ultimosegundo.ig.com.br Open in urlscan Pro
2606:4700::6812:1d7e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Submission: On November 29 via api (November 29th 2021, 12:46:51 pm UTC) from US — Scanned from DE

Summary HTTP 381 Redirects Links 227 Behaviour Indicators

Summary

This website contacted 60 IPs in 10 countries across 50 domains to perform 381 HTTP transactions. The main IP is 2606:4700::6812:1d7e, located in United States and belongs to CLOUDFLARENET, US. The main domain is ultimosegundo.ig.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 20th 2021. Valid for: a year.

This is the only time ultimosegundo.ig.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700::68... 2606:4700::6812:1d7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
29	2606:4700::68... 2606:4700::6812:1676	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
5	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
14	52.1.252.251 52.1.252.251	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.228.251.145 34.228.251.145	14618 (AMAZON-AES) (AMAZON-AES)
3	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:8600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
18 54	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	2.18.69.50 2.18.69.50	16625 (AKAMAI-AS) (AKAMAI-AS)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	34.234.140.75 34.234.140.75	14618 (AMAZON-AES) (AMAZON-AES)
20	2606:4700:10:... 2606:4700:10::6816:4c5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 3	13.225.77.123 13.225.77.123	16509 (AMAZON-02) (AMAZON-02)
27	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:a1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3039::6815:c0b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.1.181 151.101.1.181	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1 2	148.69.64.76 148.69.64.76	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3039::6815:c0b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
6 12	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
17	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
14 24	23.202.53.51 23.202.53.51	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
24	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
4 4	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 3	52.57.86.173 52.57.86.173	16509 (AMAZON-02) (AMAZON-02)
6 6	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	52.18.40.211 52.18.40.211	16509 (AMAZON-02) (AMAZON-02)
8	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:b45:69d2:4384:b6f4	16509 (AMAZON-02) (AMAZON-02)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	18.193.4.24 18.193.4.24	16509 (AMAZON-02) (AMAZON-02)
2 3	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 4	18.195.106.43 18.195.106.43	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:612... 2600:1f18:612b:4232:542e:84b1:1361:c28e	14618 (AMAZON-AES) (AMAZON-AES)
4 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2a02:2638::3 2a02:2638::3	() ()
1 2	2a02:2638:1::13 2a02:2638:1::13	() ()
1	178.250.0.157 178.250.0.157	() ()
1	2a04:4e42:400... 2a04:4e42:400::300	() ()
1	141.226.224.32 141.226.224.32	() ()
1 3	92.123.9.160 92.123.9.160	() ()
3 3	69.173.144.139 69.173.144.139	() ()
1	2a00:1288:80:... 2a00:1288:80:800::7001	() ()
381	60

3 2606:4700::6812:1d7e (United States)

ASN13335 (CLOUDFLARENET, US)

ultimosegundo.ig.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700::6812:1676 (United States)

ASN13335 (CLOUDFLARENET, US)

i0.statig.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7aaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.1.252.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-252-251.compute-1.amazonaws.com

wfpscripts.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
opi.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.228.251.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-251-145.compute-1.amazonaws.com

webservices.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:8600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 142.250.186.66 (United States) 18 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.69.50 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-69-50.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.140.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-140-75.compute-1.amazonaws.com

msgws.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:10::6816:4c5b (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lp.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.77.123 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-123.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:a1a (United States)

ASN13335 (CLOUDFLARENET, US)

instant.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3039::6815:c0b5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cookies.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.181 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.69.64.76 (Porto, Portugal) 1 redirects

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com

sender.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c0b4 (United States)

ASN13335 (CLOUDFLARENET, US)

osp-assets.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.33.220.240 (Amsterdam, Netherlands) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 23.202.53.51 (Vienna, Austria) 14 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-53-51.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.30 (United States) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.86.173 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-86-173.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.126.56.137 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.40.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-40-211.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:b45:69d2:4384:b6f4 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.4.24 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-4-24.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.195.106.43 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4232:542e:84b1:1361:c28e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (None, )

ASN- ()

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (None, )

ASN- ()

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.123.9.160 (None, ) 1 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (None, ) 3 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (None, )

ASN- ()

