381ec7282a2e506bda40ace8762dadb40fcd530e506de0a761d79a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b06fbf68e3dc7f87c88659f0fc9339cd3c633e1793916ab688c7c2d08bafc58b
b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c66e9e7c1866c3a5f2b5232b5a07021b09c97d9834eaf9d28159a825092f70
b4920adb1ba457d48249e67e616ebba8b423d86f25a3acd58a2e361a0e5902bb
b9b06bd00738f4a68b4399de586c337caa1a3b68b1fe1617fd406292c901c078
b9ff39d4844628bc09106fcd7b618bef2f9f52363f6af3273a66b18162790dbd
ba0725b73b0c096e58d60b6ff36e46400b1736542c25d1525690817279f71f22
ba761788eb8f1d5ff6ea9768dcf759a8d56b9c22a7ce08014cc0042fc3ff5678
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bcca6eb64772c71530c29965d52edac46f8e00d728d73d01091bba6413a1537c
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c2e6c7d7e4fe7f19c6f2fd3a431ff6b6ef3bd784f22b938e8328853536927dcc
c33fa60a6c0924dcb3b4a9fdadacf8f0d6a8f0d264b7a56a27db35bfb969df4f
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
c4941dc686234cf50fa38cf4fa068de74febb7b44d85268a5e47870991b15abd
c61aa55d44e6949f0554bfc06a7658cfcbef961dbb57270d88daa5f1c1136e84
c6ffa639aec681bb7483858ef4a666162550cb9bb3b1d511965dfd30cbd6c441
c723cdf359157b94a9886bd6d9bd23f33f20cf1f2921326c8d80f0c8f9c182b4
c75df0adc58b68bf3a79ad371f5c1302e736ab8448dd973a2cf7808bd1509b1d
c765f5c9b0e8ac0d1abc9e7a2a3204c45619d0080cbc67a3a7c1ced80b918a15
c78e7cb2867da49b4f010b576398cbc4e20b588ca4f2ce82b5a29cc7afea94bc
c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9d6066da42d61cf26a2c1ea6d50eb2abdfc5943c98bb39804e048ed612ce927
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca6036d3633634cadd9195fc8789a2c970ea069922adbfa4dbdd13386aae472f
ca921a32c82e4bf20e7a6123536cbac2d409f88c5dd86ac4c4f5039bdfa0aa15
ca97e155d659db24f3c4da113cd82a97f468b57aac9734ddc5a232ff2f61e734
cb92bf41253e86222df249324a6a9e8474afe58fb43b27f309e496234f240edb
cc36f5b61e53c7b27d18da69856f20230f0819a1e004b45622793bad343cd61f
cd8ab263add13dbe1107e4ec649cc1c6701ffb6590ee793601ac2cc447cf3767
d0212745136b26b2a052568c229cb681498b932d00549b1e0ea8c1384fd5607a
d0bfbab23ec3687da860b5f2874bf44771d2cc188397d031d540d48c4c7a1060
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1c241a80e068775b61202420a9f68548731a1368a75cdc6089acbec07156d06
d20f9b978321480ecf47d67771656d15034e663b48fd579ca46dd16cebfb2672
d67eafaa2f6e8bbd0b3e33b19943c4a4bb93689843cab67700c6afd7a48ec341
d6893d34e8f2325b36f0ea24cf19bf86e5e0b808ceda83bd68f03d5df17edda9
d6f577c7d9d2483626245486cd464a93e3bcae028534431aea13e1fa81ee5f52
d72d7a4f01b52528b8ddba2925380f653b8822d6509fa74716b9ba125d761e64
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8c227003724d8d59d5b7b23dc44f32c9b31401719b69454aa0f583701962034
d97f72162a520a2395146595fb29bd45c182753467f36089720c598a07680f04
da53db0ee1502bb46183d63732f43b1d071bcd6aaac208af62eeb537a9b3a69b
dc2f89a221891fdcdf1224b55af497ef691f10afb666751af411e3260a8b7244
dc6b9fbe9fae095b144d7803c5614d3fe927489ece6abc6ebb5f370dee632abe
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dff6c821c031c85f115c8683b1f3652bbd869d0e5c7c62c82a7207c65bfb8cbc
e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e
e32d6c408b9c03d9470996287d30f755377520b42665c0a332cdd41777d3a41e
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3650035e92645f57658ad332a57cb9698e01377559332e97f728a45c154ca9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d520cabbd961f44a8d2cb3a751cc5bb1a3456a7edba1dc1fe861dbcbce2ff
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e6f5d3568633fc6a8c1a74e4d21b919366a6b33bfb83ee12c3680395f8ea7cb1
e768fb5e28d6fe3f2c42f8f394960ef54290ab8c0e4bbbed13acaa9c4cdf72f2
e9800d2d84d7ed0f727a7304ce21b9c3994c24998e0d1a1b9629c9d4eb5bf60d
eae9cfe1c3661142488cf8ed9c73ca7e13910f2fdfd6b4003f030275983706b7
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eba320a10cf3534d438e74799891be52f4a0c04f289cf0f281ac404316f97dc2
ec4d241363b30a11ca6438d7cf98694b25816b2d5ed37ec09ac99b4fe48b8bae
ec6a9a84f60fd103479cea277e6124378c6127ebd51b111c9f0ce5d0c8604900
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eed73afc99cdecf6d8e5fbe8cbdacffc1f654275cff8f08efecf2f8bdfe4eb4e
ef06c548307b60b151c8a56d96fe9f27a43995753091c7593e7e03b27f2e861b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5c3cb2a118019973619343c710510f0d46c69a48aaba600d04e64841882936
ef873aad7c605372b175969edd7dd1febb7ab93881b49650a442c1a7fd2407f1
efb4226e87679f45f113d097a966c84474545452a3bb7a54806d12bda95f4749
f1391be70ba54dae8119a0ffb80b847e389f74d0c5397835f51e72270844b811
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5ac5de2b1320bacf6faf6bcc7fee0aff325ceed946ff9b0d0928a36029edf33
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f79a7eb97f030c0fbcc71ac0b3c282a7211f6f60b49734a7f6676d87bd5d0158
facd0e843bd613e7dc845069ce8af35bffdce4f31044c8ec87ca3e31c3fba127
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fb1d315db976fcb0e9dcf2b6038b0e74c6ac5feea4d20e7ee23b10b224c239b3
fb49a0475587c65910beee583c9efcaafb9b879413e90ae480f4139319f871f3
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fc7db9a2caaab5cb80239aacf4aa717862d2c67cdd16843fa6990fed990586cb
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

www.theenemy.com.br Open in urlscan Pro 179.191.182.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

583 Requests

91 %HTTPS

38 %IPv6

66 Domains

111 Subdomains

81 IPs

12 Countries

14686 kBTransfer

30990 kBSize

61 Cookies

19 Outgoing links

Page URL History

Redirected requests

583 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theenemy.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Screenshot
Live screenshot

Full Image

583
Requests

91 %
HTTPS

38 %
IPv6

66
Domains

111
Subdomains

81
IPs

12
Countries

14686 kB
Transfer

30990 kB
Size

61
Cookies

583 HTTP transactions
9 data transactions