vidamelhoresaude.com Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lnkd.in/d5SaSt5e
Effective URL:
http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Submission: On January 19 via manual (January 19th 2023, 3:12:01 pm UTC) from IE — Scanned from DE

Summary HTTP 174 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 33 IPs in 9 countries across 22 domains to perform 174 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is vidamelhoresaude.com.

This is the only time vidamelhoresaude.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 14	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	66.248.205.109 66.248.205.109	57043 (HOSTKEY-AS) (HOSTKEY-AS)
22	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
23	2606:4700:1::... 2606:4700:1::6813:844e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	119.28.16.172 119.28.16.172	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	45.113.68.192 45.113.68.192	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1 1	2400:52e0:1e0... 2400:52e0:1e00::1055:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.36.193 2.18.36.193	16625 (AKAMAI-AS) (AKAMAI-AS)
27	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
1	47.88.111.40 47.88.111.40	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
2	2606:4700:1::... 2606:4700:1::6813:824e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	2001:41d0:701... 2001:41d0:701:1000::2fb3	16276 (OVH) (OVH)
3	2a00:1450:401... 2a00:1450:4017:816::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.167.157 64.233.167.157	15169 (GOOGLE) (GOOGLE)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:400d:80e::2006	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400d:805::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:19::7	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
174	33

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lnkd.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a06:98c1:3120::c (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

vidamelhoresaude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 66.248.205.109 (Amsterdam, Netherlands)

ASN57043 (HOSTKEY-AS, NL)

store.vidamelhoresaude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.28.16.172 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

count.xxxssk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.113.68.192 (Barrie, Canada)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

vstat.borderlessbd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1055:1 (Slovenia) 1 redirects

ASN200325 (BUNNYCDN, SI)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.88.111.40 (San Mateo, United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

cdn16.oss-us-west-1.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:824e (United States)

ASN13335 (CLOUDFLARENET, US)

store.fadecho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:701:1000::2fb3 (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4017:816::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::200e (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:19::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednds.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156 ade.googlesyndication.com — Cisco Umbrella Rank: 303	481 KB
26	vidamelhoresaude.com 3 redirects vidamelhoresaude.com store.vidamelhoresaude.com	402 KB
24	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 bid.g.doubleclick.net — Cisco Umbrella Rank: 699 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321	150 KB
23	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8630 c.mgid.com — Cisco Umbrella Rank: 6090 cdn.mgid.com — Cisco Umbrella Rank: 11831 servicer.mgid.com — Cisco Umbrella Rank: 8818 s-img.mgid.com — Cisco Umbrella Rank: 5194 cm.mgid.com — Cisco Umbrella Rank: 1259	340 KB
11	gstatic.com csi.gstatic.com fonts.gstatic.com www.gstatic.com	92 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 427	487 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 280 gcdn.2mdn.net — Cisco Umbrella Rank: 1170 r2---sn-4g5ednds.c.2mdn.net	2 MB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	145 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1057 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1305	640 B
2	fadecho.com store.fadecho.com	194 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 938 id5-sync.com — Cisco Umbrella Rank: 393	17 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8470	957 B
2	borderlessbd.com vstat.borderlessbd.com	2 KB
2	xxxssk.com count.xxxssk.com — Cisco Umbrella Rank: 189402	3 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	226 KB
1	aliyuncs.com cdn16.oss-us-west-1.aliyuncs.com — Cisco Umbrella Rank: 398259	57 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 463	72 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 813	704 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 357	9 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 10326	716 B
1	lnkd.in 1 redirects lnkd.in — Cisco Umbrella Rank: 39084	310 B
174	22

	Domain	Requested by
27	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com vidamelhoresaude.com pagead2.googlesyndication.com
22	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net vidamelhoresaude.com imasdk.googleapis.com
22	pagead2.googlesyndication.com	vidamelhoresaude.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	s-img.mgid.com	vidamelhoresaude.com
14	vidamelhoresaude.com	3 redirects vidamelhoresaude.com
12	store.vidamelhoresaude.com	vidamelhoresaude.com
6	fonts.googleapis.com	googleads.g.doubleclick.net cdnjs.cloudflare.com tpc.googlesyndication.com
4	ade.googlesyndication.com	vidamelhoresaude.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	imasdk.googleapis.com	googleads.g.doubleclick.net cdnjs.cloudflare.com imasdk.googleapis.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	csi.gstatic.com	imasdk.googleapis.com
2	r2---sn-4g5ednds.c.2mdn.net	googleads.g.doubleclick.net vidamelhoresaude.com
2	store.fadecho.com	vidamelhoresaude.com
2	cm.mgid.com	jsc.mgid.com
2	cdn.mgid.com	vidamelhoresaude.com
2	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
2	adservice.google.de	pagead2.googlesyndication.com imasdk.googleapis.com
2	vstat.borderlessbd.com	vidamelhoresaude.com
2	count.xxxssk.com	vidamelhoresaude.com
2	jsc.mgid.com	vidamelhoresaude.com jsc.mgid.com
2	cdnjs.cloudflare.com	vidamelhoresaude.com
1	googleads4.g.doubleclick.net	vidamelhoresaude.com
1	gcdn.2mdn.net	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	id5-sync.com	cdn.id5-sync.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	cdn16.oss-us-west-1.aliyuncs.com	vidamelhoresaude.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	jsc.mgid.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.jsdelivr.net	vidamelhoresaude.com
1	cdn.rawgit.com	1 redirects
1	lnkd.in	1 redirects
174	40

This site contains links to these domains. Also see Links.

Domain
holaspark.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.oss-us-east-1.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-01-20` - `2023-02-21`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-01-03` - `2023-03-14`	2 months	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh

This page contains 18 frames:

Primary Page: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Frame ID: 500D3D75848AE8C4E086A2130006521F
Requests: 92 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/zrt_lookup.html
Frame ID: 1B59AB7894CB32C06D65122766044F80
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4842905787522005&output=html&adk=1812271804&adf=3025194257&lmt=1674141114&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&ea=0&pra=5&wgl=1&dt=1674141113988&bpp=3&bdt=616&idt=222&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1027195925911&frm=20&pv=2&ga_vid=1610549778.1674141114&ga_sid=1674141114&ga_hid=1582001668&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071636&oid=2&pvsid=2459217514302751&tmod=588599450&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=247
Frame ID: D865BFB9EB5EFCA3982EC61D4F62F783
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4842905787522005&output=html&h=280&slotname=9680108032&adk=1221332443&adf=2427095399&pi=t.ma~as.9680108032&w=890&fwrn=4&fwrnh=100&lmt=1674141114&rafmt=1&format=890x280&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1674141113991&bpp=2&bdt=619&idt=252&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1027195925911&frm=20&pv=1&ga_vid=1610549778.1674141114&ga_sid=1674141114&ga_hid=1582001668&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=355&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071636&oid=2&pvsid=2459217514302751&tmod=588599450&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8dFxwgRqlb&p=http%3A//vidamelhoresaude.com&dtd=258
Frame ID: 1B4FD2967901F1CD75FC2EBF5382049E
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4842905787522005&output=html&h=280&slotname=9680108032&adk=442490585&adf=3447725916&pi=t.ma~as.9680108032&w=890&fwrn=4&fwrnh=100&lmt=1674141114&rafmt=1&format=890x280&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1674141113993&bpp=1&bdt=621&idt=260&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C890x280&nras=1&correlator=1027195925911&frm=20&pv=1&ga_vid=1610549778.1674141114&ga_sid=1674141114&ga_hid=1582001668&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=355&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071636&oid=2&pvsid=2459217514302751&tmod=588599450&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JaHM4zSXG6&p=http%3A//vidamelhoresaude.com&dtd=264
Frame ID: 38003F759EBD1C54D635506376EF5A4E
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1674141114517770090634
Frame ID: BCA079E87753AED60F614712E16E5C5B
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.552.0_en.html
Frame ID: 55B8531D20714E7CCE7C6D70A665412E
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A7C2979D6661F4E49443E198697F8187
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1
Frame ID: EBB3BB937BF810EADD504BD5CFE12593
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1
Frame ID: F668EDF8640EC36D73360036932D3CFE
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9C1A4E57F216D41D9CFE03AE627246C0
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/index.html
Frame ID: 7BB1F716A4459BF47D4CD216D41AA096
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite_fy2021.js
Frame ID: E11155F445EB8F79CE696BB6364125E3
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E8E59DD4CD6670F40CE18CABB1F58A89
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 510F3B44B2B59AF8C82B1C64A96342DB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 43775514F9F66755F2A1042C99B84489
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 51CD2B335621DD8D297DEE47A0F61DE5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D87EA4D70BFE403AD1422CEA19F08C8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Como Usar o Vinagre de Maca para Perder Peso e Reduzir a Gordura da Barriga

Page URL History Show full URLs

https://lnkd.in/d5SaSt5e HTTP 301
http://vidamelhoresaude.com/s_V0xnUnhpQmo4N1dNeHkwenRQQjFTSlNKeEg0cm13UXA=?play=1 HTTP 302
http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09 Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

174
Requests

78 %
HTTPS

69 %
IPv6

22
Domains

40
Subdomains

33
IPs

9
Countries

4874 kB
Transfer

12700 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://holaspark.com/player
Title: About Spark Player

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lnkd.in/d5SaSt5e HTTP 301
http://vidamelhoresaude.com/s_V0xnUnhpQmo4N1dNeHkwenRQQjFTSlNKeEg0cm13UXA=?play=1 HTTP 302
http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

http://vidamelhoresaude.com/xstat/index/1340 HTTP 302
http://count.xxxssk.com/?1340

Request Chain 21

http://vidamelhoresaude.com/xstat/moneystat HTTP 302
http://vstat.borderlessbd.com/stat

Request Chain 31

https://cdn.rawgit.com/gkatsev/vtt.js/vjs-v0.12.1/dist/vtt.min.js HTTP 301
https://cdn.jsdelivr.net/gh/gkatsev/vtt.js@vjs-v0.12.1/dist/vtt.min.js

Request Chain 101

https://gcdn.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705677114/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A0B6364275A2573B88A37F420DD45896D6F1F2A6.240D72FB578128B767D32E3DB944EA26C763831B/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705677114/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7031F106178FAF10BA3E01416D6E8930631369B9.590A23F475BFA62A84368FF9E2527004170AB21A/key/cms1/cms_redirect/yes/mh/aU/mip/2001:ac8:20:271::1e/mm/42/mn/sn-4g5ednds/ms/onc/mt/1674140708/mv/m/mvi/2/pl/53/file/file.mp4

Request Chain 163

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 166

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

174 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09 Show response
vidamelhoresaude.com/
Redirect Chain

https://lnkd.in/d5SaSt5e
http://vidamelhoresaude.com/s_V0xnUnhpQmo4N1dNeHkwenRQQjFTSlNKeEg0cm13UXA=?play=1
http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

26 KB
6 KB

125ms
124ms

Document
text/html

2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8a266dea9032a8ff979cee5d013158c8d530f30dd9621ace7ecb2d61dad39f8a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 78c08165cdcc2ba2-FRA
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 19 Jan 2023 15:11:53 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WibHM2G84uD%2FfQAb59txfyA0lIB5uNrs0ND1khwgRTVv2ZDxJhdyiy4kX%2FvWq6rHdDlyvowKV4ui4KwyRnVr5sTXeAYI1%2BbX5JolN8OpoVP%2FZUuiryEODv%2FbNnFrZvWqaKOVy98q%2FmbI2VhAAgI7WqLSKg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 78c081643b232ba2-FRA
Cache-Control: private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Thu, 19 Jan 2023 15:11:53 GMT
Location: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09#token=SmhLeFViYVV3UXpuaENrSDAxSGRmUT09
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0L1zG1cLy1QIr%2BWvJLsAmCn4QJqvCq1aRSuCvxhQ5N4S2t3yA2TbvxRFZiKeZVZeKr4o7x8yve8y7sfd83ukXntpsR5yDZr%2FN370i%2FJtrg1XOv%2FHu8Edf%2BVpnJByMTnmJTHwfiwoRSEPUPz4blbY9KpRfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK font.css
vidamelhoresaude.com/Content/global/default/font/ 322 B
1 KB 259ms
251ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vidamelhoresaude.com/Content/global/default/font/font.css
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 88b8ecded67670ed00144030f6f92f1b7b0e5c484aff96710f875a785a7dd66d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 266
Last-Modified: Wed, 07 Sep 2022 07:01:05 GMT
Server: cloudflare
ETag: "f8ce759987c2d81:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SEgU8D3iPdj1UsxK4D4VYoW2F4uFmelWL1Nl1zLaslWEl1Qm1%2BjRCWvwxOHltABHj8g8wGDSPTy3yX%2FcK%2BanLR2LVGk1m5fih1FeIx3qGPYtli9VD%2BITqPgcAJUMAxsozCWWZ7bMe0fX%2FzF0woA6rApsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 78c08166ade52bd7-FRA

GET
H/1.1 200
OK css2.css
vidamelhoresaude.com/Content/global/default/ 27 KB
7 KB 348ms
340ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://vidamelhoresaude.com/Content/global/default/css2.css?v=29
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 370bc0788f6dafb6aa9a43621476171c3cd8b598520fd595a64dea9c9c7e4a08

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6191
Last-Modified: Wed, 21 Dec 2022 08:46:03 GMT
Server: cloudflare
ETag: "2557ea81815d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6xeBVGyXm2atmv4BeFhEQE46SQZnG8CWzL%2Bd2liiqgJUbwB4LbkHw%2BW2NK2EE35AJ79E8zMS1gbp%2B2Wh5DOEVWOT3G%2B%2F5VKwnaxTjh2Ij17LT8jzC%2F80zfJUX0XGtr4poPGVttBsEnJHUULfh3NUfWThw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 78c08166ad309013-FRA

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 40ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 280579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27748
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3o3%2BCk7Aqayz5jBGp%2FGX1CFiWZh7E6J8cJN%2BxyvDm2PDZkDAyI4zWNb2RDi8lx9ycSq6LY45SW9PjXO%2BPUSUyiyV4W%2FTc4E0GwPa8tPL4EUauYowpj0VkDOzDKaAH2GwV2MxWEWNR%2B1uX2Gd3kNa747c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78c08166be4dbbaf-FRA
expires: Tue, 09 Jan 2024 15:11:53 GMT

GET
H2 200 hola_player.js Show response
cdnjs.cloudflare.com/ajax/libs/hola_player/1.0.165/ 969 KB
198 KB 44ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/hola_player/1.0.165/hola_player.js

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dac95f6655c26055fd2524aedf9e816758b5c56fdf140d149c96ef11a26138e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 280571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 201939
last-modified: Mon, 04 May 2020 16:10:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e91-f238b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B18b7S6kqwCKGlo7YQInTWARQ3v2fMLDhs9KyEROSBQvadjBumErUbKe%2F9F2I5CKmwbzOmIaD6MsrJ0yI5MKALZEf0I70jrdo7ly7UV6xtC710wkT%2BPR9Pg68r4E5bPSw4CqJGJCgDJLITDeHRHigKFm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78c08166ce54bbaf-FRA
expires: Tue, 09 Jan 2024 15:11:53 GMT

GET
H/1.1 200
OK 2CE57A673270w900h506.jpeg
store.vidamelhoresaude.com/selfvideo/20230118/CE/ 56 KB
57 KB 122ms
14ms Image
image/jpeg 66.248.205.109
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://store.vidamelhoresaude.com/selfvideo/20230118/CE/2CE57A673270w900h506.jpeg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 66.248.205.109 Amsterdam, Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
Software: nginx/1.12.2 / ASP.NET
Resource Hash: 59c1de99ae290d7fd78e52b178bcbeb6f539202b412abfcdea8e48279498fed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Jan 2023 03:02:36 GMT
Server: nginx/1.12.2
ETag: W/"db256551e92ad91:0"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 26 Jan 2023 15:11:53 GMT

GET
H/1.1 200
OK BA4FFF054DC5.svg
store.vidamelhoresaude.com/logo/2022-09-19/ 6 KB
6 KB 120ms
13ms Image
image/svg+xml 66.248.205.109
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://store.vidamelhoresaude.com/logo/2022-09-19/BA4FFF054DC5.svg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 66.248.205.109 Amsterdam, Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
Software: nginx/1.12.2 / ASP.NET
Resource Hash: 2c8d3973045b182a25c23d399c473d74f455db86b3a264747a75ffea301f23e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Last-Modified: Tue, 20 Sep 2022 02:07:07 GMT
Server: nginx/1.12.2
ETag: "39a063af95ccd81:0"
X-Powered-By: ASP.NET
X-Cache: HIT
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5978
Expires: Thu, 26 Jan 2023 15:11:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 133ms
68ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4842905787522005

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5646999b2c3cfca0e5502e7c05bd24e8a047972730a4e66f9c42bc4bc335df45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49487
x-xss-protection: 0
server: cafe
etag: 17431716781592025273
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 15:11:53 GMT

GET
H/1.1 200
OK F9CA8508FEA5w1200h630.jpeg
store.vidamelhoresaude.com/picture/20220615/9C/ 24 KB
23 KB 122ms
15ms Image
image/jpeg 66.248.205.109
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://store.vidamelhoresaude.com/picture/20220615/9C/F9CA8508FEA5w1200h630.jpeg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 66.248.205.109 Amsterdam, Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
Software: nginx/1.12.2 / ASP.NET
Resource Hash: 4d9e2f35002201480b0327101926ffe2060c9f6e73c656ff97e76d03d1bd88eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jun 2022 09:41:45 GMT
Server: nginx/1.12.2
ETag: W/"ccd646209c80d81:0"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 26 Jan 2023 15:11:53 GMT