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	doubleclick.net 18 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	298 KB
60	googlesyndication.com pagead2.googlesyndication.com cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com tpc.googlesyndication.com	326 KB
41	adform.net track.adform.net s1.adform.net	626 KB
37	taboola.com cdn.taboola.com trc.taboola.com 15.taboola.com am-trc-events.taboola.com vidstat.taboola.com imprammp.taboola.com am-match.taboola.com am-vid-events.taboola.com sync-t1.taboola.com sync.taboola.com pips.taboola.com cds.taboola.com	255 KB
29	statig.com.br i0.statig.com.br	238 KB
24	casalemedia.com 14 redirects dsum-sec.casalemedia.com	21 KB
21	webspectator.com wfpscripts.webspectator.com webservices.webspectator.com msgws.webspectator.com cdn.webspectator.com	179 KB
20	cleverwebserver.com scripts.cleverwebserver.com ui.cleverwebserver.com lp.cleverwebserver.com	238 KB
14	2mdn.net s0.2mdn.net	280 KB
12	adnxs.com 6 redirects ib.adnxs.com	11 KB
10	rubiconproject.com 4 redirects fastlane.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com Failed token.rubiconproject.com	17 KB
9	yahoo.com 7 redirects cms.analytics.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com	4 KB
8	navdmp.com tag.navdmp.com usr.navdmp.com opi.navdmp.com cdn.navdmp.com sync2.navdmp.com sync.navdmp.com	6 KB
6	google.com www.google.com adservice.google.com	2 KB
6	pn.vg cdn.pn.vg osp-assets.pn.vg cookies.pn.vg api.pn.vg	63 KB
5	krxd.net cdn.krxd.net beacon.krxd.net consumer.krxd.net	88 KB
5	googletagservices.com www.googletagservices.com	182 KB
4	spotxchange.com 4 redirects sync.search.spotxchange.com	3 KB
4	bidswitch.net 2 redirects x.bidswitch.net	2 KB
4	adsrvr.org match.adsrvr.org	1 KB
4	lijit.com 4 redirects ap.lijit.com	3 KB
4	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	6 KB
4	unpkg.com 2 redirects unpkg.com	43 KB
4	gstatic.com fonts.gstatic.com	77 KB
3	everesttech.net 2 redirects sync-tm.everesttech.net	1 KB
3	advertising.com 3 redirects pixel.advertising.com	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	quantserve.com secure.quantserve.com pixel.quantserve.com cms.quantserve.com	11 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	6 KB
3	ig.com.br ultimosegundo.ig.com.br	37 KB
2	criteo.net static.criteo.net	53 KB
2	tremorhub.com taboola-supply-partners.tremorhub.com	365 B
2	1rx.io 2 redirects sync.1rx.io	610 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	878 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com	532 B
2	google.de www.google.de adservice.google.de	1 KB
2	clevernt.com 1 redirects sender.clevernt.com	627 B
2	perfectmarket.com widget.perfectmarket.com	29 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	mathtag.com 2 redirects pixel.mathtag.com sync.mathtag.com	1 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com	584 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	createjs.com code.createjs.com	63 KB
1	instant.page instant.page	1 KB
1	quantcount.com rules.quantcount.com	428 B
1	googletagmanager.com www.googletagmanager.com	59 KB
0	netmng.com Failed google2waycm.netmng.com Failed
0	Failed function sub() { [native code] }. Failed
381	50

	Domain	Requested by
49	cm.g.doubleclick.net	18 redirects googleads.g.doubleclick.net cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com eus.rubiconproject.com
32	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
29	i0.statig.com.br	ultimosegundo.ig.com.br www.googletagmanager.com
24	s1.adform.net	track.adform.net s1.adform.net ultimosegundo.ig.com.br
24	dsum-sec.casalemedia.com	14 redirects googleads.g.doubleclick.net
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com googleads.g.doubleclick.net
18	lp.cleverwebserver.com	ultimosegundo.ig.com.br lp.cleverwebserver.com
17	track.adform.net	cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com s1.adform.net
14	s0.2mdn.net	ultimosegundo.ig.com.br s0.2mdn.net cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
13	cdn.taboola.com	ultimosegundo.ig.com.br cdn.taboola.com
13	wfpscripts.webspectator.com	www.googletagmanager.com ultimosegundo.ig.com.br webservices.webspectator.com wfpscripts.webspectator.com
12	ib.adnxs.com	6 redirects i0.statig.com.br googleads.g.doubleclick.net
11	trc.taboola.com	cdn.taboola.com
10	googleads.g.doubleclick.net	cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com ultimosegundo.ig.com.br
6	ups.analytics.yahoo.com	6 redirects
6	cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	webservices.webspectator.com	wfpscripts.webspectator.com webservices.webspectator.com
5	www.googletagservices.com	cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
5	www.google.com	tpc.googlesyndication.com cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
5	securepubads.g.doubleclick.net	www.googletagmanager.com securepubads.g.doubleclick.net
4	sync.search.spotxchange.com	4 redirects
4	x.bidswitch.net	2 redirects imprammp.taboola.com am-match.taboola.com
4	match.adsrvr.org	cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com
4	ap.lijit.com	4 redirects
4	fastlane.rubiconproject.com	i0.statig.com.br
4	unpkg.com	2 redirects ultimosegundo.ig.com.br
4	fonts.gstatic.com	ultimosegundo.ig.com.br fonts.googleapis.com
3	token.rubiconproject.com	3 redirects
3	sync-tm.everesttech.net	2 redirects eus.rubiconproject.com
3	am-trc-events.taboola.com
3	pixel.advertising.com	3 redirects
3	sb.scorecardresearch.com	1 redirects ultimosegundo.ig.com.br
3	ultimosegundo.ig.com.br	ultimosegundo.ig.com.br cdn.pn.vg
2	eus.rubiconproject.com	am-match.taboola.com eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	i0.statig.com.br static.criteo.net
2	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
2	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
2	sync.1rx.io	2 redirects
2	pm.w55c.net	2 redirects
2	image6.pubmatic.com	2 redirects
2	beacon.krxd.net	cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com cdn.krxd.net
2	gcm.ctnsnet.com	2 redirects
2	googleads4.g.doubleclick.net	ultimosegundo.ig.com.br
2	cdn.krxd.net	s0.2mdn.net cdn.krxd.net
2	api.pn.vg	cdn.pn.vg api.pn.vg
2	sender.clevernt.com	1 redirects
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	cdn.pn.vg	ultimosegundo.ig.com.br cdn.pn.vg
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	opi.navdmp.com	tag.navdmp.com
2	tag.navdmp.com	ultimosegundo.ig.com.br tag.navdmp.com
2	fonts.googleapis.com	ultimosegundo.ig.com.br lp.cleverwebserver.com
1	ads.yahoo.com	eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	mug.criteo.com
1	sync.taboola.com	imprammp.taboola.com
1	am-vid-events.taboola.com
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	vidstat.taboola.com	cdn.taboola.com
1	dsp.adfarm1.adition.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
1	r.turn.com
1	ad.turn.com	1 redirects
1	consumer.krxd.net	cdn.krxd.net
1	15.taboola.com	cdn.taboola.com
1	pixel-sync.sitescout.com	cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
1	code.createjs.com	s0.2mdn.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	bidder.criteo.com	i0.statig.com.br
1	cookies.pn.vg	cdn.pn.vg
1	osp-assets.pn.vg	cdn.pn.vg
1	www.google.de
1	ui.cleverwebserver.com	ultimosegundo.ig.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.webspectator.com	wfpscripts.webspectator.com
1	instant.page	ultimosegundo.ig.com.br
1	scripts.cleverwebserver.com	ultimosegundo.ig.com.br
1	msgws.webspectator.com	wfpscripts.webspectator.com
1	ajax.googleapis.com	webservices.webspectator.com
1	pixel.quantserve.com	ultimosegundo.ig.com.br
1	cms.analytics.yahoo.com	ultimosegundo.ig.com.br
1	sync.navdmp.com	ultimosegundo.ig.com.br
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	ultimosegundo.ig.com.br
1	cdn.navdmp.com	tag.navdmp.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	wfpscripts.webspectator.com
1	usr.navdmp.com	tag.navdmp.com
1	www.googletagmanager.com	ultimosegundo.ig.com.br
0	pixel.rubiconproject.com Failed	eus.rubiconproject.com
0	google2waycm.netmng.com Failed	cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
0	localhost Failed	lp.cleverwebserver.com
381	99

This site contains links to these domains. Also see Links.