GET
H/1.1 200
OK pic.svg
vidamelhoresaude.com/Content/images/ 949 B
1 KB 264ms
254ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vidamelhoresaude.com/Content/images/pic.svg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bc8ff5fc4b2d224607e923e1731b32c687d5f9e1f43b0368d57a1713ebc92805

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:54 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Mon, 31 Oct 2022 08:10:03 GMT
Server: cloudflare
ETag: W/"36a4b72d0edd81:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV76Phdjgy9RjrrOUCcDOiLjD9n%2FV26DDKjZKPVjWM49%2FIWq3RzbmUXyyh8%2BgR7UCxvLAgsNXW5mcnaDwmc8juBpp3RHuN6uFgxgRb4IBsfuve7VDWXsjabknlJqUU2dARirefN6kGmOH7CG36q4dIIBQA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Cache-Control: max-age=14400
CF-RAY: 78c081695a1b917d-FRA

GET
H/1.1 200
OK E3685862F2EFw1200h628.jpeg
store.vidamelhoresaude.com/selfvideo/20220122/36/ 41 KB
42 KB 123ms
16ms Image
image/jpeg 66.248.205.109
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://store.vidamelhoresaude.com/selfvideo/20220122/36/E3685862F2EFw1200h628.jpeg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 66.248.205.109 Amsterdam, Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
Software: nginx/1.12.2 / ASP.NET
Resource Hash: 56af7df2fd0bcdd8af363b3a03d9d62b92aa39898ef16304c26c698fac446e00

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Jan 2022 12:45:30 GMT
Server: nginx/1.12.2
ETag: W/"96e26f08dfd81:0"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 26 Jan 2023 15:11:53 GMT

GET
H/1.1 200
OK player.png
vidamelhoresaude.com/Content/images/ 2 KB
3 KB 268ms
258ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vidamelhoresaude.com/Content/images/player.png
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fe4e3a97c0dcd511008c658a75b0986054ab6be96b309062328ca085f47f947d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:54 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2422
Last-Modified: Fri, 09 Sep 2022 07:54:03 GMT
Server: cloudflare
ETag: "e6c2a5421c4d81:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B770BYKKNH3YiJXtQohulPF35YGM%2Bp%2B27PPQPFyMujHjbE2VPZHeVGfdxTQvub3vvb8UFtW3DaRS38jJMQZJxBbkQnPvphNf37%2FnvLQSt5fA3aE%2FjGcEMa6cLcSkE3d%2BD%2F5jtddQkfoKEhO8z68VdnkIjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 78c0816959ee9101-FRA

GET
H/1.1 200
OK B17D53A11B89w1200h630.jpeg
store.vidamelhoresaude.com/picture/20220614/17/ 31 KB
31 KB 115ms
18ms Image
image/jpeg 66.248.205.109
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://store.vidamelhoresaude.com/picture/20220614/17/B17D53A11B89w1200h630.jpeg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 66.248.205.109 Amsterdam, Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
Software: nginx/1.12.2 / ASP.NET
Resource Hash: acf4a64d3f3bcd4519697e7060aeb3f0ed30ada563dc1cab3ebe93fd082cc3c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Jun 2022 06:24:21 GMT
Server: nginx/1.12.2
ETag: W/"74434e62b77fd81:0"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 26 Jan 2023 15:11:53 GMT

GET
H2 200 vidamelhoresaude.com.1335228.js Show response
jsc.mgid.com/v/i/ 3 KB
2 KB 57ms
22ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/v/i/vidamelhoresaude.com.1335228.js
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d83f66fe38fb4d019b188c1456fc14aafcb8bc0bac7c8d5d100df9193560933f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:53 GMT
x-amz-version-id: zch6s5omPuMwP7gcrHgxIBCWevSSinrT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 9X7Z56SMBV030SMZ
age: 2613
cf-polished: origSize=2672
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: RqEsoZKVC8ZrkjAK2ClWzSeTVv7Edf1Ti0y32WRVlBZ+Q/nGB1luQM80ROUEThVCvhD2ClNdUps=
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:23:15 GMT
server: cloudflare
etag: W/"8764808141fe85c44006b0044bc6a315"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 78c0816a4aec9bc5-FRA
expires: Thu, 19 Jan 2023 18:11:53 GMT

GET
H/1.1 200
OK 714F6EC1DA27w746h375.jpeg
store.vidamelhoresaude.com/selfvideo/20220413/14/ 28 KB
28 KB 15ms
14ms Image
image/jpeg 66.248.205.109
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://store.vidamelhoresaude.com/selfvideo/20220413/14/714F6EC1DA27w746h375.jpeg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 66.248.205.109 Amsterdam, Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
Software: nginx/1.12.2 / ASP.NET
Resource Hash: a5eae695f941e0f2f2cd55847f9b616fad0a136458e2208479f582672b9607ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 03:00:14 GMT
Server: nginx/1.12.2
ETag: W/"f1fff99e24ed81:0"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 26 Jan 2023 15:11:53 GMT

GET
H/1.1 200
OK F174AC63F743w750h375.jpeg
store.vidamelhoresaude.com/picture/20220718/17/ 29 KB
29 KB 26ms
15ms Image
image/jpeg 66.248.205.109
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://store.vidamelhoresaude.com/picture/20220718/17/F174AC63F743w750h375.jpeg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 66.248.205.109 Amsterdam, Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
Software: nginx/1.12.2 / ASP.NET
Resource Hash: d99c013c454eb15f1198257903223e43213bde920ca979ab2063345d126f2498

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Jul 2022 00:31:47 GMT
Server: nginx/1.12.2
ETag: W/"de0ecc33d9ad81:0"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 26 Jan 2023 15:11:53 GMT

GET
H/1.1 200
OK 765C2E2E9E7Dw813h409.jpeg
store.vidamelhoresaude.com/selfvideo/20220224/65/ 35 KB
35 KB 17ms
16ms Image
image/jpeg 66.248.205.109
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://store.vidamelhoresaude.com/selfvideo/20220224/65/765C2E2E9E7Dw813h409.jpeg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 66.248.205.109 Amsterdam, Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
Software: nginx/1.12.2 / ASP.NET
Resource Hash: 0d3fda1c1406d6a3601f4c24c0552c2ba174b829ff67cacad285b4aceb676432

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 03:22:04 GMT
Server: nginx/1.12.2
ETag: W/"4a8b4db22d29d81:0"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 26 Jan 2023 15:11:53 GMT

GET
H/1.1 200
OK A52655C03656w730h430.jpeg
store.vidamelhoresaude.com/picture/20220711/52/ 37 KB
37 KB 14ms
13ms Image
image/jpeg 66.248.205.109
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://store.vidamelhoresaude.com/picture/20220711/52/A52655C03656w730h430.jpeg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 66.248.205.109 Amsterdam, Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
Software: nginx/1.12.2 / ASP.NET
Resource Hash: b784f4a6c9104a23d84a1fd12a6d718f4677a73d73e1ebda1fc44555eeb94f34

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Jul 2022 21:50:10 GMT
Server: nginx/1.12.2
ETag: W/"3320b86a794d81:0"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 26 Jan 2023 15:11:53 GMT

GET
H/1.1 200
OK B06CB638A043w1024h536.jpeg
store.vidamelhoresaude.com/selfvideo/20220523/06/ 26 KB
26 KB 15ms
14ms Image
image/jpeg 66.248.205.109
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://store.vidamelhoresaude.com/selfvideo/20220523/06/B06CB638A043w1024h536.jpeg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 66.248.205.109 Amsterdam, Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
Software: nginx/1.12.2 / ASP.NET
Resource Hash: 3e3ae91c4f9151cc9cd1d895f34bb97fce3f43c0f6618ac82e0057ff4d2cdd85

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 May 2022 13:55:07 GMT
Server: nginx/1.12.2
ETag: W/"4b92cb6ac6ed81:0"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 26 Jan 2023 15:11:53 GMT

GET
H/1.1 200
OK D64EE55DAA84w1200h630.jpeg
store.vidamelhoresaude.com/picture/20220711/64/ 33 KB
31 KB 16ms
15ms Image
image/jpeg 66.248.205.109
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://store.vidamelhoresaude.com/picture/20220711/64/D64EE55DAA84w1200h630.jpeg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 66.248.205.109 Amsterdam, Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
Software: nginx/1.12.2 / ASP.NET
Resource Hash: 6bfd794de8c530d8977ce1fce50327ff6f5ff972e092029a1b47f7b82d8a11ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2022 04:03:48 GMT
Server: nginx/1.12.2
ETag: W/"7671e038db94d81:0"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 26 Jan 2023 15:11:53 GMT

GET
H/1.1 200
OK 60FB440DA189w750h375.jpeg
store.vidamelhoresaude.com/selfvideo/20220106/0F/ 21 KB
21 KB 14ms
14ms Image
image/jpeg 66.248.205.109
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://store.vidamelhoresaude.com/selfvideo/20220106/0F/60FB440DA189w750h375.jpeg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 66.248.205.109 Amsterdam, Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
Software: nginx/1.12.2 / ASP.NET
Resource Hash: b64541cb501a3342c825fcb34a082fcdadcf947d7c592719aade9680c9116592

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jan 2022 09:25:37 GMT
Server: nginx/1.12.2
ETag: W/"33316a5ddf2d81:0"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 26 Jan 2023 15:11:53 GMT

GET
H/1.1

200
OK

/ Show response
count.xxxssk.com/
Redirect Chain

http://vidamelhoresaude.com/xstat/index/1340
http://count.xxxssk.com/?1340

7 KB
2 KB

514ms
254ms

Script
text/javascript

119.28.16.172
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: http://count.xxxssk.com/?1340
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 119.28.16.172 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e1fd259702803d8c2192882f36c04233f38ee352276f37e55731b5698d51dd5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
P3P: CP=CAO PSA OUR
Cache-Control: public
Content-Length: 2020
Expires: Thu, 19 Jan 2023 15:16:54 GMT

Redirect headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
X-AspNetMvc-Version: 5.2
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-AspNet-Version: 4.0.30319
Server: cloudflare
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfJLh4D2I6%2BGvqlR3cPlLUUf3k1k9hiBZjA%2F2khAVE5RmH2VP1jSqTudapRYC5SonT2XLkTlRKXYCUxuHQF3do%2FA2o%2BoEDRbRZ2fnhHQL0Jy1kT12mDTgIhvNKbnWJAoGIytni5zwSi4Td6EtjzLLNYiwA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=utf-8
Location: //count.xxxssk.com?1340
Cache-Control: private
Connection: keep-alive
CF-RAY: 78c0816839ba2bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

stat Show response
vstat.borderlessbd.com/
Redirect Chain

http://vidamelhoresaude.com/xstat/moneystat
http://vstat.borderlessbd.com/stat

1 KB
1 KB

737ms
106ms

Script
text/html

45.113.68.192
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: http://vstat.borderlessbd.com/stat
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 45.113.68.192 Barrie, Canada, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a71e96a8eda8ea5968abde4bd93f4c9db1aeca3c4a01f7f0edd6167570e25923

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:54 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 1017

Redirect headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
X-AspNetMvc-Version: 5.2
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-AspNet-Version: 4.0.30319
Server: cloudflare
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO9D5z7qBtwKYZbc%2Bo%2FSA9D%2Bpx%2FvX5LShyHpdyjWOd7FyJRRkl3f4QHKvOLQ%2FGgRAt4Q4C3Tl%2Bv4C50ORitK0guCTYlGlMXJl7OF26uwxGUtfRFi94qeJvNMcDySiUXvH3rztdGbTFN4jWV2HcahONqM7A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=utf-8
Location: //vstat.borderlessbd.com/stat
Cache-Control: private
Connection: keep-alive
CF-RAY: 78c08168c8689013-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK caidan.png
vidamelhoresaude.com/Content/images/ 582 B
1 KB 220ms
219ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vidamelhoresaude.com/Content/images/caidan.png?v=3
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 13b112820989ab9a80199462936386d02b99a4fd35911d0ed56edbebcf5ec98e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:54 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 582
Last-Modified: Fri, 09 Sep 2022 07:54:03 GMT
Server: cloudflare
ETag: "846085421c4d81:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KA8bAPsLEdQi8qXlKBOEbg%2BD3NOJ97FpDRuWARvbdqyvYBLzDvue2HStw95cK3COzvaqYhpcbjfeg1CDMdgzh%2FCYHRZhRShBwfWcWmJ0xFRL6roVb4iWQQFOgZ9avn6jIVFaUp2BtrvuHmy4IJIbGp4oA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 78c0816a1dbc2bd7-FRA

GET
H/1.1 200
OK tupian.png
vidamelhoresaude.com/Content/images/ 3 KB
4 KB 224ms
223ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vidamelhoresaude.com/Content/images/tupian.png?v=3
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6ba98e4f1ad4cedcac0a40e18e8170aca21dda173c008c105ec5806567e51068

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:54 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2923
Last-Modified: Tue, 13 Sep 2022 01:50:02 GMT
Server: cloudflare
ETag: "d21cfc2313c7d81:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmUW1BZVjaH5r%2F3qdr13uqfbX%2FoqvKhXswWbZu%2BDW3SMc4ZmeGrs66RyWovubi3Ktuskl9jrqKf5xQiOp5%2Fvy9j2PnJLbf3301zsjV9QXdoPWsAzuVWUV%2Fzz%2FFGQQtgCO2E6Q7V2iNfUpuC4vKrkVbfL9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 78c0816a1c9a2ba2-FRA

GET
H/1.1 200
OK wenzhang.png
vidamelhoresaude.com/Content/images/ 2 KB
3 KB 233ms
232ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vidamelhoresaude.com/Content/images/wenzhang.png?v=3
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 674c2c7ce1d1e4e83b86636a8f3be7156f9a9b0a2022525ebfb31640d33376a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:54 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2036
Last-Modified: Tue, 13 Sep 2022 01:50:02 GMT
Server: cloudflare
ETag: "d21cfc2313c7d81:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOMJ9X%2F5bjNtqbP8lHS0bVHb3rIvoSCdWT2ZZ3WTl40jAP%2FHRL2npw3FSIbb6BGb2qPJVzJ9Utca%2Fc6PVwSfi0J73fDmnCE1iyBWfQ7QfhnVWIwPkd5D%2BVhNA9WRiPQVz9dzSqP6vtL5qFLfQ0VUyAcaFg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 78c0816afd05917d-FRA

GET
H/1.1 200
OK shipin.png
vidamelhoresaude.com/Content/images/ 3 KB
3 KB 15ms
15ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vidamelhoresaude.com/Content/images/shipin.png?v=3
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3cfdf6daca4bb91ff9d776876a289686465be6c3dbfb947d4c86688046408189

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:54 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2988
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2592
Last-Modified: Tue, 13 Sep 2022 01:50:02 GMT
Server: cloudflare
ETag: "d21cfc2313c7d81:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BH39ndzNMwwF7Q6bAzHz5yPdvOQd6xcCurV%2Bv8%2BddCC%2BWZ2ciZxMgLfyoGeTTW3I6EEoS0Pm0JyFTtxPmJGECDh5eysqj6Fc4WvC%2F%2FVvHAZiEISUEbTn%2FS8mypmVOz7TfF%2BwtZnK%2Fr5It01zDXm%2F%2FIpL0w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 78c0816afcac9101-FRA

GET
H/1.1 200
OK top.png
vidamelhoresaude.com/Content/images/ 2 KB
3 KB 15ms
15ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vidamelhoresaude.com/Content/images/top.png?v=3
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9af7fd8d18e80b0ac79b602081f75c658a17a7b4599674bf3822bacc9eec5f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:54 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2988
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1810
Last-Modified: Fri, 09 Sep 2022 07:54:03 GMT
Server: cloudflare
ETag: "e6c2a5421c4d81:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvDbVBtimUkm7Sy7qnn1UL3sHxYv6ZZo34GWnjbb79z1D6jhEWyl4lknr%2B%2B4crgAkQOntE15aihaSF1aUHO225MgSIdJxqHIBfVBIbQQYroCsUWT7%2F%2FyZ5o0Si7RhB0Cxtf6lz1FBechP3bv7ABI4cBpLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 78c0816b0ccd9101-FRA

GET
H/1.1 200
OK email-decode.min.js Show response
vidamelhoresaude.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
10ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://vidamelhoresaude.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

HTTP/1.1

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 13 Jan 2023 23:34:08 GMT
Server: cloudflare
ETag: W/"63c1ea70-4d7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQ9Zy3tdrUqKkHs%2Fw4HRJKoLEtFm%2BM1IxOXXEwqBV0b2fALAF6pp0r4fq6c1XgI1zji6LP5oL5PBlknlvpYd0B%2BBKqPPJflzaShcso8m8YBmIwMbLyHD0Aa7zQ0rrDZaxERFETVKmCluNYd72hgj6eP4aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
CF-RAY: 78c081694b3b2ba2-FRA
Expires: Sat, 21 Jan 2023 15:11:53 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2

200

vtt.min.js Show response
cdn.jsdelivr.net/gh/gkatsev/vtt.js@vjs-v0.12.1/dist/
Redirect Chain

https://cdn.rawgit.com/gkatsev/vtt.js/vjs-v0.12.1/dist/vtt.min.js
https://cdn.jsdelivr.net/gh/gkatsev/vtt.js@vjs-v0.12.1/dist/vtt.min.js

28 KB
9 KB

45ms
19ms

Script
application/javascript

2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/gkatsev/vtt.js@vjs-v0.12.1/dist/vtt.min.js