Domain
www.hopihari.com.br
seguranca.ig.com.br
saudetotal.ig.com.br
cursos.ig.com.br
www.ig.com.br
jogueaqui.ig.com.br
centraldoanunciante.ig.com.br
igcorp.octadesk.com
saude.ig.com.br
odia.ig.com.br
meiahora.ig.com.br
www.facebook.com
www.twitter.com
www.instagram.com
dino.ig.com.br
www.meiahora.com.br
www.revistaforum.com.br
www.diariodocentrodomundo.com.br
economia.ig.com.br
confiavel.com
empreendaexito.ig.com.br
www.infomoney.com.br
queer.ig.com.br
gente.ig.com.br
www.heloisatolipan.com.br
br.jetss.com
lobianco.ig.com.br
lulacerda.ig.com.br
www.otvfoco.com.br
obutecodanet.ig.com.br
www.elhombre.com.br
delas.ig.com.br
www.ativo.com
decorstyle.ig.com.br
desejoluxo.ig.com.br
receitas.ig.com.br
igkids.ig.com.br
salad3.ig.com.br
superela.com
esporte.ig.com.br
www.superlutas.com.br
www.radaresportes.ig.com.br
carros.ig.com.br
canaldopet.ig.com.br
www.caocidadao.com.br
vivainforma.ig.com.br
tecnologia.ig.com.br
igames.ig.com.br
olhardigital.com.br
tecnoblog.net
turismo.ig.com.br
campinas.ig.com.br
guarulhos.ig.com.br
praiagrande.ig.com.br
santos.ig.com.br
araraquara.ig.com.br
saocarlos.ig.com.br
ribeiraopreto.ig.com.br
alphaville.ig.com.br
riopreto.ig.com.br
sorocaba.ig.com.br
tocantins.ig.com.br
catanduva.ig.com.br
aracatuba.ig.com.br
litoralnorte.ig.com.br
mirassol.ig.com.br
igmais.ig.com.br
produtos.ig.com.br
creditos.ig.com.br
vendamais.ig.com.br
twitter.com
api.whatsapp.com
news.google.com
busca.ig.com.br
pro-verbraucher.info
popup.taboola.com
cdn.hoergeraete.hoeren-heute.de
partners.etoro.com
trc.taboola.com
fa52cc.llsdzktnxwnnr.com
info.geers.de
11a21d.llsdzktnxwnnr.com
click.gamingtrk.com
institucional.ig.com.br
www.linkedin.com
www.tiktok.com
open.spotify.com
www.youtube.com

Subject Issuer	Validity	Valid
ig.com.br Cloudflare Inc ECC CA-3	`2021-01-20` - `2022-01-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-17` - `2022-02-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.webspectator.com Go Daddy Secure Certificate Authority - G2	`2021-07-09` - `2022-07-11`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.clevernt.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-23` - `2022-02-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh

This page contains 45 frames:

Primary Page: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Frame ID: 80CDF844228604F3744B26DD8E605E58
Requests: 135 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: D763AD52299D9A504673CCDD69B3AC89
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: 2D63B5524AC9E298770CB75728331194
Requests: 1 HTTP requests in this frame

Frame: https://webservices.webspectator.com/ad?auid=1295359&sz=%5B%5D&pl=%7B%7D&dm=1&ci=0&is=0&piv=100&ts=1638190003754&cc=DE&rc=unknown&sid=F3F8B8AE990D91F6&ct=%7B%7D&s=4298
Frame ID: 45AE8AC4DA8C338018A652C7E3E62DC6
Requests: 1 HTTP requests in this frame

Frame: https://webservices.webspectator.com/ad?auid=1271350&sz=%5B%5D&pl=%7B%7D&dm=1&ci=0&is=0&piv=0&ts=1638190003762&cc=DE&rc=unknown&sid=F3F8B8AE990D91F6&ct=%7B%7D&s=4298
Frame ID: 09DC2940AFA5A7B02AB243B29FC8BB78
Requests: 1 HTTP requests in this frame

Frame: https://cookies.pn.vg/cookie.html
Frame ID: FE2AC76098479337A69770876B893101
Requests: 1 HTTP requests in this frame

Frame: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 14CADC2BBB3591AF3AE807B590A33F0D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: CB0811349C5DFE90BD99EFF439D8344B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BDCC84F6063D310BF4AA96BFE64B4117
Requests: 2 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Frame ID: D7A6243CEAB707E3E68EDB2CBB9C33EB
Requests: 20 HTTP requests in this frame

Frame: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A08136A017F616EAE139176778D30A84
Requests: 18 HTTP requests in this frame

Frame: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8AE0B8A3B5E68535F65028E30DDA8E85
Requests: 16 HTTP requests in this frame

Frame: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BDB7B180710C66F438F0AE0BC0B1E785
Requests: 16 HTTP requests in this frame

Frame: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D410281D277777E51F691E23DE491CB9
Requests: 15 HTTP requests in this frame

Frame: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 88056FD781FB064F5DB28223B8CA51FE
Requests: 19 HTTP requests in this frame

Frame: http://localhost/
Frame ID: 9D5514D1CF457348571452F89D714571
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiQgJeTATAB&v=APEucNVOxM0VKhwpQh8DKexjrVmfeCIw7AO3oqgesZkJ4ARDjXD8BeSRJArPAop2N55B6VUpW_eKL6AksJAoHfqnYUzEC6Bv_uE99jWaZoJx5Ex2pijWM0U7UhqdO0kAHgUNyaqMvVG1dkyfgZmn-KmrVEcTpmz-NLUvrgj_DiLMBEWicjOWvQM
Frame ID: 23BB267CE10764EBD45B7B98A1CFB96E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiv_5aTATAB&v=APEucNUad36xpR1z5Sn8qJRevt79p30N7Y8PQecjtF7EiTMFClrolLvo55fLX6N3XtNwrAk0mV6RXfHLd7M_CJ7DU7caqINr7M4diJfskH2V2Y90g3rfHZVZFN42PGH8AWXuwKrm6g2URLsKwpepBxBgkWnGZeGOmOhwHH1_Gy0GqciTwc-hkX0
Frame ID: 1C21F3FD6943C5104B3F19C8B94B4F29
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiMgJeTATAB&v=APEucNW4ksZUyOIclzSjgmvpCahsOS10kozHg8QwtNS_GhUf4AL5ndN0whqSmRRKZeGRd74Hk9EjMyuIMv4O2ApBXT_fYNOx9PHAX8u6sA_O6xJTty9Vt3kw5MpdAzQ5ds1JZALqyxPK0dkxxQLlBvrhPh2b7gKVSMEhiHxz5xpCVELayC0Hzds
Frame ID: BF113DF0C139BBC3F4886A82DEEC28AB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiMgJeTATAB&v=APEucNVx7d0hvZ7Msdz-e96myxviWBc40h8x4w7BVvZ_oV57UbwgrAPUd6hozZMfMN9iKoJEQlgHv9g-0KdoPmefF2f54wmc0SqDKgaF5udkvyOHu0VWZtts82cw9Cl2-TXT46BsWMiQxBL9HIOOgqX2tTse1HoBAt8VrmgVdqGymAJRf3bTzCU
Frame ID: D462BB2403C9F023DC1B2711E9E8832F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYo8OzZTAB&v=APEucNVLYg8nXtfNbrnlqFbU24Qt3WO0iuyQEwHUJzDgY9jbwsPDx-bfQPOb_hEC3G4_KZZYTY0OSCS8yQw2I8U1RCPO17YvnIchJCOoqW3n92dRqdQRcOxp2QE2OAeUpFiLsILrsiNpsTKAS1ZCoVJDOqYS-nEX2zOMPJPMkjnExhitUy2L79w
Frame ID: 0C122D543D1DB4F87808D32F9C75A47F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C1E9C3438F25268199D8424C3336FB2D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B0EC5145ACAC420A7EF5849FCBE70D93