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

231c91685d03079e2907888c1b2be5faaa850748572692a4f8e8a9a21d710c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6871175
x-jsd-version: js-v0.12.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19148-FRA, cache-yyz4534-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"707f-Jlwu2n6aelOGQxKG9mztLgBR0h8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7Zgc72lDrVPN1GfsCRuimzz8T%2B%2FgX9p%2FcIUC7zzRIw%2BbuVm4h07VhzcqtjCibUa4lftkjP04qpi6DTvZ69LdmvPPIr9PgPf25qTo8qUOzRUhCn408%2F4jUCExOCn5giu5SYIaSrigZR4zHnHFqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 78c0816acea3901e-FRA

Redirect headers

date: Thu, 19 Jan 2023 15:11:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 1055
age: 37835
x-cache: HIT, HIT
cdn-cachedat: 01/19/2023 15:11:53
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 104
x-served-by: cache-fra-eddf8230107-FRA, cache-yyz4573-YYZ
server: BunnyCDN-DE1-1055
cdn-proxyver: 1.03
cdn-requestpullcode: 301
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/gh/gkatsev/vtt.js@vjs-v0.12.1/dist/vtt.min.js
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers: *
cache-control: public, max-age=2592000
cdn-cache: EXPIRED
cdn-requestid: 61a7f095e7a5126fcb2a743a24f1abc1
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 301
cdn-requestpullsuccess: True

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 355 KB
117 KB 121ms
78ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4842905787522005&plah=vidamelhoresaude.com&bust=31071636

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4842905787522005

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

deef6b5cb7fdf841e2553a0288fda37013f9c42c6ca750e74fbff0e7ffa7630e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119796
x-xss-protection: 0
server: cafe
etag: 4152468369502794362
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 15:11:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/ Frame 1B59 10 KB
5 KB 32ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4842905787522005

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vidamelhoresaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 12:16:20 GMT
etag: 10353107486223812946
expires: Thu, 02 Feb 2023 12:16:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 vidamelhoresaude.com.1335228.es6.js Show response
jsc.mgid.com/v/i/ 257 KB
75 KB 228ms
227ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/v/i/vidamelhoresaude.com.1335228.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/vidamelhoresaude.com.1335228.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcda76660ef0b347c5f28e5beb798b0a1438bed451840b7b575f1460647b2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
x-amz-version-id: 2OhcxczLxHVGySj7om3m0x6ok0jmcKlz
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 98A4EAYZWEV8FA9X
cf-polished: origSize=263335
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZQmP8ptxxD9bXw3/IzCggqbH0KX8iSbnHkyTEO8g/1DlN/WB8j5+7huifHou/JSd2LJvDNWILPh/9vNtxcGxcw==
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 10:23:15 GMT
server: cloudflare
etag: W/"dbc3f4fdc7434db0b87876ad974df3d3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 78c0816aabbf9bc5-FRA
expires: Thu, 19 Jan 2023 18:11:54 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 407 B
704 B 41ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vidamelhoresaude.com&callback=_gfp_s_&client=ca-pub-4842905787522005&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4842905787522005&plah=vidamelhoresaude.com&bust=31071636

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36e5081637c0cebaec35e2b2509cf0cb9dc4f8752c31c8781e433f9a4475881f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 51ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vidamelhoresaude.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 48ms
20ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vidamelhoresaude.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 137ms
136ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&tn=DIV&cls=headling_top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D865 402 KB
89 KB 575ms
574ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4842905787522005&output=html&adk=1812271804&adf=3025194257&lmt=1674141114&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&ea=0&pra=5&wgl=1&dt=1674141113988&bpp=3&bdt=616&idt=222&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1027195925911&frm=20&pv=2&ga_vid=1610549778.1674141114&ga_sid=1674141114&ga_hid=1582001668&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071636&oid=2&pvsid=2459217514302751&tmod=588599450&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=247

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f43b59dceac0ff3e4e4f26bb8eef21e4f5af45e16cc92bf5e05558f684a21d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vidamelhoresaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 90800
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 15:11:54 GMT
expires: Thu, 19 Jan 2023 15:11:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B4F 72 KB
23 KB 318ms
318ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4842905787522005&output=html&h=280&slotname=9680108032&adk=1221332443&adf=2427095399&pi=t.ma~as.9680108032&w=890&fwrn=4&fwrnh=100&lmt=1674141114&rafmt=1&format=890x280&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1674141113991&bpp=2&bdt=619&idt=252&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1027195925911&frm=20&pv=1&ga_vid=1610549778.1674141114&ga_sid=1674141114&ga_hid=1582001668&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=355&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071636&oid=2&pvsid=2459217514302751&tmod=588599450&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8dFxwgRqlb&p=http%3A//vidamelhoresaude.com&dtd=258

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ea5edbecdd13908a33dba58e63c1ea39c5a693ac967f6fb1e424e751852ea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vidamelhoresaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23042
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 15:11:54 GMT
expires: Thu, 19 Jan 2023 15:11:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3800 430 B
231 B 154ms
154ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4842905787522005&output=html&h=280&slotname=9680108032&adk=442490585&adf=3447725916&pi=t.ma~as.9680108032&w=890&fwrn=4&fwrnh=100&lmt=1674141114&rafmt=1&format=890x280&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1674141113993&bpp=1&bdt=621&idt=260&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C890x280&nras=1&correlator=1027195925911&frm=20&pv=1&ga_vid=1610549778.1674141114&ga_sid=1674141114&ga_hid=1582001668&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=355&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071636&oid=2&pvsid=2459217514302751&tmod=588599450&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JaHM4zSXG6&p=http%3A//vidamelhoresaude.com&dtd=264

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e18f1fed9f1e6f203ca87397198165380217282072a16954ea44eefb8af8817d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vidamelhoresaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 15:11:54 GMT
expires: Thu, 19 Jan 2023 15:11:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK fb9174c6-7ba4-4e2f-a7cb-6b9c801ac59e
http://vidamelhoresaude.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://vidamelhoresaude.com/fb9174c6-7ba4-4e2f-a7cb-6b9c801ac59e
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 53dc9f5b-65fc-43aa-9c6b-14cbd998aad9
http://vidamelhoresaude.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://vidamelhoresaude.com/53dc9f5b-65fc-43aa-9c6b-14cbd998aad9
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 / Show response
c.mgid.com/pv/ 0
43 B 39ms
25ms Script
text/plain 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=167414111431970036941&uniqId=1340b&lct=1674000000&niet=4g&nisd=false&jsv=es6&ref=&cxurl=http%3A%2F%2Fvidamelhoresaude.com%2Fvideo_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09&lu=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&sessionId=63c95dba-13cb9&pageView=1&pvid=185ca961fcfb14d825a&site=799347&implVersion=11&dpr=1&tfre=855
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/vidamelhoresaude.com.1335228.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c0816c9ff89bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content d3955acf-4312-4d0e-8c78-61711eaf27ad
http://vidamelhoresaude.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://vidamelhoresaude.com/d3955acf-4312-4d0e-8c78-61711eaf27ad
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 34ms
19ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BQQZ016TJQM3CQAQ
age: 3026
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 78c0816cb8349bc5-FRA
expires: Fri, 20 Jan 2023 15:11:54 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 35ms
21ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BQQP2P0ZGAY0CMXJ
age: 3971
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 78c0816cb8329bc5-FRA
expires: Fri, 20 Jan 2023 15:11:54 GMT

GET
H/1.1 200
OK /
count.xxxssk.com/s/ 338 B
565 B 254ms
254ms Image
image/jpeg 119.28.16.172
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://count.xxxssk.com/s/?isentrance=true&guid=6180d569-fc99-6945-0b59-a72a3a77ce1c&resolution=1600,1200&colordepth=24&location=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&referrer=&rd=0.07780692059902017&sid=1340&dpr=1&appCodeName=Mozilla&appName=Netscape&appVersion=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/109.0.5414.74%20Safari/537.36&maxTouchPoints=0&platform=Win32&product=Gecko&productSub=20030107&vendor=Google%20Inc.&deviceMemory=undefined
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 119.28.16.172 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:54 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/jpeg
P3P: CP=CAO PSA OUR
Cache-Control: private
Content-Length: 338

GET
H2 200 1 Show response
servicer.mgid.com/1335228/ 14 KB
4 KB 73ms
57ms Script
application/x-javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1335228/1?pv=5&cbuster=1674141114391475524596&uniqId=1340b&lct=1674000000&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=890&h=4513&maxw_7=336&maxh_7=279&ident_p=true&cols=1&ref=&cxurl=http%3A%2F%2Fvidamelhoresaude.com%2Fvideo_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09&lu=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&sessionId=63c95dba-13cb9&pageView=1&pvid=185ca961fcfb14d825a&implVersion=11&dpr=1&tfre=927
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/vidamelhoresaude.com.1335228.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29734f4c875a2577a04ada079b64b11d6c3bea72d1bc91869ec9613a14bb191

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 78c0816d09299bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS81NzU5NDcvODdjO...
s-img.mgid.com/g/15132313/492x277/-/ 5 KB
6 KB 55ms
20ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15132313/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS81NzU5NDcvODdjOTgwMGQ1ZWNkNGMzMjY0OTQzMGE0OWJmMTQwYTguanBlZw.webp?v=1674141114-uK1xSeUwndVTUPxtKIkOHsLkiJ2dzagkMd17gV3Ub4Y
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eaccc25e2ba7f12b8d7193dbfb6da5b51a0b1034353a8bbbf64659f46af186d

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 12:45:52 GMT
x-mg-request-uuid: 1eac6988-58c9-4576-a9e5-55a825751af3
server: cloudflare
age: 267360
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dba2fbb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5300

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC80NzQzNzAvODFkM...
s-img.mgid.com/g/14466107/492x277/-/ 14 KB
15 KB 63ms
29ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14466107/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC80NzQzNzAvODFkMjVkNTdjODA5YTE5OWQ3ZmJiYzQ4YTY2NGM3NTIucG5n.webp?v=1674141114-ZGKrZ585obcyGVhN3HTmGLlsvPpk_MbkSC01v7tOjdQ
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd182a46b9625200e73903af45fc34610afb5b0fef4b4b7bc6eb5178836c2769

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Thu, 19 Jan 2023 06:14:46 GMT
x-mg-request-uuid: fc360df7-cda0-436c-8e44-1da86602af80
server: cloudflare
age: 32095
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dba33bb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14788

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS80NzAzMzUvMTU5M...
s-img.mgid.com/g/15054938/492x277/-/ 16 KB
17 KB 62ms
27ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15054938/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS80NzAzMzUvMTU5M2FmMjNmNjVhYTRmZTU0OGYwZDA0MjMyZTBhOTIucG5n.webp?v=1674141114-JGdAL0WK4Xy7iEOycUs4iAh2eh6rN-C4D7LWMWgR0PI
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b26bdc47a7927acbcea5b4a917d7528a2fbd106b626935815fd357ad2fae8e4

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Thu, 19 Jan 2023 06:15:04 GMT
x-mg-request-uuid: 5036a39b-9ea8-492e-9b56-665a4a9b1241
server: cloudflare
age: 32089
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dba36bb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16670

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS80MzkwMjkvN2U0Y...
s-img.mgid.com/g/14776971/492x277/-/ 20 KB
20 KB 56ms
22ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14776971/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS80MzkwMjkvN2U0YjA0MzkwNmQ3ZTgzZTk0MjhmM2Q3MTViYWVkOTkucG5n.webp?v=1674141114-ht4i-7nMkH20uKjnoC68yYD8pFZ-M6FRwotxYp1OYlU
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76c4452cde3d4a112748673445ab39c4ed40b8dae06e7214d95c2fc9259d482f

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 09:38:38 GMT
x-mg-request-uuid: 53829939-08b4-4130-a8d1-1c8aa15eeaea
server: cloudflare
age: 106347
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dba38bb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20594

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS80MzkwMjkvNmVhM...
s-img.mgid.com/g/14776797/492x277/-/ 7 KB
7 KB 55ms
21ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14776797/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS80MzkwMjkvNmVhMTI0ZWJmMzVlN2MxMGQ5ZmVjNDlhZWQyY2Y2MDUucG5n.webp?v=1674141114-Mv65zLg8jXMXkBLawL1TrCs6NBxb4NfGOsXWiCniHOk
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fd24e7c378968529220d6592a240724568afc277e27fe5ba6efcef00bb0cc02

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 09:39:40 GMT
x-mg-request-uuid: 203b88b9-44c1-4bb6-bea9-82d18acd0efd
server: cloudflare
age: 106334
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dba39bb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7284

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8yMzYwOTUvNmFmY...
s-img.mgid.com/g/15128049/492x277/-/ 12 KB
13 KB 62ms
28ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15128049/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8yMzYwOTUvNmFmYmY0ZjU2ZDBkNGY3OWNhNDMzNGYxMWFhNTNiYWQuanBn.webp?v=1674141114-tOqG9AKafhCRP6t8NrwLxTONrkPE5mVwPwfhGzl2RlQ
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24fe15a82ba04931bedf5c19ee71434e8dabcc935273b9182c017df5aedfa4d3

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 15:11:24 GMT
x-mg-request-uuid: 69fcd603-a9f1-4395-911e-58857f6e9656
server: cloudflare
age: 197299
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dba3cbb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12786

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzUzNTE0OS9mNTMxNDMxNjI0ZjkyNzU3MzgxY...
s-img.mgid.com/g/11249008/492x277/-/ 21 KB
21 KB 27ms
24ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11249008/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzUzNTE0OS9mNTMxNDMxNjI0ZjkyNzU3MzgxYWU1Mjk2MzkwMDkyZi5qcGc.webp?v=1674141114-ClL3GtONMp6iAavfJP8nMrIhMwIx6uR9wzx0WfYU8EA
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f42daca24ad58ae6f5bf45288909fe1e0f65906bf0a9bacfd13240e9ca335

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 20:02:59 GMT
x-mg-request-uuid: 59d70837-5c4e-4fbb-95f9-d16b7389b85e
server: cloudflare
age: 297228
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dda83bb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21404

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8yMzYwOTUvNmE1N...
s-img.mgid.com/g/15117090/492x277/-/ 31 KB
31 KB 29ms
27ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15117090/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8yMzYwOTUvNmE1NGNiZDE1MjI0NzIwZTQ0ZDRiMDRlZmEzODBlNzUuanBn.webp?v=1674141114-q3yQyTz_hJDq72PZO7paLyJATRcEsuYUoSibGh7RWmI
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3881839e68058da0d1de418ffa2b016b4c1dc69166029420cb7c23281b08b27

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 13:41:14 GMT
x-mg-request-uuid: 0f9c521b-a65d-489e-aa5e-d600913ff22f
server: cloudflare
age: 264342
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dda86bb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31340

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi80NjY0ODAvMmYyYmU3MjljZjlhODM2Y...
s-img.mgid.com/g/12290497/492x277/-/ 19 KB
19 KB 24ms
22ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12290497/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi80NjY0ODAvMmYyYmU3MjljZjlhODM2YTM1NzFlMzgzY2U0MjYzZTIuanBn.webp?v=1674141114-GWuDkX41I13vW5ddvGZLBlUQFNP8b_8f7KahkYug-V0
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd7f33622e40202167bc44d183879d25497b1e66c51cebb21175b06711e68ce3

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 13:36:16 GMT
x-mg-request-uuid: 5f4f68ed-26bb-43c7-8e1a-74dda75d6a51
server: cloudflare
age: 267625
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dda88bb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19450

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS80ODUxMDAvNmRjN...
s-img.mgid.com/g/14198116/492x277/-/ 42 KB
43 KB 20ms
18ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14198116/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS80ODUxMDAvNmRjNjY5NDJkMDJjYjlhOWY1ZDk5ZGZlMTYwNjU0YmEuanBlZw.webp?v=1674141114-x84sxcDMDRFJh_pd4HmSNwG6EX1ZcwAfqDnpFSuf9co
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd287a1188909fb633cd18c9c95bbdaed11071d985d25f27f55e00c6d34a08b

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Jan 2023 09:12:15 GMT
x-mg-request-uuid: 638d7b59-5713-4e70-8ece-491c93a866b2
server: cloudflare
age: 1489041
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dda89bb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43428

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xNDY4ODQvOWM0NGI1MDkxNmU0YmMwZ...
s-img.mgid.com/g/10630752/492x277/-/ 15 KB
15 KB 26ms
23ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10630752/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xNDY4ODQvOWM0NGI1MDkxNmU0YmMwZmIyMDM4YTUxYWFhY2U3MmEuanBn.webp?v=1674141114-vLrIg1Yt3JYAbnQji62QRz5-LW9XI7iBzPnalz79ZG8
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c42bcd5f87a7bb474c1e38471ce2ae52169181ea9ede12f2e538d1992de56e8

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Jan 2023 09:39:11 GMT
x-mg-request-uuid: 411a3a33-c702-4651-8e48-dff6d7fca889
server: cloudflare
age: 1401955
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dda8abb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15358

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8zNDI4MjAvYTNhN...
s-img.mgid.com/g/14478352/492x277/-/ 6 KB
6 KB 19ms
17ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14478352/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8zNDI4MjAvYTNhNWRkY2RkNDE4NzhmM2IzN2M5ZTlmMjVmZjlkY2QuanBn.webp?v=1674141114-JRF1yEyarJ2N7eoeVp1464mXF4yrz3HkIAXRL8Re55A
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0c3ff14daa6148c960fc58bfffa44c86088720d928365989ec328d4b9bbe29f

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 11:51:03 GMT
x-mg-request-uuid: a061bccf-40cc-4c39-8323-77e839907368
server: cloudflare
age: 98285
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dda8cbb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6062

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNjk0MDMvN2UxZ...
s-img.mgid.com/g/12679329/492x277/-/ 11 KB
12 KB 31ms
29ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12679329/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNjk0MDMvN2UxZDg0MDMxZTRmYmZmOTcxMjk2MzMyZDlhMjk1NDUuanBn.webp?v=1674141114-8l3c5jS3YwXnO1FNQ2XmeviYvidsD7dPkNcqL0-9Fck
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fde466e464f7119cab94493c68c6177cea640d570abf93d25e986dcf3fd0b5c