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 50A133A1B6B70E4E98108D3B6E118D95
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 08F31EF408C63EC8EC724AC4F989AD3F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E95B3D4FF637299E5AD1009EAD433AD3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B1F85BAE35D4903719BD8DCD6DF04B68
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/4528516/1458787418024569/index.html
Frame ID: 9CA3628E58BDFFD377E67BAB83DA7C04
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 69A45BD6499FA20D3796A67B54A5A526
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 22C235FE5B28C780813DF3DB3AB8FD9D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5829C5A5806A60D432BB103997F862C2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6263EB48357037ED8FD1950896C73950
Requests: 9 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/133175/10604295/10604295.js?ADFassetID=10604295&bv=514
Frame ID: D262D09BC6CFC4A745396197D1B57106
Requests: 4 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/133175/10604299/10604299.js?ADFassetID=10604299&bv=514
Frame ID: E229A56594E3DB1FC6D79E6FECF8588C
Requests: 4 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/133175/10604296/10604296.js?ADFassetID=10604296&bv=514
Frame ID: A0E4A3F824739CBCE45F4D6574B23FD6
Requests: 4 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/133175/10604295/10604295.js?ADFassetID=10604295&bv=514
Frame ID: 0DEFDE36517C4AF3406AA786840EFA1E
Requests: 4 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66352515&crid=5585205&dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&cmcv=&pix=undefined&cb=1638190006070&uv=3074&tms=1638190006070&abt=adh5c-1_vA!scec9_vB!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=AB4A4E405198699714430730278&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 57704585658A85625AA579DA8FAF2439
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 04D545C009E863B68C5D7871308AEDEF
Requests: 5 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: BAEAAE58F0996F65103C622B5ED757D4
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: 001B1D7F155A7BAD067413E9B38D6F21
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: 9A77F1EA38078D09C12EC8E564FE1330
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: 4E5FCF94191D126DFC7AF2887B475F45
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: AF040A141AE06A45E423E450AEB28A96
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ultimosegundo.ig.com.br
Frame ID: 6D52E135076FBCA67742B1A0B2B87B1B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: A4EE8AFF609BEA59D195746F59E63D94
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Deltan Dallagnol faz promoção 'black friday' de curso e vira alvo de piadas | Política | iGGroup 3Group 3Group 3Group 3

Page Statistics

381
Requests

83 %
HTTPS

46 %
IPv6

50
Domains

99
Subdomains

60
IPs

10
Countries

3222 kB
Transfer

7929 kB
Size

69
Cookies

227 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hopihari.com.br/?utm_source=header&utm_medium=home
Title: Hopi Hari

Search URL Search Domain Scan URL

URL: https://seguranca.ig.com.br/?utm_source=header&utm_medium=home
Title: iG Segurança Digital

Search URL Search Domain Scan URL

URL: https://saudetotal.ig.com.br/?utm_source=header&utm_medium=home
Title: iG Saúde Total

Search URL Search Domain Scan URL

URL: https://cursos.ig.com.br/?utm_source=header&utm_medium=home
Title: iG Cursos

Search URL Search Domain Scan URL

URL: https://www.ig.com.br/compara/
Title: iG Compara

Search URL Search Domain Scan URL

URL: https://www.ig.com.br/cupons/?utm_source=header&utm_medium=home
Title: iG Cupons

Search URL Search Domain Scan URL

URL: https://jogueaqui.ig.com.br/?utm_source=header&utm_medium=home
Title: Jogos Grátis

Search URL Search Domain Scan URL

URL: http://centraldoanunciante.ig.com.br/
Title: Anuncie no iG

Search URL Search Domain Scan URL

URL: https://igcorp.octadesk.com/kb/
Title: Fale conosco

Search URL Search Domain Scan URL

URL: https://www.ig.com.br/

Search URL Search Domain Scan URL

URL: http://www.ig.com.br/assine
Title: iG Mail

Search URL Search Domain Scan URL

URL: http://saude.ig.com.br/
Title: Saúde

Search URL Search Domain Scan URL

URL: http://odia.ig.com.br/
Title: O Dia/Rio

Search URL Search Domain Scan URL

URL: http://meiahora.ig.com.br/
Title: Meia Hora

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ig

Search URL Search Domain Scan URL

URL: https://www.twitter.com/iG

Search URL Search Domain Scan URL

URL: https://www.instagram.com/portal_ig/

Search URL Search Domain Scan URL

URL: https://dino.ig.com.br/
Title: Dino

Search URL Search Domain Scan URL

URL: https://saude.ig.com.br/
Title: Saúde

Search URL Search Domain Scan URL

URL: https://odia.ig.com.br/
Title: O Dia/Rio

Search URL Search Domain Scan URL

URL: https://www.meiahora.com.br/
Title: Meia Hora

Search URL Search Domain Scan URL

URL: http://www.revistaforum.com.br/
Title: Revista Forum

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/
Title: Diário do Centro do Mundo

Search URL Search Domain Scan URL

URL: https://economia.ig.com.br/
Title: Economia

Search URL Search Domain Scan URL

URL: https://economia.ig.com.br/agronegocio/
Title: Agronegócio

Search URL Search Domain Scan URL

URL: https://economia.ig.com.br/mercados/
Title: Mercados

Search URL Search Domain Scan URL

URL: https://economia.ig.com.br/criptomoedas/
Title: Criptomoedas

Search URL Search Domain Scan URL

URL: https://economia.ig.com.br/financas/
Title: Finanças Pessoais

Search URL Search Domain Scan URL

URL: https://economia.ig.com.br/previdencia/
Title: Previdência

Search URL Search Domain Scan URL

URL: https://economia.ig.com.br/financas/impostoderenda/
Title: Imposto de Renda

Search URL Search Domain Scan URL

URL: https://economia.ig.com.br/noticias/
Title: Últimas Notícias

Search URL Search Domain Scan URL

URL: https://economia.ig.com.br/colunas
Title: +Sites, Blogs e Colunas

Search URL Search Domain Scan URL

URL: https://economia.ig.com.br/1bilhao/
Title: 1 Bilhão

Search URL Search Domain Scan URL

URL: https://economia.ig.com.br/colunas/defesa-do-consumidor/
Title: Defesa do Consumidor

Search URL Search Domain Scan URL

URL: https://confiavel.com/forex/
Title: Forex

Search URL Search Domain Scan URL

URL: http://economia.ig.com.br/colunas/gestao-e-negocios-com-eduardo-orfao/
Title: Gestão & Negócios com Eduardo Orfão

Search URL Search Domain Scan URL

URL: https://empreendaexito.ig.com.br/
Title: iG Empreenda com Êxito

Search URL Search Domain Scan URL

URL: https://www.infomoney.com.br/
Title: InfoMoney

Search URL Search Domain Scan URL

URL: https://economia.ig.com.br/colunas/o-dinheiro-do-povo/
Title: O Dinheiro do Povo

Search URL Search Domain Scan URL

URL: https://queer.ig.com.br/
Title: Queer

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/
Title: Gente

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/cultura/
Title: Cultura

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/celebridades/
Title: Celebridades

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/fofocas-famosos/
Title: Fofoca dos famosos

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/tvenovela/
Title: TV & Novelas

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/noticias/
Title: Últimas Notícias

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/colunas
Title: +Sites, Blogs e Colunas

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/colunas/bastidores/
Title: Bastidores

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/colunas/cineclube
Title: Cineclube

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/colunas/fabia-oliveira/
Title: Fabia Oliveira

Search URL Search Domain Scan URL

URL: http://www.heloisatolipan.com.br/
Title: Heloisa Tolipan

Search URL Search Domain Scan URL

URL: http://br.jetss.com/
Title: Jetss

Search URL Search Domain Scan URL

URL: https://lobianco.ig.com.br/
Title: Lo Bianco

Search URL Search Domain Scan URL

URL: http://lulacerda.ig.com.br/
Title: Lú Lacerda

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/colunas/marcelo-bandeira
Title: Marcelo Bandeira

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/colunas/quehistoriaeessa/
Title: Que história é essa?