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Sat, 14 May 2022 18:55:52 GMT
x-mg-request-uuid: b157ee2c-e9e8-411b-b200-89cd495fef82
server: cloudflare
age: 293789
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dda8ebb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11694

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8yMzYwOTUvZDZhZ...
s-img.mgid.com/g/15117101/492x277/-/ 18 KB
18 KB 28ms
26ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15117101/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8yMzYwOTUvZDZhZmY0MDE1MWY1NGE5YzgwMGZlOTI4OTk3ZmM0MzEucG5n.webp?v=1674141114-Xo5IPPA2mKTA4YxAH1rGYB5vSf_2Hr5jfk2sMipK7MY
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c92814958a03435ea9bd585f55b3b8634e8fdb7904e193a2baf6a04135558a9

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 13:42:11 GMT
x-mg-request-uuid: cb56ab4b-65c1-4625-b2ba-e8268ffdb075
server: cloudflare
age: 227844
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dda8fbb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18412

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjU4LHlfMTUyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxL...
s-img.mgid.com/g/15043975/492x277/-/ 13 KB
14 KB 23ms
21ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15043975/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjU4LHlfMTUyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxLzI5NTU1My83ODQ5YjQ2N2FjNGI1MDZmMDM3NGNmODE3NWU1ODc2Ni5wbmc.webp?v=1674141114-JHUyIZsS6iXnsVWSksxOR1xRTDrC2vxALRfggUBGHxU
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bcd9ebae1653ada143196bd8777b255dc693f5eba251c019f302be5c530e780

Request headers

Referer: http://vidamelhoresaude.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Jan 2023 11:25:29 GMT
x-mg-request-uuid: 07f1c6c4-8b67-46b1-8ae7-3ea51ab2b1ea
server: cloudflare
age: 1395889
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 78c0816dda93bb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13614

GET
H2 200 i.js Show response
cm.mgid.com/ 0
101 B 120ms
104ms Script
application/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=167414111450385118568
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/vidamelhoresaude.com.1335228.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 78c0816dba999bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame BCA0 0
37 B 112ms
109ms Script
application/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1674141114517770090634
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/vidamelhoresaude.com.1335228.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 78c0816dba9e9bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 54ms
21ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/vidamelhoresaude.com.1335228.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: FWPRJKZQW4E7H0BP
age: 2233
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 78c0816dfe8dbbef-FRA
x-amz-id-2: HcWQsuBfpb/Tfik6js3JIQHbUTNSRMBrG4FXNRkoemekMm77LKnHzEBwlVw33JvTHvCYC1TQKYUt6NsJYPhfkw==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 227 KB
72 KB 158ms
38ms Script
application/javascript 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/vidamelhoresaude.com.1335228.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 12:15:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=66299
accept-ranges: bytes
content-length: 73257
expires: Fri, 20 Jan 2023 09:36:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/ Frame 1B4F 22 KB
9 KB 45ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4842905787522005&output=html&h=280&slotname=9680108032&adk=1221332443&adf=2427095399&pi=t.ma~as.9680108032&w=890&fwrn=4&fwrnh=100&lmt=1674141114&rafmt=1&format=890x280&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1674141113991&bpp=2&bdt=619&idt=252&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1027195925911&frm=20&pv=1&ga_vid=1610549778.1674141114&ga_sid=1674141114&ga_hid=1582001668&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=355&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071636&oid=2&pvsid=2459217514302751&tmod=588599450&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8dFxwgRqlb&p=http%3A//vidamelhoresaude.com&dtd=258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 09:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 09:57:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1B4F 8 KB
1 KB 116ms
43ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 15:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 14:05:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Jan 2023 15:11:54 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/ Frame 1B4F 14 KB
3 KB 103ms
20ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 13:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 11:45:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:36:54 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/ Frame 1B4F 391 KB
132 KB 104ms
21ms Script
text/javascript 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ba3de99116648e15b945f844918e44b4c409a558d28e20119538bea2eab41c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 13:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135245
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 11:45:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:36:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 1B4F 18 KB
7 KB 45ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:14:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:14:45 GMT

GET
H/1.1 200
OK popwinbgpng
vstat.borderlessbd.com/png/ 631 B
863 B 108ms
107ms Image
image/jpeg 45.113.68.192
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vstat.borderlessbd.com/png/popwinbgpng?t=bed1193bd42337a569caf289cd9fcb5c
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 45.113.68.192 Barrie, Canada, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 35a889484f15ecee04fbf2353529baba84e1d65acc24f952950cdcca8f2bc121

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:54 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: private
Content-Length: 631

GET
H2 200 css
fonts.googleapis.com/ 4 KB
694 B 44ms
43ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/hola_player/1.0.165/hola_player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 15:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 14:04:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Jan 2023 15:11:54 GMT

GET
H/1.1 200
OK 2CE57A673270w900h506.jpeg
cdn16.oss-us-west-1.aliyuncs.com/ 56 KB
57 KB 581ms
154ms Image
image/jpeg 47.88.111.40
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn16.oss-us-west-1.aliyuncs.com/2CE57A673270w900h506.jpeg
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.88.111.40 San Mateo, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 59c1de99ae290d7fd78e52b178bcbeb6f539202b412abfcdea8e48279498fed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Thu, 19 Jan 2023 15:11:55 GMT
x-oss-request-id: 63C95DBBE2741F373048F903
Last-Modified: Wed, 18 Jan 2023 03:09:47 GMT
Server: AliyunOSS
Content-MD5: C56OtODYRS0Tt2S/ltImTQ==
ETag: "0B9E8EB4E0D8452D13B764BF96D2264D"
Content-Type: image/jpeg
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 13886925361470291913
Content-Length: 57620
x-oss-server-time: 2

GET
H/1.1 206
Partial Content v.mp4
store.fadecho.com/ytb/230118/1396939/ 4 MB
0 91ms
40ms Media
video/mp4 2606:4700:1::6813:824e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://store.fadecho.com/ytb/230118/1396939/v.mp4
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 2606:4700:1::6813:824e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Referer: http://vidamelhoresaude.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 19 Jan 2023 15:11:54 GMT
CF-Cache-Status: HIT
Age: 2612
X-Powered-By: ASP.NET
Content-Range: bytes 0-5572178/5572179
Connection: keep-alive
Content-Length: 5572179
Last-Modified: Tue, 17 Jan 2023 21:52:53 GMT
Server: cloudflare
ETag: "80e8bccbe2ad91:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=691200
CF-RAY: 78c0816f685b9c0d-FRA
Access-Control-Allow-Headers: *
Expires: Fri, 27 Jan 2023 15:11:54 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 369 KB
123 KB 89ms
88ms Script
text/javascript 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/hola_player/1.0.165/hola_player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341cac54e2233a3ea849713a87fce48e95ed8f3c8317c4d3bdcf0610da762e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125890
x-xss-protection: 0
expires: Thu, 19 Jan 2023 15:11:54 GMT

GET
DATA 200
OK truncated
/ 188 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83430139279a7c9aef5da8fe9bdf67d56350a4836deca67c90d6ad8adc309c47

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 187 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08c8894ca69591424058ac956d0138b1026b38e8d8a9c3ecdde3c9fff12699b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c05bbf6195d149c1e85bb45c06beabaa8b7137190b760a9456c4a6ef71ae2100

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
406 B 44ms
17ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

c6485f5ddb1792446607d5e2d2fc2197fc5038e2dc39d342817d5f435904fc0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://vidamelhoresaude.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://vidamelhoresaude.com
date: Thu, 19 Jan 2023 15:11:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
234 B 70ms
18ms XHR
application/json 2001:41d0:701:1000::2fb3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 86a0f107fc0fb63a79d39f942fcf64448352afc1902143c5e91a8415c70080be

Request headers

Referer: http://vidamelhoresaude.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://vidamelhoresaude.com
date: Thu, 19 Jan 2023 15:11:54 GMT
content-length: 54
vary: Origin
content-type: application/json

POST
H2 204 csi
csi.gstatic.com/ Frame 1B4F 0
327 B 220ms
91ms Ping
image/gif 2a00:1450:4017:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~ld38e7ja&c=5597605295810&slotId=2798802647905&qqid=CPGXrtP10_wCFTNaFQgd5eUAyw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4017:816::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 13:14:53 GMT
x-content-type-options: nosniff
age: 525421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 13:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://vidamelhoresaude.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 21:51:10 GMT
x-content-type-options: nosniff
age: 62444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:51:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1B4F 15 KB
16 KB 29ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 05:09:29 GMT
x-content-type-options: nosniff
age: 554545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 05:09:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1B4F 15 KB
15 KB 23ms
15ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 13:14:53 GMT
x-content-type-options: nosniff
age: 525421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 13:14:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B4F 0
20 B 138ms
138ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CcpaCul3JY_HSELO01fAP5cuD2AyO8-WHbrm28e6MEfAuEAEghMT_gwFgleKQgqAHyAEFqQIOBAAVeSayPqgDAcgDmwSqBJgCT9CRXTF4fY6n50HnULiza_qY2vI7p4MU3Z1z-1tsUIhYIS5litwB9qMZ-m6XSV82bOG89MYGtbaPvw41-Dma0xAAS7I0jqyX3TgLhyK9NDAq77NV1P4UiqIk4bqyJ-YKcDnhauoxapoZ8GD-3AcwGyqWJ9IcfugMzjOYRCQPPr5DyfjPOjgy9FeRXaLscXY9P0wT1tarz8ikrmbFBkNA26JGLz5XvN0k27IfLoPS81QD7PLCN35dJHNmD2WF4UUzxpMjaAorl_mamStA-T72p8ipOTQXBrvsy2qpTZpC_PN5ufRWZMSWRFLBbb53Eg7MOnPP0uRrzPKnBDwI02o75pp30mmS30Gh19_EeA6HzYSgdP5uAH3p-cAEpIj3mK4E4AQDkAYBoAZ2gAeg1tbHA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATvaHSEcgTwPTP4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1674141114802&ai=CcpaCul3JY_HSELO01fAP5cuD2AyO8-WHbrm28e6MEfAuEAEghMT_gwFgleKQgqAHyAEFqQIOBAAVeSayPqgDAcgDmwSqBJgCT9CRXTF4fY6n50HnULiza_qY2vI7p4MU3Z1z-1tsUIhYIS5litwB9qMZ-m6XSV82bOG89MYGtbaPvw41-Dma0xAAS7I0jqyX3TgLhyK9NDAq77NV1P4UiqIk4bqyJ-YKcDnhauoxapoZ8GD-3AcwGyqWJ9IcfugMzjOYRCQPPr5DyfjPOjgy9FeRXaLscXY9P0wT1tarz8ikrmbFBkNA26JGLz5XvN0k27IfLoPS81QD7PLCN35dJHNmD2WF4UUzxpMjaAorl_mamStA-T72p8ipOTQXBrvsy2qpTZpC_PN5ufRWZMSWRFLBbb53Eg7MOnPP0uRrzPKnBDwI02o75pp30mmS30Gh19_EeA6HzYSgdP5uAH3p-cAEpIj3mK4E4AQDkAYBoAZ2gAeg1tbHA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATvaHSEcgTwPTP4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 1B4F 29 KB
16 KB 156ms
57ms XHR
text/xml 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DwR3JtPuWAtr5yShXHgfpf6jlVQmVTKUFJVQ0Etd0W_WjGZQdfofi2UKuK7-kZ8MtjO-cbJEfzFpI6-hu-5KXBTljRZw&cry=1&dbm_d=AKAmf-AmU30I6MtcrdCzwhxWPemkMrRSHXAoJ8PPsrzNh4XeStB7yq8-CoGu0PSDVN2B1bHBw-7MGrQrT6uoasYyP-SSAToJBmgLwBI7eTDsdzs3IrFGfer7cal4XkwEdE1O2xEW_saMLxmpmTuhHZPxUfzzKttUDsNmJJBlwmm3Wm_0Z04TwOaBMU49EHmuBXdVRTSe2ci219xBsD_L7_rHMvbmKlJigrPpQFSDGRh9o11CW9D2GQbASUI-HltL2NilFsXRc4tb5LJc4ljh8pwjR-NoLIz1m1qgf2AujJjzhgtPhpW5EfWJgCjQC_IeqH1ZWMCg3c-Wjf4xqqh45d0dXr2jZ0WF0mx5cldMfbHKHfHdLxNKpYHz18crZbFlK6-p88KN99VUQTPH17Bz0jGZj7wzra7fT-KQnb45EYsjvHC7Z8wMKTZi75kfqgVlR5nlScdAK8e1YISZQZg3GUjbjw24HaHe0f4R1n_U7I1pBo6JZmDUdiB1lhoc8qYNLT7U0WWQUMFTW6tFCo9_UaVj6sog7HEr_NaSyOqTSpKgyzKbPBSd5GxmP8_BHZR1PjK2tC-cfyGtE6ft8RjxVZqe-Q7lIWfDijpI7E_kr7zjj8hnX_V0Fcb2IvqvOg_zk_Mu-MhhwgMBqD7vtG5wZFHgU0dMxIFkRvCKE0a54b63BqDOKmNJJrUa3t7qW8jocjlW6qkqdgRqxNhRuyAj7TMu-HGNhBFa0dt_JXyUJQWzCkTL0DV2cK8ycmBsUhDUt0ygUQMWBoK5dhLfUeMacn0MILyBaWE2v_qdpNOLfGJAQTw0D_ekHJ6_8j_ALjHtGJP8EK6C14HHZiwXQhSMXgpCeNJWKMbnSLlnzqBSfbz9GuCEE3Fsj0aABTOLbvwloNeLJIgeM354aY6UqYS8BXz2EfHvbP3hLigGcMeegA0T2-WvSJVx-iyTY0mpTq1apiOrdJFiasKGsrwHH4l9IoXAJLIAz4kYwcDS_i1TDIgt3d8HCNWKy3p4cVLTUq36DwlvcM9p0KHdqArVCLAGvqBXVpQZWy8YVgDhTHQif-EMQpAq5fgEmkLKab7MYvNQpnffwJOcoAOGCZuQWpqwje-G34oQGfSy1GRGFLA__tD1Jk2IwAzfJE5ZLwITt6lB10yOdzC7K7rBnFZIkcdvD302oz-RTPPZM88x0BmKieKO88F5qJcNigDt6c6RA-Jhq7dZGpLzk3Dx7IbCOVx1G9R5b6TuKkukQM4dxE2V8mCWPUz_B46RIGyeqIzXbHmaA8nruyGHL4bx_1VKjtkLHVFZK4k0poEedZvHA095d-qjRpT8H6HB2ccSRONAbJcx_4R4Zjj5DRpjVITILccz7upaN6yFd7Jh5XB5IaRojPUkf4cSAFcagT4rAZ16PmTeaDg1QDHcToNaSCM6OSGX9aLkh1Qsdnt8MgFsMoFyXhNOVZXZP-ThhU-ca9BqSkq6P1nfGUPR1ktA99sfBTL53dEaYOIp24w3flu170WxuzPGRTHKYCVjeEopE7z7AY2rzkOxQ9Mk1v7ADpjIyhQjaN1tWPeDF0oqWKdsyaXSsFHaJWamJPKECgIvrZM2dnX7JxB2G7FCPOOwvfGZwG-WaM0Adkv-CmmJRKLhuaUtDMQVZwbbsJI9MDRLcU8Vz5XF2MYvW9thnBarMRy5CnrFO5h-FX9k_cTp6PmMf_lpSU5SQQvmpLDdn1mDRGdZudbPdS2EbRxGZI8AZyyDOG7wNWfsdgQWpqAtOi8AFWvQxNjgguEISJz1nGlgTNV1D6eQHlLxLdSIFUph4lUVkNKNe4vDdCG4tPgrtQYwVTon3GL8NM7_fi3pD4XbHLbWZm0Ugxzysy0LoF4RoBIAMy9mh3DvjI02Lse8Q2Fko9cg8Hn_570YY5MlyelrofprTcOs5yRPThjXNEZ6PszzzBBN1a6Do6jRWW4KrG-YqZONUs_WXZrht3fusVbHJAvOLtOPpDk6eTOZgSM8YheKSUTocDZYECFqVfGS7nzbuEMeIrtQvHL9I4UURDMdYUfNvXCmzTKgz2K761H5Ryua0FwuVNJyj_OTC_4wFXVy661JKfmzPkeuyycUTuakXvLtepj-o8cuWGwh7CeUMlXXKTw2JQBh0L8C2Jai-vpA084itDvPIwnOo7vs2_z3u2z4ii0EOq5I6oscQaheZvpm3_ZzP-_K_o6qaDnF0JuuEUinVn0hcpnBfrUKHoCym4nohJctxRTnf40nsQ1YgwcKThH3dDPaId14hLxQFjxr8DHwDA_rYx5rVoPV-_yJWTbitsKgXw9AbpvnyGLlsdsjLarNK57HDgckjfcwokxF5QySJ6AKorEvT9JuWq3mkgBzdQ2DI8KTVUXLOlVUVlMVe8MjWTPWQbutWCwqkca67asYUZyuysGh-bt7Bgk3aXYBS47vEdZmCW96u4Dads_sp_bE649qFtt9Y3vH8siRCy-2RJT4ZW24fqJ46o36KVEJU3-f6Uhrsh8xLiqIhQevJAlWTP6VpqEBsw6Ljxy723WhMaAiyHq1XE9giLHjfhbccgsVqsf-B3rPdfU09foRe722X_6i3E5z88AQpzWiRLWp3iXKL1LAEE3Y28B-EtoefdhBJ739U_nk-ffC1tSYqlSMWG1-Li0zy9aRDsXo6RRMEKFIziOqYpJ6PJXnE0MPbbmgnxLrOsjRtydySygZSmLANzAzP-6CYi1ZWwPepyKGUfwM7cY8SVW8qdX4u67uHJE9R1-tWXhg0NmEFoHnfglK-pdfJ1TgemDd6zyrxvYy_qQxk6OOdrvtwKaqXgHO80wE4glzDZCe-Ee6QYuIx6kkyuvRLc-e7IVK9hkXsH2lNl2yfvMxpaS7-RtJdz8377ep6cI2JFEqMDfGIIErqNLTH_ke8Pc-T0_jknE4zBZkTSrQoT_XK_t1ZSPUkQ_neFDqc8MRH3Z0iSxNnWxXFWB5IGMek6ig0a0cM3n6AaCi_I5yAm_OVlCHuKJ8f1JSTOAbI2_ZaW-JfpCd-ayJSfDAlouQcmjVRw52gZoz3tZuxKXzchyaZiUBQ0MOnEYwn2AaVE38d4ipxeP-kBPGP353fmcV2o8QHW3g2QXt98DhtOmOXBFGZlOBkJsD2RtImn2kWTcwbE29nbGBkRsr3hBcCwxRlqKqFYb6IE2R-it9oc08K8pEhkqz4iptuAjlg5ZhxnspCV7Gr_XJLI-5NEh_ZXzRTgOa_LdnjqikgchM-S4wIZyAkYaBU0lhKAftCNlFqpDN7pNTETqH-AvdD4Afx-nQunoQCgWdbf3OkZNSiOlJ2hAh_bmoZMdG8lO3c4-AINy8qD85gWkalv7tRr8AmYY3NOvDnYbdmMV5d6HpVWdVDnpF7xIEKHPs99lPADoNiqsz6bm_735ppF-uPErsS9Jma4QQpAUkwZxX6yHxLJMZOPv6A6UkscEiyXLe4f9sRN41s0AXs1fddvsY8Uz0VC3K5q2jNqQ4IYENJF-4QMd5SBGjCu09_oVknyr2NMexXCWvaDIfekBSlpOJ1bDPSPVOm8QTL5bzuuF523HGq50L_j02Rkzo_U3OXUcjl1MpXm1c9j1ZK9Z3DQT6MJ9p3SNAqKRr-j5qdCTDsyqF3ciS92iDFOUK3L4JBrrNi3tTADj3nxBLe76VnV5I-thJ6nA5g8oetMTuymQtqnSdmJGLbbs6QzKrW9D-n_t2-qPPMyl0Hv8J_Q0Oz-74xzcozprHiDH9yPXf7V5x-cKDPghxQJWoCU24Fy59zmsAivVFGV_QfASksJOnCuAnbiFXefyc_s7bj6Sl7RlxRHp3m4ScUtdZcmC39XbZaLKTT2OdtENtuxlDYXeqDXC9AhuEn80BV20XrUPZ_Q10btsi4M8hpGRMrvbt-IU&cid=CAQSGwDq26N9L-k4L1UWcbPoZ62X0RveBz_MGPvlShgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

f7042ea9987be2ab173400e6e9d7a0339c629cf8bfd8276272a12baf3e4cf221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15937
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1B4F 0
0 85ms
82ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChV6cul3JY_HSELO01fAP5cuD2AyO8-WHbrm28e6MEfAuEAEghMT_gwFgleKQgqAHyAEFqQIOBAAVeSayPqgDAaoElQJP0JFdMXh9jqfnQedQuLNr-pja8jungxTdnXP7W2xQiFghLmWK3AH2oxn6bpdJXzZs4bz0xga1to-_DjX4OZrTEABLsjSOrJfdOAuHIr00MCrvs1XU_hSKoiThurIn5gpwOeFq6jFqmhnwYP7cBzAbKpYn0hx-6AzOM5hEJA8-vkPJ-M86ODL0V5Fdouxxdj0_TBPW1qvPyKSuZsUGQ0DbokYvPle83STbsh8ug9LzVAPs8sI3fl0kc2YPZYXhRTPGkyNoCiuX-ZqZK0D5PvanyKk5NBcGu-zLaqkVm9gJYOv_ZsmHOd2Lr6PaOwObi7uq2bhCZgjv-AQOFRBnwaaSE9ASQLzH9hRlqFTwzq7hnD2iGyXPwASkiPeYrgTgBAOIBbGKy_1HkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeg1tbHA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKELLABhiY-f7cAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBO9odIRyBPA9M_hA9ATANgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi00ODQyOTA1Nzg3NTIyMDA1GAA&sigh=f4hc86uKtM4&uach_m=[UACH]&cid=CAQSGwDq26N9L-k4L1UWcbPoZ62X0RveBz_MGPvlShgBIBM&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4842905787522005&output=html&h=280&slotname=9680108032&adk=1221332443&adf=2427095399&pi=t.ma~as.9680108032&w=890&fwrn=4&fwrnh=100&lmt=1674141114&rafmt=1&format=890x280&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1674141113991&bpp=2&bdt=619&idt=252&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1027195925911&frm=20&pv=1&ga_vid=1610549778.1674141114&ga_sid=1674141114&ga_hid=1582001668&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=355&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071636&oid=2&pvsid=2459217514302751&tmod=588599450&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8dFxwgRqlb&p=http%3A//vidamelhoresaude.com&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Jan 2023 15:11:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Jan 2023 15:11:54 GMT

GET
DATA 200
OK truncated
/ Frame 1B4F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 796a80d2759d10b3201c8ffcd9760990cdfc57af94816a66252cf13ed1264154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
629 B 271ms
13ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

05820508c84df53318960cc29c2c97ea08136ae4e814175277eb1fac534d20aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://vidamelhoresaude.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://vidamelhoresaude.com
date: Thu, 19 Jan 2023 15:11:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 151 KB
51 KB 94ms
94ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/reactive_library_fy2021.js?bust=31071636

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dffdf101c46a463120117f00e434e86caaf2598954d886febab59df1df54b3a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52388
x-xss-protection: 0
server: cafe
etag: 17088795726213964349
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 15:11:54 GMT

GET
DATA 200
OK truncated
/ 223 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66a7cbffe2e40e48a30d205e06ebaa2d88c2bcdd39e8c4cfdd5a657eb6303f13

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 206
Partial Content v.mp4
store.fadecho.com/ytb/230118/1396939/ 194 KB
194 KB 36ms
29ms Media
video/mp4 2606:4700:1::6813:824e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://store.fadecho.com/ytb/230118/1396939/v.mp4
Requested by: Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09
Protocol: HTTP/1.1
Server: 2606:4700:1::6813:824e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 65f4d9c7a32e5032f91291561460f4ccc999257f71aea6c415ecbe9b32c5fa80

Request headers

Referer: http://vidamelhoresaude.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=5373952-

Response headers

Date: Thu, 19 Jan 2023 15:11:54 GMT
CF-Cache-Status: HIT
Age: 4512
X-Powered-By: ASP.NET
Content-Range: bytes 5373952-5572178/5572179
Connection: keep-alive
Content-Length: 198227
Last-Modified: Tue, 17 Jan 2023 21:52:53 GMT
Server: cloudflare
ETag: "80e8bccbe2ad91:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=691200
CF-RAY: 78c0817088fe9247-FRA
Access-Control-Allow-Headers: *
Expires: Fri, 27 Jan 2023 15:11:54 GMT

GET
H/1.1 200
OK bridge3.552.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 55B8 703 KB
224 KB 41ms
21ms Document
text/html 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.552.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aeb8b6e67c3c02f20a0c010763e30fdb3e684144e5b93e508dfca1c3f0985187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vidamelhoresaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 157049
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Content-Length: 228701
Content-Type: text/html
Cross-Origin-Opener-Policy: same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 17 Jan 2023 19:34:26 GMT
Expires: Wed, 17 Jan 2024 19:34:26 GMT
Last-Modified: Tue, 17 Jan 2023 19:28:53 GMT
Report-To: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server: sffe
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 143ms
67ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Jan 2023 15:11:55 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B4F 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 18:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 18:02:45 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705677114/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1B4F
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705677114/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705677114/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

69ms
7ms

Fetch
video/mp4

2a00:1450:4001:19::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705677114/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7031F106178FAF10BA3E01416D6E8930631369B9.590A23F475BFA62A84368FF9E2527004170AB21A/key/cms1/cms_redirect/yes/mh/aU/mip/2001:ac8:20:271::1e/mm/42/mn/sn-4g5ednds/ms/onc/mt/1674140708/mv/m/mvi/2/pl/53/file/file.mp4

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:19::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 15:11:55 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2225789
Last-Modified: Wed, 21 Dec 2022 13:59:38 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 19 Jan 2023 15:11:55 GMT

Redirect headers

date: Thu, 19 Jan 2023 15:11:55 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705677114/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7031F106178FAF10BA3E01416D6E8930631369B9.590A23F475BFA62A84368FF9E2527004170AB21A/key/cms1/cms_redirect/yes/mh/aU/mip/2001:ac8:20:271::1e/mm/42/mn/sn-4g5ednds/ms/onc/mt/1674140708/mv/m/mvi/2/pl/53/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1B4F 0
54 B 89ms
88ms Ping
image/gif 2a00:1450:4017:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~ld38e7jo&c=5597605295810&slotId=2798802647905&qqid=CPGXrtP10_wCFTNaFQgd5eUAyw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=992&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.ls
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4017:816::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 166ms
138ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?aot=ob&tte=f&lid=158&sdkv=h.3.552.0&e=44733246%2C44748969%2C44750823%2C44765701%2C44768716&id=ima_html5&c=3633133065422163&domain=vidamelhoresaude.com

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

HTTP/1.1

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 15:11:55 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: image/gif
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 23ms
19ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vidamelhoresaude.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 24ms
20ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vidamelhoresaude.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 162ms
138ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?adtagurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fad_type%3Dvideo_text_image%26client%3Dca-video-pub-4842905787522005%26max_ad_duration%3D30000%26adtest%3Doff%26channel%3D1646555409%26description_url%3Dhttp%253A%252F%252Fvidamelhoresaude.com%252Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%2523token%253DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&customPlayback=f&customClick=f&lid=8&sdkv=h.3.552.0&e=44733246%2C44748969%2C44750823%2C44765701%2C44768716&id=ima_html5&c=3633133065422163&domain=vidamelhoresaude.com

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

HTTP/1.1

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 15:11:55 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: image/gif
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 161ms
137ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?tte=f&lid=158&sdkv=h.3.552.0&e=44733246%2C44748969%2C44750823%2C44765701%2C44768716&id=ima_html5&c=3633133065422163&domain=vidamelhoresaude.com

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

HTTP/1.1

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 15:11:55 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: image/gif
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame A7C2 23 KB
9 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 357135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 15 Jan 2023 11:59:40 GMT
expires: Mon, 15 Jan 2024 11:59:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/ Frame EBB3 10 KB
4 KB 16ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vidamelhoresaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 01:52:45 GMT
etag: 10353107486223812946
expires: Thu, 02 Feb 2023 01:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/ Frame F668 10 KB
4 KB 12ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vidamelhoresaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 01:52:45 GMT
etag: 10353107486223812946
expires: Thu, 02 Feb 2023 01:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/ Frame 9C1A 10 KB
4 KB 10ms
8ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vidamelhoresaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 01:52:45 GMT
etag: 10353107486223812946
expires: Thu, 02 Feb 2023 01:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame EBB3 4 KB
636 B 48ms
47ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 15:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 14:44:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Jan 2023 15:11:55 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EBB3 205 B
295 B 43ms
8ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 01:22:40 GMT
x-content-type-options: nosniff
age: 49755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 Jan 2024 01:22:40 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EBB3 604 B
1 KB 42ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 14:20:01 GMT
x-content-type-options: nosniff
age: 3114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 Jan 2024 14:20:01 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/elements/html/ Frame EBB3 19 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 21:36:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8191
x-xss-protection: 0
server: cafe
etag: 7335088802737092762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 21:36:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F668 8 KB
894 B 46ms
44ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 15:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 14:05:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Jan 2023 15:11:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame F668 2 KB
765 B 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:35:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:35:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/ Frame F668 22 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 09:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 09:57:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame F668 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:44:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 10:44:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame F668 18 KB
7 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:14:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:14:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F668 157 KB
49 KB 113ms
72ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 15:11:55 GMT

GET
H2 200 4486906364f6b2babc33c791099553dd.js Show response
www.gstatic.com/mysidia/ Frame F668 33 KB
14 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4486906364f6b2babc33c791099553dd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da18ca5c0fcbb13b7cbcc303389199c34093913017249f2a8ba9a2f27049890a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 04:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14016
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 04:15:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 04:31:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9C1A 8 KB
895 B 46ms
44ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 15:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 14:06:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Jan 2023 15:11:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 9C1A 2 KB
765 B 13ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:35:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:35:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9C1A 0
0 55ms
49ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cy6wsul3JY7PCFIeS_tMPufitkASRp6HBbu_Z9tO8EdrZHhABIITE_4MBYJXikIKgB6AB2qDh_gPIAQmpAiEo4kwCLLI-qAMByAPLBKoElAJP0BlTh2eXzbtp80BS81Laqa-fnSsV6dOlhFGvO4ihZUBcFvaINTq5ALxyvI1ReBAIYLWrq8UeE0bVBJuDdMLwOZYUKWEIju-tY00CvQwGWoAsOp5b3bTTZJ9BvMHE6X4qsxOEOn-kce1wy2I4a0zqBT1Q6pZS4oMJ-ADfR_mBjGvZtY1XccAcI0jzr5-F2KnapthEH4d91vmnpmEIewwWZsO9vcHNJiv4I9cTCg_7RpNFD7blF5-w9HQPibZ2DsdfQfxJfIz6h1R2obJz4ylrHkCNO7367umpPu51-o-IWPAUn6JJbfJzbWVdG_IZH-FlWicoEcf-9x6KIFvsBXn4sBmjSCGyNk9RhAwbB2LyNCJEsPrABM2Uj7yYBKAGLoAHjt-eAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEO840ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwOIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNDg0MjkwNTc4NzUyMjAwNRgA&sigh=P0xGBLBk4to&uach_m=[UACH]&cid=CAQSGwDq26N99uP6MLLfa6cqXL2bJ-y1uT8R_ssCRhgBIBM&template_id=5000

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Jan 2023 15:11:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/ Frame 9C1A 22 KB
9 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 09:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 09:57:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 9C1A 3 KB
1 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:44:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 10:44:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 9C1A 18 KB
7 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:14:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:14:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C1A 157 KB
48 KB 141ms
115ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 15:11:55 GMT

GET
H2 200 4486906364f6b2babc33c791099553dd.js Show response
www.gstatic.com/mysidia/ Frame 9C1A 33 KB
14 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4486906364f6b2babc33c791099553dd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da18ca5c0fcbb13b7cbcc303389199c34093913017249f2a8ba9a2f27049890a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 04:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14016
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 04:15:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 04:31:36 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14798221940311378907/ Frame 9C1A 15 KB
15 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14798221940311378907/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af102f396d4ab2776182def072674e47596249ed1f951548298eb1ba5d328839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:08:54 GMT
x-content-type-options: nosniff
age: 583381
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15827
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 10:56:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jan 2024 21:08:54 GMT

GET
DATA 200
OK truncated
/ Frame 9C1A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9C1A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame A7C2 36 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 06:31:41 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55B8 25 KB
4 KB 980ms
979ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?ad_type=video_text_image&client=ca-video-pub-4842905787522005&max_ad_duration=33000&adtest=off&channel=1646555409&description_url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&vpa=auto&vpmute=1&sdkv=h.3.552.0&video_product_type=0&min_ad_duration=0&sz=888x499&adsafe=high&videoad_start_delay=1&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&ea=0&image_size=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&num_ads=3&t_pyv=allow&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=0.2.0&sdki=445&ptt=20&adk=3734775828&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.552.0&media_url=http%3A%2F%2Fstore.fadecho.com%2Fytb%2F230118%2F1396939%2Fv.mp4&eid=44733246%2C44748969%2C44750823%2C44765701%2C44768716&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&dt=1674141115406&cookie=ID%3Dd5273bbd2e51d543-22b59f7989da0048%3AT%3D1674141114%3ART%3D1674141114%3AS%3DALNI_MYMzJYxOvF3ty2ctZvfoskHVDVLxg&gpic=UID%3D00000ba56e351915%3AT%3D1674141114%3ART%3D1674141114%3AS%3DALNI_MaQxfeJ7S6T1kDz17fnEmF2ohP3YA&correlator=363349547566512&ad_block=1&ged=ve4_td2_er296.356.448.656_vi0.0.1200.1600_vp100_eb24168

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.552.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80768a3b2497c79079a646596dfb1349fdb52ae20087e6092f95efb1908184dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: http://imasdk.googleapis.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3867
x-xss-protection: 0

GET
H3 206 file.mp4
r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705677114/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1B4F 2 MB
2 MB 16ms
7ms Media
video/mp4 2a00:1450:4001:19::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:19::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1cf8ba0f4631a85188ec997a93dad46d37d03750f5a04cf288282a6f41678a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

expires: Thu, 19 Jan 2023 15:11:55 GMT
date: Thu, 19 Jan 2023 15:11:55 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2225788/2225789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2225789
last-modified: Wed, 21 Dec 2022 13:59:38 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/ Frame 7BB1 15 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/index.html

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15aefd6f6e8f96629fbe283d94e638876dd51c0a43a366c53fa924cb7525cd48

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 29232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3814
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 07:04:43 GMT
expires: Fri, 19 Jan 2024 07:04:43 GMT
last-modified: Mon, 27 Sep 2021 11:18:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/ Frame E111 22 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 09:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 09:57:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame E111 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:44:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 10:44:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame E111 18 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:14:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:14:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E111 157 KB
48 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 15:11:55 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7BB1 6 KB
3 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 13:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 20 Jan 2023 13:12:21 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7BB1 34 KB
13 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 19 Jan 2023 19:53:08 GMT

GET
H3 200 de8c995ae96b29edbdb9295a9034f664.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/ Frame 7BB1 77 KB
19 KB 19ms
16ms Script
application/x-javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/de8c995ae96b29edbdb9295a9034f664.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

204de0a8121c68dfce706d7dcbec0425d6900aa7590dff054e8914198cc5cb86

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 01:45:35 GMT
age: 134780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19928
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 11:18:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Jan 2024 01:45:35 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8E5 143 B
166 B 17ms
13ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 14:28:08 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9C1A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d39d95f94a26342174713bf08af7a2620015eadb3abfa6abbf919c6ac689790

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 510F 143 B
166 B 10ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 14:28:08 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F668 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F668 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b0ddf1b2d1887360924b5a61aa752d109693b14854784ec7bf2bc7b513bce45

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dc_oe=ChMI8tXX0_XT_AIV0eXVCh1A2gaYEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCPGXrtP10_wCFTNaFQgd5eUAyw;dc_rmcid=CAQSGwDq26N9L-k4L1UWcbPoZ62X0RveBz_MGPvlShgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA...
ade.googlesyndication.com/ddm/activity/ Frame 1B4F 42 B
107 B 163ms
123ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8tXX0_XT_AIV0eXVCh1A2gaYEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCPGXrtP10_wCFTNaFQgd5eUAyw;dc_rmcid=CAQSGwDq26N9L-k4L1UWcbPoZ62X0RveBz_MGPvlShgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D944%26v%3D20230111%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14976%26vmtime%3D61%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D668477341%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1674141115750;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 1B4F 42 B
64 B 60ms
57ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CcpaCul3JY_HSELO01fAP5cuD2AyO8-WHbrm28e6MEfAuEAEghMT_gwFgleKQgqAHyAEFqQIOBAAVeSayPqgDAcgDmwSqBJgCT9CRXTF4fY6n50HnULiza_qY2vI7p4MU3Z1z-1tsUIhYIS5litwB9qMZ-m6XSV82bOG89MYGtbaPvw41-Dma0xAAS7I0jqyX3TgLhyK9NDAq77NV1P4UiqIk4bqyJ-YKcDnhauoxapoZ8GD-3AcwGyqWJ9IcfugMzjOYRCQPPr5DyfjPOjgy9FeRXaLscXY9P0wT1tarz8ikrmbFBkNA26JGLz5XvN0k27IfLoPS81QD7PLCN35dJHNmD2WF4UUzxpMjaAorl_mamStA-T72p8ipOTQXBrvsy2qpTZpC_PN5ufRWZMSWRFLBbb53Eg7MOnPP0uRrzPKnBDwI02o75pp30mmS30Gh19_EeA6HzYSgdP5uAH3p-cAEpIj3mK4E4AQDkAYBoAZ2gAeg1tbHA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATvaHSEcgTwPTP4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE&sigh=r6iPPug3Z-8&label=part2viewed&ad_mt=61&acvw=sv%3D944%26v%3D20230111%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14976%26vmtime%3D61%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D668477341%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1674141115750

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4842905787522005&output=html&h=280&slotname=9680108032&adk=1221332443&adf=2427095399&pi=t.ma~as.9680108032&w=890&fwrn=4&fwrnh=100&lmt=1674141114&rafmt=1&format=890x280&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1674141113991&bpp=2&bdt=619&idt=252&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1027195925911&frm=20&pv=1&ga_vid=1610549778.1674141114&ga_sid=1674141114&ga_hid=1582001668&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=355&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071636&oid=2&pvsid=2459217514302751&tmod=588599450&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8dFxwgRqlb&p=http%3A//vidamelhoresaude.com&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1B4F 0
622 B 151ms
71ms Image
image/gif 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8qmqxQP5aKhvZk_gvkhXxSkWtZQrqCNKEZAYyeYkBjrZ6f_r94DLqqrVtcEpDc5t6RaRw3nZbsTLWgZQrs2EBEF5WwguQfpcgzB1XbFMNUEKqUGODnoCeBwUaLdePotZ452hn-f9pPseWheAwIo_l1Q_d0yXKTQOvr1Gg4r9Ekq-BM26QqevW6mYXWN1YD8mi1tFeJlDiZDq7Dxa_Cr7hTY5D61MxQ75-DhYmKBfIlXWYBT6HMiuPxuzLXsEkRyTB9dfGB2S9vJI23KE-nwB6SrvrlxzT3gQskvcOnA4YdZK1I7V12KE3Yw9fNaxA2FRoeLRzuGY1cLBrMXBhkQvcMxjz7ntOWx7RbnO2aV-yiVvMjzyvbvZ70MKV8Gbf3qh4Ku-Hmja0R4eQc9TkARDUdjje_oqxDfvt9Xv5y0u9cnriYw43FII1x8RV10EhTYkpyOMNvcpWp25InUuzZWFF67fKeZvoDwGL0f9Ur72UXBpL-bXzDDh_kHe2YpFWgXPlJejNwZseIw5L7ucUvP1VsUcBz-6rYppGagJtQfIxznRvw1ATqevKIV8evDqZRDgOdYgln4dFA0VkXDJSV0FIznXpBMHtCBDVwTWRCDJJTvY7Z3nmbrlSwWQoPbNkrdWR-omQLMqXvIf0q_cX-XUGjhlRi5XFrmZ1iDlOubH0GhYrFCfSE-Ul_1zUvQIMJQmlMMLV5icuaW0iP-9rK1Io6EHNnAwJazIsln8UoNs9oyI2pq-NdlaUDQpxbAgxoezn4F6-2G8xCvicBppkFPCOyqXgwKHwfN2vn-9ulk4D_-j5H1fVrW6A90AYxUlk4u1a5-1nL9qthNsbA8hEaJlsuvJZMTla6GZW4QCLZm8BdLxzVdSpqShnekja9iFzdbG7YtJtoN6xmIzn4ZKuKroRA_d34EyVaMVqWO6RTxpFvSfm1TeC1kES0VW601GIw8DtVkB2O7XAwrUKVitOo0tz8YFH3dO-mI2duG2hmOcc8zz3GW8vg2Jzx8lQCQtoehYc2a2np-UU2jen1doa6GBv12HSQZfP5IP4wT3pwQ8YWz2HzybYCMU_YdB-F4dJREA9PuMzh_1m1Xdb06r5gfVKk_7taEfilXj6tb8JHp_L6LR1-x4TjuRUjx331ARO-jzD-va0TV4MT6SlZQi5pRQVBXYu7jrn0zRKphkmqsT0pXwBDArF4GM50SFb_yxpbsZvKfyZE_qnXw&sai=AMfl-YRBXYf9W3EDUVK4BYO31WpZIn2TgHESHc7Y1_0ADtb_ubKq3ot88SItj7Ztm2Xj8G9I9OjcjOtJHoh4ame05NtCuIUGHHtgiC2DJF84KCgT2Fb54ML4ITQcyEPah8mefs5jzTS2-6zsrfjqrAlBeeISoXPLVl6nE5egPNMLhSMgdsX-NwnFyeQ0qw&sig=Cg0ArKJSzMTWduRPU6ZSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Jan 2023 15:11:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 1B4F 0
16 B 51ms
48ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQtNzy4gMYmPn-3AEgATAB&v=APEucNUqFxKFc1cIJSrYMNaswDqyFpu3xB9Gs1SBneLf-S843TAtMcCyhPJvnVF963R7ksTXPXYykbSMLALaBFd_ggTIrB2yiw

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4842905787522005&output=html&h=280&slotname=9680108032&adk=1221332443&adf=2427095399&pi=t.ma~as.9680108032&w=890&fwrn=4&fwrnh=100&lmt=1674141114&rafmt=1&format=890x280&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1674141113991&bpp=2&bdt=619&idt=252&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1027195925911&frm=20&pv=1&ga_vid=1610549778.1674141114&ga_sid=1674141114&ga_hid=1582001668&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=355&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071636&oid=2&pvsid=2459217514302751&tmod=588599450&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8dFxwgRqlb&p=http%3A//vidamelhoresaude.com&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B4F 0
20 B 138ms
136ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI8tXX0_XT_AIV0eXVCh1A2gaYEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCPGXrtP10_wCFTNaFQgd5eUAyw;dc_rmcid=CAQSGwDq26N9L-k4L1UWcbPoZ62X0RveBz_MGPvlShgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA...
ade.googlesyndication.com/ddm/activity/ Frame 1B4F 42 B
494 B 156ms
118ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8tXX0_XT_AIV0eXVCh1A2gaYEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCPGXrtP10_wCFTNaFQgd5eUAyw;dc_rmcid=CAQSGwDq26N9L-k4L1UWcbPoZ62X0RveBz_MGPvlShgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D944%26v%3D20230111%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14976%26vmtime%3D61%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D668477341%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1674141115750;ecn1=1;etm1=0;eid1=200101;

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1B4F 42 B
64 B 152ms
150ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUeLcI689xz0x1j8I4SYTBydyW0-zf1TIjuSDaxLoh1hgGukU-_HMPBBHn_qD3hKNMza82PpMISDACbRVtiznu_8DrhtrnCe2Aqh0TRPfpupHhB7kuVaUpIqRj&sai=AMfl-YT8TvOBmw1ZpGeGnSqv5xKFfA1jlSGaFt2LNQ5SqufgHimsXmuNdmu4HuUxqcP7EruhgtmmmrVUMG05id4&sig=Cg0ArKJSzMFfBve87HYYEAE&cid=CAQSGwDq26N9L-k4L1UWcbPoZ62X0RveBz_MGPvlShgBIBM&id=lidarv&acvw=sv%3D944%26v%3D20230111%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14976%26vmtime%3D61%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D668477341%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1674141115750&avm=1

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 1B4F 42 B
64 B 60ms
57ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CcpaCul3JY_HSELO01fAP5cuD2AyO8-WHbrm28e6MEfAuEAEghMT_gwFgleKQgqAHyAEFqQIOBAAVeSayPqgDAcgDmwSqBJgCT9CRXTF4fY6n50HnULiza_qY2vI7p4MU3Z1z-1tsUIhYIS5litwB9qMZ-m6XSV82bOG89MYGtbaPvw41-Dma0xAAS7I0jqyX3TgLhyK9NDAq77NV1P4UiqIk4bqyJ-YKcDnhauoxapoZ8GD-3AcwGyqWJ9IcfugMzjOYRCQPPr5DyfjPOjgy9FeRXaLscXY9P0wT1tarz8ikrmbFBkNA26JGLz5XvN0k27IfLoPS81QD7PLCN35dJHNmD2WF4UUzxpMjaAorl_mamStA-T72p8ipOTQXBrvsy2qpTZpC_PN5ufRWZMSWRFLBbb53Eg7MOnPP0uRrzPKnBDwI02o75pp30mmS30Gh19_EeA6HzYSgdP5uAH3p-cAEpIj3mK4E4AQDkAYBoAZ2gAeg1tbHA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATvaHSEcgTwPTP4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE&sigh=r6iPPug3Z-8&label=vast_creativeview&ad_mt=61&acvw=sv%3D944%26v%3D20230111%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14976%26vmtime%3D61%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D668477341%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1674141115750

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4842905787522005&output=html&h=280&slotname=9680108032&adk=1221332443&adf=2427095399&pi=t.ma~as.9680108032&w=890&fwrn=4&fwrnh=100&lmt=1674141114&rafmt=1&format=890x280&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1674141113991&bpp=2&bdt=619&idt=252&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1027195925911&frm=20&pv=1&ga_vid=1610549778.1674141114&ga_sid=1674141114&ga_hid=1582001668&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=355&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071636&oid=2&pvsid=2459217514302751&tmod=588599450&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8dFxwgRqlb&p=http%3A//vidamelhoresaude.com&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 1B4F 0
17 B 86ms
85ms Ping
image/gif 2a00:1450:4017:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=3~ld38e7q2&c=5597605295810&slotId=2798802647905&qqid=CPGXrtP10_wCFTNaFQgd5eUAyw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=992&mt=video%2Fmp4&vs=640x360&dm=15000&ple=1&umsem=0&event_name=first_play&asset_bytes=197889&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.161~videopreviewstarted.163
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4017:816::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7BB1 3 KB
556 B 48ms
47ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400|Ubuntu:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/de8c995ae96b29edbdb9295a9034f664.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

387b160853ac745a823784df8b45b28f35670b19183a76dd64d15ad11bea9273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 15:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 15:11:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Jan 2023 15:11:55 GMT

GET
H3 200 ab1c5a774566fbbb3debe5e33ab625ce.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/media/ Frame 7BB1 7 KB
7 KB 10ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/media/ab1c5a774566fbbb3debe5e33ab625ce.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc569906047bc824621e5b6098ebb52b6ea73d929c05f78938e40337e94305e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 17 Jan 2023 23:14:45 GMT
x-content-type-options: nosniff
age: 143830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 11:18:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jan 2024 23:14:45 GMT

GET
H3 200 6767b94de402ef9c1eed35a51d6812db.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/media/ Frame 7BB1 5 KB
5 KB 12ms
10ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/media/6767b94de402ef9c1eed35a51d6812db.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1b48b559c9986d3fe99d0722e6912bf16843111937f49a7c339230c24ca9504

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 18 Jan 2023 00:19:54 GMT
x-content-type-options: nosniff
age: 139921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5147
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 11:18:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Jan 2024 00:19:54 GMT

GET
H3 200 88fc7ecc6ba5b1d1fa68a6949e96a03d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/media/ Frame 7BB1 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/media/88fc7ecc6ba5b1d1fa68a6949e96a03d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12039498424399452062/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7e60cf84dcfb1f7aa0f83681ad8b8533ae92dac0b57755b9e72403d2d7d4dd4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 17 Jan 2023 23:14:45 GMT
x-content-type-options: nosniff
age: 143830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2367
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 11:18:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jan 2024 23:14:45 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8E5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

174ms
173ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 15:11:56 GMT
expires: Thu, 19 Jan 2023 15:11:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 15:11:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F668 0
18 B 51ms
51ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGKlYul3JY7HCFIeS_tMPufitkASRp6HBbu_Z9tO8EdrZHhABIITE_4MBYJXikIKgB6AB2qDh_gPIAQGpAiEo4kwCLLI-qAMBqgSTAk_Qpjv-Z_GGN26_vFWd0swizb_ONALjs40NpSQKFirHRqiQ3Ko6NDivMegko4E0ULqGHVQo8hd1Vum2tzQ7uaJkkgIAMcCALh_F8-jW2NtGQSTruYs6H9Yfteb736OTgqpk2Qzzn_rrz3FBBqs7I6gch96BpohY1oyHKyIJO4NfdFkjtEkAcvnmjf91hyTtbehoSUFkRyIDhQRXD1R18SUALFDY9oWT-nZ9jhmPJM4AX4gmFq86CB0HNQ1wZ5v-vKixwOHi8wL_PyS8m4DXwFbg9ZJQ1OndZG-w6f90AhYaANxeHlMHGfGsOzav7tEPgtAX09D4TH6gWZ0SNp_MYBaDPcqRDlu6hOxBLm0c8ikoZG7nwATNlI-8mASAB47fngGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCMOdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMDiBQB0BUBmBYBgBcBshccChoIABIUcHViLTQ4NDI5MDU3ODc1MjIwMDUYAA&sigh=4t4ryvFtGc0&uach_m=[UACH]&cid=CAQSGwDq26N99uP6MLLfa6cqXL2bJ-y1uT8R_ssCRhgBIBM&template_id=5020&vis=1

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Jan 2023 15:11:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4377 36 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 06:31:41 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 510F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

204ms
203ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 15:11:56 GMT
expires: Thu, 19 Jan 2023 15:11:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 15:11:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BB1 36 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 06:31:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A7C2 0
20 B 142ms
142ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BOEfdul3JY_KQOtHL1wbAtJvACQAAAAA4AeAEAg&bg=!1Nel15PNAAYDMoyoIzI7ACkAdvg8WvrV9fEi_aYMtVkizY0q2POZWnj0Lp6ifOeqIJbWgRAbCB88KgIAAAHBUgAAAARoAQeZAtoCbY9haI4FLTM0FSU-IeiDcmlVekiqRCRrmSwUgZnDW5NWYwkaih11CxbsUA7-TrB98W1RwZRJR02osQAODXKYyJTbi5WoV-LXT9Xjmn3Fsi1RVnAoVpFgfZqJESFHdaeiiP8ISJwOrl4GIyeJ01_s9NnwvP7VNPKOZaqxpQ7XqhDmxmrynXm9qrV0nH_0hk3JJUKs-eeFKYcEAVOm7DjCxAL8suTzZkIrnU5YZMnVjaqp2PQ8DK-TxagEH143jMwp0vFej7ITTrIglsCVOpdn7LvCbdKy4O24PhRKJs7gCcdiC4GiXU4juVRiSHYjvlvWnCkYW5LrhmMss-P2XJLY9XRg9eeehwf1hAuAoE1YWEi5i-8bx9d6aJ8zZ7nCeRSWSAoJWmrwH05h0PQA5vGPB395vL2tMvc07j0NeJ0TEFVsOvFsfnfOzab2yVnDErTteHirDVxAJQDhW6tBZMVXVqU8GVsc5_lk-EiVCalU408DyT8umtgESIOO7rLDiK3QM3Fvc1PlhDDiEALvtoSczSGQC_lrrB8aUktk3xEoxoxoZ2uf5YzkS6HweMhxG2aOlRaptYpfAh3eCHe_uGz9be7-Lt_SL7LQkjXq9axCm5_y-QFnGlscIjYRGJXDnfPabuA-f96TAr8hrD44dN9cuTNljO0ygIJIDonlDuvC1gjDsIGP5Uk5B1qLfRVAWRzFpraiNkqTR-zesdYNCjL3UZOXe_VjQBWu5KRjWJHBOUEuM1zqUmqkbdyw1HmdCSQ4IDoc10SBRSCFsxbhCi4i1JRpfh5Xz8wTcob0Pj4fcuj4JOLzFQ20FtDHyapdOGh95w9XB8txWUKGbpUE5c9eACI7XM6Y8_Z8sxpaBCXwiDvECO-d8ddHFRzunO-RBEs06kCVbnGUCrxig_RfQmhu8Se3TYD5q7gmqGTSsCqVxuG7qiIJnM0FEz0KjJN1gEFYN2YzS1-_LMCd

Requested by

Host: vidamelhoresaude.com
URL: http://vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 68ms
67ms XHR
application/json 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230117&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2eb709bf5fd816f80ec144ba0fd449f934f02d9fb63e998a965b356fe1a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10923
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 15:11:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 51CD 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vidamelhoresaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6455
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 13:24:21 GMT
expires: Fri, 19 Jan 2024 13:24:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3D87 783 B
971 B 50ms
47ms Document
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0860255f7aea405a7c62da644522c7fa4272f42be5c3e9ec6f99ac06b01b6a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YX-VABW0eZZC7GYH0bpHsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vidamelhoresaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-YX-VABW0eZZC7GYH0bpHsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 15:11:56 GMT
expires: Thu, 19 Jan 2023 15:11:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 51CD 36 KB
15 KB 23ms
21ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 06:31:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3D87 0
0 138ms
137ms Image
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230117&jk=2459217514302751&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 137ms
137ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?vd=diff&oc=f&nc=f&oi=f&ni=f&custVid=386356520&lid=93&sdkv=h.3.552.0&e=44733246%2C44748969%2C44750823%2C44765701%2C44768716&id=ima_html5&c=3633133065422163&domain=vidamelhoresaude.com

Protocol

HTTP/1.1

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 15:11:56 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: image/gif
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 5154612331018803088
tpc.googlesyndication.com/simgad/ Frame 55B8 7 KB
7 KB 7ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5154612331018803088

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbb2a47ff6de833b346d94eff2c5e392f2c7ac0689f9329de961c000a230afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 18:35:07 GMT
x-content-type-options: nosniff
age: 333409
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7457
x-xss-protection: 0
last-modified: Thu, 01 Feb 2018 14:50:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 15 Jan 2024 18:35:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 55B8 0
0 52ms
51ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/adview?ai=Czrsnu13JY9O6GsWNtweaoLPYBKjNwpVtxoHjosAQpZPu88MoEAEgmtevjgFgleKQgqAHoAGitKi_A8gBAqgDAcgDGZgEAKoEzAJP0KodcLja9xkTy_9Jgd7lEoRKPuJDVxACNaneBKJd89JQ_OtUzwLoiTgmqaLqpCGgDcWjwaa6kCEynwxWsUKcUSzRHyY8ZmBpGFj7NC8gyQ6RCVpTuaSvQhmkoDEW7P25RJ206c7dznMuZkjW4_E5Ci-BSkHEfh_YxiZqCHqbgGMVqqJgILgruxLpwpxjKKdwycawTXYbPfbEVIZjThh0c_m1At5vn-V5hj5c4Yu8GNdg1LJHg4Ft2dFKCSj8e21gyt65CswcfZJP63Yvn1npwZiS6x4HjuR-3qcW2N23CJrxSJMaB9EN6ZXa8Ua4vRrOx9DkmB5xDsan8yntUh8ZmLtGdG3hREOuDikYL9vmr8qQ3gl_Px6TYc2SSB_XlpOqFaL0X9W3sVX6uaa7JQRwJyQvC1DyoqFytvdpEbqETSYkKL2cElpzrwgQIsAE0OvziJYEkgUECAQYAaAGAoAHxsvXQKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO-BDtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBwhMGGKK0qL8D2BMN0BUBmBYBgBcBshccChoIABIUcHViLTQ4NDI5MDU3ODc1MjIwMDUYAA&sigh=siWptUOlrag&cmd=Ch1jYS12aWRlby1wdWItNDg0MjkwNTc4NzUyMjAwNRAAGAE&uach_m=[UACH]&cid=CAQSPADq26N96Hhk9SSzDHdPYRDmV21ZaU7OdxyXRD3PfIwXnnJOrNEPx6-vQB8s7Ni_8e66DBnCffAkru9-DRgBIBM&sdkv=h.3.552.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 55B8 42 B
64 B 46ms
45ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cjzmru13JY9O6GsWNtweaoLPYBKjNwpVtxoHjosAQpZPu88MoEAEgmtevjgFgleKQgqAHoAGitKi_A8gBAqgDAcgDGZgEAKoEzwJP0KodcLja9xkTy_9Jgd7lEoRKPuJDVxACNaneBKJd89JQ_OtUzwLoiTgmqaLqpCGgDcWjwaa6kCEynwxWsUKcUSzRHyY8ZmBpGFj7NC8gyQ6RCVpTuaSvQhmkoDEW7P25RJ206c7dznMuZkjW4_E5Ci-BSkHEfh_YxiZqCHqbgGMVqqJgILgruxLpwpxjKKdwycawTXYbPfbEVIZjThh0c_m1At5vn-V5hj5c4Yu8GNdg1LJHg4Ft2dFKCSj8e21gyt65CswcfZJP63Yvn1npwZiS6x4HjuR-3qcW2N23CJrxSJMaB9EN6ZXa8Ua4vRrOx9DkmB5xDsan8yntUh8ZmLtGdG3hREOuDikYL9vmr8qQ3gl_Px6TYc2SSB_XlpOqFaL0X9X1s3RoBXFfI-qUa5KeBNxrx4J4KPxHCU4s5Cmou0a0PkLNXfQWzDLc3sAE0OvziJYEoAYCgAfGy9dAqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAdIIEQiA4YAQEAEYHzICqgI6AoBAsQlHOC36hcPpEIAKAZgLAcgLAbgMAdgTDdAVAZgWAfgWAYAXAQ&sigh=fHpxk2G-ln8&label=vast_creativeview&ad_mt=-1&sdkv=h.3.552.0&vci=CmMIARIbZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2NzAwODYwODQ1NDIMNjMxMzk4NTk3MjgyQOwHUhgQACgAOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 55B8 42 B
64 B 46ms
45ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cjzmru13JY9O6GsWNtweaoLPYBKjNwpVtxoHjosAQpZPu88MoEAEgmtevjgFgleKQgqAHoAGitKi_A8gBAqgDAcgDGZgEAKoEzwJP0KodcLja9xkTy_9Jgd7lEoRKPuJDVxACNaneBKJd89JQ_OtUzwLoiTgmqaLqpCGgDcWjwaa6kCEynwxWsUKcUSzRHyY8ZmBpGFj7NC8gyQ6RCVpTuaSvQhmkoDEW7P25RJ206c7dznMuZkjW4_E5Ci-BSkHEfh_YxiZqCHqbgGMVqqJgILgruxLpwpxjKKdwycawTXYbPfbEVIZjThh0c_m1At5vn-V5hj5c4Yu8GNdg1LJHg4Ft2dFKCSj8e21gyt65CswcfZJP63Yvn1npwZiS6x4HjuR-3qcW2N23CJrxSJMaB9EN6ZXa8Ua4vRrOx9DkmB5xDsan8yntUh8ZmLtGdG3hREOuDikYL9vmr8qQ3gl_Px6TYc2SSB_XlpOqFaL0X9X1s3RoBXFfI-qUa5KeBNxrx4J4KPxHCU4s5Cmou0a0PkLNXfQWzDLc3sAE0OvziJYEoAYCgAfGy9dAqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAdIIEQiA4YAQEAEYHzICqgI6AoBAsQlHOC36hcPpEIAKAZgLAcgLAbgMAdgTDdAVAZgWAfgWAYAXAQ&sigh=fHpxk2G-ln8&label=part2viewed&ad_mt=-1&sdkv=h.3.552.0&vci=CmMIARIbZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2NzAwODYwODQ1NDIMNjMxMzk4NTk3MjgyQOwHUhgQACgAOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9C1A 42 B
64 B 145ms
145ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstm6oSGTiWwmDiDnyYd46jyedBWPWeHGgtvHUugQ7tYrEV3zQSiPIyNQCuTZFPCjlgnZ5ACeVFiotBjWHPmTOSYbq129hmXo3bfzE9l8zSDUJQuN6_6GCzeToqW6o9eruymU1398McXz-1Y6Ea5zq5WXkvKmVtc3gjSk4toxP5dhZC1KVDTaqYscm94t2vsaGLEhRDD-UhlAKuP8hYyGZl-eeCcejPabtiiQwNkWNkLZn-nmTev04q83pzgQokvFM4TcO_c17LTIpOVQD7j-Lb_1sdP6CmPEq2OabXP5tk8ybrmIMtLuQ8NLXGjZhWT20QeTQ7a7vfEKxvO64zeia-d0BOFOi_em9v0o-J40FLgDYZUFY7XyiZi6FjJEGnAmEmTwhGCaFX-u0etTRBHJYjoMjNpmZm0ZspNeVbC37muIPHWgV9Vp7bhMyBnXp8h6JPmwclxdaAzVj5Z32Rw9p4ehwYvzCjmYQjmnvTxnfG9IFCCmiRrLp8kx49lPW3-e7GekGl0LKc0_8r4f6q4y_BSWDqBfuZFAA22Vea9JB37jrvTINkQB6R770bZ2xnitwLYxgqsktCs4Ng0oIKaGo-ZCAHmelpsZeo_mgy4CJ5ixY-nLBVgbgGsA-RNSa0ExyfqgUR7A95MBDLs-DMIi3Bl7oJK_0I9JjNcWVdsFO3vlWa_TfcRIVwI-W0jHL19WN0WAM18ysophFo8aMJchdyP1vTcojrCjox3wptJBNOpOWqC63c6TgkWi61joE17inM9VN5Ox3_Z8XfJKrLFKab77qi5AeYQugsAtdejvTZ4jy3On7yZKBjMdB4D6cc5vzs4Nkv2mPF_PeLR6xpPp0JYbIMhxpc9loe_BneK_EaWKoINdu6wuvYSe4qvXZRCfn97bod0Q-YI9ur7PaZse3aB8Y4GpXgb6yJpD-XNDHZQqHgFLBn7bM75annPlt60D5NQyDyAka3qJL05_1sJk83Q-JhlID3niT8sHSqEYfvPpwilLuuyhPwu1qr5zjjsjVTue3jzyp490LJTYZ9DzwyCbmDsU0db5VmLfOf77fi1BZBPcWtCsVMBF_vB&sai=AMfl-YRgAA2NDiMymMohpz7vXunyIPkhFQ26MkR9xiVrgINVHFy04g_GZJ_a1fJ2y8Y2hnlcicEaVnML_VReilC3-Kbu_HzlOCFdxFMY&sig=Cg0ArKJSzHnpnFUVTL77EAE&cid=CAQSGwDq26N99uP6MLLfa6cqXL2bJ-y1uT8R_ssCRhgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=378,1000,1000,1000,1000&tos=378,622,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1674141115123&rpt=667&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F668 42 B
64 B 142ms
141ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPkb8eYEagl6s2WtLMim4S6lgNjy18h7pv0q-AuuxVGWEZwMz0NqliNo-rrDT2sbjuN3dHcuFMUTqbR5Fg58bRSJeEIY_Pl4ht34lVK2tvfD6z1seehokhfc01tDUqHlZDuFTHiGkho_vNavhPGd12wx6pMVI4Y_JK3Lki267pMSJzpNBW7l1KgLif7sv0gHAdXp65ARhtgzKy_f1_jYekc3LCZfbpc12T7x2m7ZkxTDdz_Vxp2l_fiu5fdgXjPjg0eAywHGDdviJ-QjftUiF49eefVCw_V3Dwdm6btkDBXmfnS4rEkmeAfsBH9k6mWrP8xrkXNvQ4EN9hq4JpOVBgjD-5Zw78pGmVTIXtTU-Zbfzy9u8V-JkQJpCKxUiG09mdko9xP70xEN76VklHaAue156GLNNm2WYcOs3gHKTm8hcghi-sHWDckoiuDfo2-lr-CkS-AyARP5oP6HKj1bC-tDBNCUlCZ3sWpilHvmhtYSuwV01agq-e2fm45erUcFiH-pCF0A5L_V8gQNFsUrcgjVoOxl9thQzEcRjvqIIjCyo5wTKC8j3YfiqF_EkBEZEKEiVaEnRe-597PuEZMPthkEw9xfUFd5iUydmA1kIrMeyCflk-rAWid67e-OTCRl01E4gjzLVaHLzBlw_4_7Ec_gU_LZr81I-cIB5QOqkU9GMODiLkE-0t3yJ1s8IPTHj8ISw_unx_umEMZPoQla4mWfLVKbmA9DfTa3Kstz2NDSqUpaxncVarxDo0FQSK2-aglr4xWde1Pco5oJrV2rZVFQTiLtKz7SeBWaIzYPFZ-O01q-VjuC1QCFOflCc92f69FVrbdsXK0zdsQ3yb2871dk_vqMAv_QdJraOYfw3Ago3BdfFHq7WmKVm5o4suFPZ497Dui30yhOKzSkMPW8uPmqoCbL0HFFRAMGkUurkLiq1M08fT2d_t6NCzRCW0dgd5gfoUjhfqN70mTuEGbxMjqzatPb2T0_csCu1IpEA1zSR6LTM95sC50sP3ORobPov_B4r8vRNzsJCNh857xNOlMu2wdGV8D_YNjGaduW9NluseMgAypQ&sai=AMfl-YShZ30otiFEESVsywHaHqQKxx82FiAO_NHUuLJneRii-3OT3ky22xpIGgcFc9xEdmxIXPqsHqMCzGzhMi8pIRD1khqj7-eShxzB&sig=Cg0ArKJSzLYUY6Vh6YzDEAE&cid=CAQSGwDq26N99uP6MLLfa6cqXL2bJ-y1uT8R_ssCRhgBIBM&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1674141115119&rpt=609&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 141ms
140ms Image
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230117&jk=2459217514302751&bg=!wMOlw4fNAAYDMoyoIzI7ACkAdvg8WgXGH6dZErRl8fTHXI51twbmhxiDN6M8PrqKJ3R1AQbMKfyZJAIAAACYUgAAAARoAQcKADZJlfJXDUaWIQqnLjRcc1OAsKNPgoXG9YVJf1yp-R7kzkbj0KDK6AO1z8UxFsgTpJHvsT0mRemZAp5hmm0tClabG7PU2_5e3jTgb3uaTGybUHuxYXM5SjGdYg0LYTPyEjLg_n-Q1Ije8FqpPesZFLuYg0Nxtn48jy3RL_y-ol4FWzKERVn56ZTwNEjEevGpeZDu4m_e7aFAetxj72cZFEF77VzPTW7TFdvZ4v19mR9_aM_O55QjNFM69sxXyhaWVxcIVWhLDbHBoT4qgSyekx69vBDOkOuWZ7QDYi237Oi0FVYmnaDvJ90GTvYZs-aUGnwt1O_jL8Ca5Xc-_QKMiumI8BHVP43CzeHO2ynLM-c68BXh47a1WTFIxdSG75Pd9a9oMVv7laya5CwN9tv_gP5_WtGm1NMQZCCTegWDT65KJqdclowNxLrHA0MMgmoZXofQzCaUlX6tOZMKWZRAg5gLAhtpF9ZwTGT95SC7EWLUJYQ8xUUiRfcnIoxRjxfclg7onjAGGeGPL7voaLfaD0zUUsP_RgomMlSZyeYGaUGVzIfK8xOlZqjwtJlObx0c2nkRicLaJO0BTtWgaUq9IsYOTt42aju87BEe-v4yaMe96GFivaAa8CbC6OBFjv9UmVIx1WjKIjFYaZ1takiH-IdkWUFesSJrRt49X89eOTv78-ptEyI0_3zpiSCK9Jg1Ssa-dyg21nxK9usjN0seus54oUjBpdNeS8LY9S1pglC3tmg79aV2ZX1AFWl0-cB6slm_R44TU9LTNa1NLFjPSa0SfNa4g1dwXZBLSviFo_AQTWjLcxykg0jKtZ-sT7EpfZu8nml-SHLm9oihD5upi-bnJVd49-63gG23_0mV0jwbRxKiwY3IuLxQW8Ea3GRgjs7uRqyfRa2TU8hwmXyLrBqsqBBTQyPV2k-EL1ijm4SoQfVqKhe9e8XZfE-JApeFuXNqiPZlhUZi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vidamelhoresaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8tXX0_XT_AIV0eXVCh1A2gaYEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCPGXrtP10_wCFTNaFQgd5eUAyw;dc_rmcid=CAQSGwDq26N9L-k4L1UWcbPoZ62X0RveBz_MGPvlShgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D944%26v%3D20230111%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,209,273,682%26tos%3D2014,0,0,0,0%26mtos%3D2014,2014,2014,2014,2014%26amtos%3D0,0,0,0,0%26mcvt%3D2014%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2243%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D230%26dur%3D14976%26vmtime%3D2307%26dtos%3D2014%26dtoss%3D1%26dvs%3D2014%26dfvs%3D2014%26dvpt%3D2243%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D668477341%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2014;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1674141115750;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1B4F 42 B
64 B 145ms
144ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUeLcI689xz0x1j8I4SYTBydyW0-zf1TIjuSDaxLoh1hgGukU-_HMPBBHn_qD3hKNMza82PpMISDACbRVtiznu_8DrhtrnCe2Aqh0TRPfpupHhB7kuVaUpIqRj&sai=AMfl-YT8TvOBmw1ZpGeGnSqv5xKFfA1jlSGaFt2LNQ5SqufgHimsXmuNdmu4HuUxqcP7EruhgtmmmrVUMG05id4&sig=Cg0ArKJSzMFfBve87HYYEAE&cid=CAQSGwDq26N9L-k4L1UWcbPoZ62X0RveBz_MGPvlShgBIBM&id=lidarv&acvw=sv%3D944%26v%3D20230111%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,209,273,682%26tos%3D2014,0,0,0,0%26mtos%3D2014,2014,2014,2014,2014%26amtos%3D0,0,0,0,0%26mcvt%3D2014%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2243%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D230%26dur%3D14976%26vmtime%3D2307%26dtos%3D2014%26dtoss%3D1%26dvs%3D2014%26dfvs%3D2014%26dvpt%3D2243%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D668477341%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2014&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1674141115750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMI8tXX0_XT_AIV0eXVCh1A2gaYEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCPGXrtP10_wCFTNaFQgd5eUAyw;dc_rmcid=CAQSGwDq26N9L-k4L1UWcbPoZ62X0RveBz_MGPvlShgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA...
ade.googlesyndication.com/ddm/activity/ Frame 1B4F 42 B
63 B 119ms
118ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8tXX0_XT_AIV0eXVCh1A2gaYEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCPGXrtP10_wCFTNaFQgd5eUAyw;dc_rmcid=CAQSGwDq26N9L-k4L1UWcbPoZ62X0RveBz_MGPvlShgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D944%26v%3D20230111%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,209,273,682%26tos%3D3706,0,0,0,0%26mtos%3D3706,3706,3706,3706,3706%26amtos%3D0,0,0,0,0%26mcvt%3D3706%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3935%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D3%26pst%3D230%26dur%3D14976%26vmtime%3D3999%26dtos%3D1692%26dtoss%3D2%26dvs%3D1692%26dfvs%3D1692%26dvpt%3D1692%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3706,3706,3706,3706,3706%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D668477341%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3706;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1674141115750;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 1B4F 42 B
64 B 46ms
45ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CcpaCul3JY_HSELO01fAP5cuD2AyO8-WHbrm28e6MEfAuEAEghMT_gwFgleKQgqAHyAEFqQIOBAAVeSayPqgDAcgDmwSqBJgCT9CRXTF4fY6n50HnULiza_qY2vI7p4MU3Z1z-1tsUIhYIS5litwB9qMZ-m6XSV82bOG89MYGtbaPvw41-Dma0xAAS7I0jqyX3TgLhyK9NDAq77NV1P4UiqIk4bqyJ-YKcDnhauoxapoZ8GD-3AcwGyqWJ9IcfugMzjOYRCQPPr5DyfjPOjgy9FeRXaLscXY9P0wT1tarz8ikrmbFBkNA26JGLz5XvN0k27IfLoPS81QD7PLCN35dJHNmD2WF4UUzxpMjaAorl_mamStA-T72p8ipOTQXBrvsy2qpTZpC_PN5ufRWZMSWRFLBbb53Eg7MOnPP0uRrzPKnBDwI02o75pp30mmS30Gh19_EeA6HzYSgdP5uAH3p-cAEpIj3mK4E4AQDkAYBoAZ2gAeg1tbHA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATvaHSEcgTwPTP4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE&sigh=r6iPPug3Z-8&label=videoplaytime25&ad_mt=4000&acvw=sv%3D944%26v%3D20230111%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,209,273,682%26tos%3D3706,0,0,0,0%26mtos%3D3706,3706,3706,3706,3706%26amtos%3D0,0,0,0,0%26mcvt%3D3706%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3935%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D3%26pst%3D230%26dur%3D14976%26vmtime%3D3999%26dtos%3D1692%26dtoss%3D2%26dvs%3D1692%26dfvs%3D1692%26dvpt%3D1692%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3706,3706,3706,3706,3706%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D668477341%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3706&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1674141115750

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4842905787522005&output=html&h=280&slotname=9680108032&adk=1221332443&adf=2427095399&pi=t.ma~as.9680108032&w=890&fwrn=4&fwrnh=100&lmt=1674141114&rafmt=1&format=890x280&url=http%3A%2F%2Fvidamelhoresaude.com%2Fdoc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1674141113991&bpp=2&bdt=619&idt=252&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1027195925911&frm=20&pv=1&ga_vid=1610549778.1674141114&ga_sid=1674141114&ga_hid=1582001668&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=355&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071636&oid=2&pvsid=2459217514302751&tmod=588599450&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8dFxwgRqlb&p=http%3A//vidamelhoresaude.com&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 15:11:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 09:02:22	Name: __cf_bm Value: L1bE0xXTlS7U.gWqK0Cm9p5WyN_KKtNVWxNw_j71A9o-1674141113-0-AYfrycAekobSBf12vKFzX37G2CRtNZ7ACs5/Bs4AQWHpKO9a94BlPgtqAQXpZ1yzenUKnyEpZv+NaeOjFkLrDf4=
.vidamelhoresaude.com/	1970-01-20 18:23:57	Name: __gads Value: ID=d5273bbd2e51d543-22b59f7989da0048:T=1674141114:RT=1674141114:S=ALNI_MYMzJYxOvF3ty2ctZvfoskHVDVLxg
.vidamelhoresaude.com/	1970-01-20 18:23:57	Name: __gpi Value: UID=00000ba56e351915:T=1674141114:RT=1674141114:S=ALNI_MaQxfeJ7S6T1kDz17fnEmF2ohP3YA
vidamelhoresaude.com/	1970-01-20 09:02:42	Name: xxxsskguid1340 Value: 6180d569-fc99-6945-0b59-a72a3a77ce1c
vidamelhoresaude.com/	1970-01-20 09:02:42	Name: lastlocation1340 Value: http%3A//vidamelhoresaude.com/doc_SmhLeFViYVV3UXdTSTNkSTlMMm9SUT09%23token%3DSmhLeFViYVV3UXpuaENrSDAxSGRmUT09
vidamelhoresaude.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1335228%22%3A%7B%22page%22%3A1%2C%22time%22%3A1674141114478%7D%7D
vidamelhoresaude.com/	1970-01-20 09:45:33	Name: _pbjs_userid_consent_data Value: 3524755945110770
.doubleclick.net/	1970-01-20 18:23:57	Name: IDE Value: AHWqTUnl22jA4AjVOqdYLrV4GE542PIy05ZMHMOc9wZGpvxEe0frAlorno268_0t3Y0
.doubleclick.net/	1970-01-20 09:02:24	Name: DSID Value: NO_DATA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 474) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
other	error	URL: http://imasdk.googleapis.com/js/core/bridge3.552.0_en.html#goog_875323781 Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-4842905787522005&fa=1&ifi=6&uci=a!6&btvi=3&xpc=QD0kjHpxGk&p=http%3A//vidamelhoresaude.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-4842905787522005&fa=3&ifi=5&uci=a!5&btvi=2&xpc=hds8GqDRV5&p=http%3A//vidamelhoresaude.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
bid.g.doubleclick.net
c.mgid.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.rawgit.com
cdn16.oss-us-west-1.aliyuncs.com
cdnjs.cloudflare.com
cm.mgid.com
count.xxxssk.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
id5-sync.com
imasdk.googleapis.com
jsc.mgid.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lnkd.in
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-4g5ednds.c.2mdn.net
s-img.mgid.com
s0.2mdn.net
servicer.mgid.com
store.fadecho.com
store.vidamelhoresaude.com
tpc.googlesyndication.com
vidamelhoresaude.com
vstat.borderlessbd.com
www.google.com
www.googletagservices.com
www.gstatic.com
119.28.16.172
13.107.42.14
141.95.98.64
142.250.186.130
142.251.208.98
162.19.138.116
2.18.36.193
2001:41d0:701:1000::2fb3
2400:52e0:1e00::1055:1
2606:4700:10::6816:3556
2606:4700:1::6813:824e
2606:4700:1::6813:844e
2606:4700::6810:5614
2606:4700::6811:190e
2a00:1450:4001:19::7
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400d:804::2002
2a00:1450:400d:805::200e
2a00:1450:400d:80a::200a
2a00:1450:400d:80c::2004
2a00:1450:400d:80c::200a
2a00:1450:400d:80e::2006
2a00:1450:4017:816::2003
2a06:98c1:3120::c
45.113.68.192
47.88.111.40
64.233.167.157
66.248.205.109
05820508c84df53318960cc29c2c97ea08136ae4e814175277eb1fac534d20aa
08c8894ca69591424058ac956d0138b1026b38e8d8a9c3ecdde3c9fff12699b0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b0ddf1b2d1887360924b5a61aa752d109693b14854784ec7bf2bc7b513bce45
0b26bdc47a7927acbcea5b4a917d7528a2fbd106b626935815fd357ad2fae8e4
0c92814958a03435ea9bd585f55b3b8634e8fdb7904e193a2baf6a04135558a9
0d3fda1c1406d6a3601f4c24c0552c2ba174b829ff67cacad285b4aceb676432
0dbb2a47ff6de833b346d94eff2c5e392f2c7ac0689f9329de961c000a230afe
0dc569906047bc824621e5b6098ebb52b6ea73d929c05f78938e40337e94305e
13b112820989ab9a80199462936386d02b99a4fd35911d0ed56edbebcf5ec98e
15aefd6f6e8f96629fbe283d94e638876dd51c0a43a366c53fa924cb7525cd48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf8ba0f4631a85188ec997a93dad46d37d03750f5a04cf288282a6f41678a21
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
204de0a8121c68dfce706d7dcbec0425d6900aa7590dff054e8914198cc5cb86
231c91685d03079e2907888c1b2be5faaa850748572692a4f8e8a9a21d710c6c
24fe15a82ba04931bedf5c19ee71434e8dabcc935273b9182c017df5aedfa4d3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c8d3973045b182a25c23d399c473d74f455db86b3a264747a75ffea301f23e8
2eaccc25e2ba7f12b8d7193dbfb6da5b51a0b1034353a8bbbf64659f46af186d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
341cac54e2233a3ea849713a87fce48e95ed8f3c8317c4d3bdcf0610da762e23
35a889484f15ecee04fbf2353529baba84e1d65acc24f952950cdcca8f2bc121
36e5081637c0cebaec35e2b2509cf0cb9dc4f8752c31c8781e433f9a4475881f
370bc0788f6dafb6aa9a43621476171c3cd8b598520fd595a64dea9c9c7e4a08
387b160853ac745a823784df8b45b28f35670b19183a76dd64d15ad11bea9273
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3cfdf6daca4bb91ff9d776876a289686465be6c3dbfb947d4c86688046408189
3e3ae91c4f9151cc9cd1d895f34bb97fce3f43c0f6618ac82e0057ff4d2cdd85
3fd24e7c378968529220d6592a240724568afc277e27fe5ba6efcef00bb0cc02
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c
4c42bcd5f87a7bb474c1e38471ce2ae52169181ea9ede12f2e538d1992de56e8
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9e2f35002201480b0327101926ffe2060c9f6e73c656ff97e76d03d1bd88eb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
5646999b2c3cfca0e5502e7c05bd24e8a047972730a4e66f9c42bc4bc335df45
56af7df2fd0bcdd8af363b3a03d9d62b92aa39898ef16304c26c698fac446e00
59c1de99ae290d7fd78e52b178bcbeb6f539202b412abfcdea8e48279498fed6
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5ba3de99116648e15b945f844918e44b4c409a558d28e20119538bea2eab41c5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f4d9c7a32e5032f91291561460f4ccc999257f71aea6c415ecbe9b32c5fa80
66a7cbffe2e40e48a30d205e06ebaa2d88c2bcdd39e8c4cfdd5a657eb6303f13
674c2c7ce1d1e4e83b86636a8f3be7156f9a9b0a2022525ebfb31640d33376a3
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6ba98e4f1ad4cedcac0a40e18e8170aca21dda173c008c105ec5806567e51068
6bfd794de8c530d8977ce1fce50327ff6f5ff972e092029a1b47f7b82d8a11ff
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
75a2eb709bf5fd816f80ec144ba0fd449f934f02d9fb63e998a965b356fe1a8f
76c4452cde3d4a112748673445ab39c4ed40b8dae06e7214d95c2fc9259d482f
796a80d2759d10b3201c8ffcd9760990cdfc57af94816a66252cf13ed1264154
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7bcd9ebae1653ada143196bd8777b255dc693f5eba251c019f302be5c530e780
7d39d95f94a26342174713bf08af7a2620015eadb3abfa6abbf919c6ac689790
80768a3b2497c79079a646596dfb1349fdb52ae20087e6092f95efb1908184dc
83430139279a7c9aef5da8fe9bdf67d56350a4836deca67c90d6ad8adc309c47
86a0f107fc0fb63a79d39f942fcf64448352afc1902143c5e91a8415c70080be
88b8ecded67670ed00144030f6f92f1b7b0e5c484aff96710f875a785a7dd66d
8a266dea9032a8ff979cee5d013158c8d530f30dd9621ace7ecb2d61dad39f8a
9af7fd8d18e80b0ac79b602081f75c658a17a7b4599674bf3822bacc9eec5f79
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9fde466e464f7119cab94493c68c6177cea640d570abf93d25e986dcf3fd0b5c
a1b48b559c9986d3fe99d0722e6912bf16843111937f49a7c339230c24ca9504
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5eae695f941e0f2f2cd55847f9b616fad0a136458e2208479f582672b9607ef
a71e96a8eda8ea5968abde4bd93f4c9db1aeca3c4a01f7f0edd6167570e25923
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
acf4a64d3f3bcd4519697e7060aeb3f0ed30ada563dc1cab3ebe93fd082cc3c4
aeb8b6e67c3c02f20a0c010763e30fdb3e684144e5b93e508dfca1c3f0985187
af102f396d4ab2776182def072674e47596249ed1f951548298eb1ba5d328839
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0860255f7aea405a7c62da644522c7fa4272f42be5c3e9ec6f99ac06b01b6a5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b64541cb501a3342c825fcb34a082fcdadcf947d7c592719aade9680c9116592
b784f4a6c9104a23d84a1fd12a6d718f4677a73d73e1ebda1fc44555eeb94f34
bc8ff5fc4b2d224607e923e1731b32c687d5f9e1f43b0368d57a1713ebc92805
bdd287a1188909fb633cd18c9c95bbdaed11071d985d25f27f55e00c6d34a08b
c05bbf6195d149c1e85bb45c06beabaa8b7137190b760a9456c4a6ef71ae2100
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c29734f4c875a2577a04ada079b64b11d6c3bea72d1bc91869ec9613a14bb191
c6485f5ddb1792446607d5e2d2fc2197fc5038e2dc39d342817d5f435904fc0b
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
cb6f42daca24ad58ae6f5bf45288909fe1e0f65906bf0a9bacfd13240e9ca335
cd7f33622e40202167bc44d183879d25497b1e66c51cebb21175b06711e68ce3
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c3ff14daa6148c960fc58bfffa44c86088720d928365989ec328d4b9bbe29f
d3881839e68058da0d1de418ffa2b016b4c1dc69166029420cb7c23281b08b27
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7e60cf84dcfb1f7aa0f83681ad8b8533ae92dac0b57755b9e72403d2d7d4dd4
d83f66fe38fb4d019b188c1456fc14aafcb8bc0bac7c8d5d100df9193560933f
d99c013c454eb15f1198257903223e43213bde920ca979ab2063345d126f2498
da18ca5c0fcbb13b7cbcc303389199c34093913017249f2a8ba9a2f27049890a
dac95f6655c26055fd2524aedf9e816758b5c56fdf140d149c96ef11a26138e9
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
deef6b5cb7fdf841e2553a0288fda37013f9c42c6ca750e74fbff0e7ffa7630e
dffdf101c46a463120117f00e434e86caaf2598954d886febab59df1df54b3a2
e18f1fed9f1e6f203ca87397198165380217282072a16954ea44eefb8af8817d
e1fd259702803d8c2192882f36c04233f38ee352276f37e55731b5698d51dd5e
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ea5edbecdd13908a33dba58e63c1ea39c5a693ac967f6fb1e424e751852ea3
e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7042ea9987be2ab173400e6e9d7a0339c629cf8bfd8276272a12baf3e4cf221
f8f43b59dceac0ff3e4e4f26bb8eef21e4f5af45e16cc92bf5e05558f684a21d
fcda76660ef0b347c5f28e5beb798b0a1438bed451840b7b575f1460647b2a5e
fd182a46b9625200e73903af45fc34610afb5b0fef4b4b7bc6eb5178836c2769
fe4e3a97c0dcd511008c658a75b0986054ab6be96b309062328ca085f47f947d
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

vidamelhoresaude.com Open in urlscan Pro 2a06:98c1:3120::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

174 Requests

78 %HTTPS

69 %IPv6

22 Domains

40 Subdomains

33 IPs

9 Countries

4874 kBTransfer

12700 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vidamelhoresaude.com Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

78 %
HTTPS

69 %
IPv6

22
Domains

40
Subdomains

33
IPs

9
Countries

4874 kB
Transfer

12700 kB
Size

9
Cookies

174 HTTP transactions
14 data transactions