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/colunas/quarta-capa-por-elisa-dinis/
Title: Quarta Capa por Elisa Dinis

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/colunas/musicjournal/
Title: The Music Journal Brazil

Search URL Search Domain Scan URL

URL: https://www.otvfoco.com.br/
Title: O Tv Foco

Search URL Search Domain Scan URL

URL: https://obutecodanet.ig.com.br/
Title: O Buteco da Net

Search URL Search Domain Scan URL

URL: https://www.elhombre.com.br/
Title: El Hombre

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/
Title: Delas

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/amoresexo/
Title: Amor e Sexo

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/alimentacao-e-bem-estar/
Title: Alimentação e Bem-estar

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/beleza/
Title: Beleza

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/casa/
Title: Casa

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/filhos/
Title: Filhos

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/horoscopo/
Title: Horóscopo

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/horoscopo/sinastria/
Title: Sinastria Amorosa

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/comportamento/simpatias/
Title: Simpatias

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/colunas/previsao-e-astros/
Title: Previsão e Astros

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/moda/
Title: Moda

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/noivas/
Title: Noivas

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/noticias
Title: Últimas Notícias

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/colunas/
Title: +Sites, Blogs e Colunas

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/parceiros/altoastral/
Title: Alto Astral

Search URL Search Domain Scan URL

URL: https://www.ativo.com/
Title: Ativo

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/colunas/amor-e-limites/
Title: Amor e Limites

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/colunas/beluquices/
Title: Berluquices- Mesa por Isabela Azevedo

Search URL Search Domain Scan URL

URL: https://decorstyle.ig.com.br/
Title: DecorStyle

Search URL Search Domain Scan URL

URL: https://desejoluxo.ig.com.br/
Title: Desejo&Luxo

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/colunas/dentro-de-casa-por-heloisa-yamashiro/
Title: Dentro de casa por Heloisa Yamashiro

Search URL Search Domain Scan URL

URL: https://receitas.ig.com.br/guiadacozinha/
Title: Guia da Cozinha

Search URL Search Domain Scan URL

URL: http://igkids.ig.com.br/
Title: iG Kids

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/parceiros/joaobidu/
Title: João Bidu

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/colunas/mae-na-real/
Title: Mãe na Real

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/colunas/neusapandolfo/
Title: Neusa Pandolfo

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/colunas/plastica-sem-medo/
Title: Plástica sem medo

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/colunas/rachel-toyama/
Title: Rachel Toyama

Search URL Search Domain Scan URL

URL: https://salad3.ig.com.br/
Title: Salad3

Search URL Search Domain Scan URL

URL: https://superela.com/
Title: SuperEla

Search URL Search Domain Scan URL

URL: https://esporte.ig.com.br/
Title: Esporte

Search URL Search Domain Scan URL

URL: https://esporte.ig.com.br/futebol/
Title: Futebol Nacional

Search URL Search Domain Scan URL

URL: https://esporte.ig.com.br/futebol/internacional/
Title: Futebol Internacional

Search URL Search Domain Scan URL

URL: https://esporte.ig.com.br/olimpiadas/
Title: Olimpíadas

Search URL Search Domain Scan URL

URL: https://esporte.ig.com.br/futebol/selecaobrasileira/
Title: Seleções

Search URL Search Domain Scan URL

URL: https://esporte.ig.com.br/maisesportes/
Title: Mais esportes

Search URL Search Domain Scan URL

URL: http://esporte.ig.com.br/basquete
Title: Basquete

Search URL Search Domain Scan URL

URL: https://esporte.ig.com.br/maisesportes/esportes-americanos/
Title: Esportes Americanos

Search URL Search Domain Scan URL

URL: http://esporte.ig.com.br/automobilismo
Title: Fórmula 1

Search URL Search Domain Scan URL

URL: http://esporte.ig.com.br/lutas
Title: Lutas

Search URL Search Domain Scan URL

URL: http://esporte.ig.com.br/maisesportes/surfe/
Title: Surfe

Search URL Search Domain Scan URL

URL: http://esporte.ig.com.br/tenis
Title: Tênis

Search URL Search Domain Scan URL

URL: http://esporte.ig.com.br/volei
Title: Vôlei

Search URL Search Domain Scan URL

URL: https://esporte.ig.com.br/fotos/
Title: Galeria de Fotos

Search URL Search Domain Scan URL

URL: https://esporte.ig.com.br/noticias/
Title: Últimas Notícias

Search URL Search Domain Scan URL

URL: https://esporte.ig.com.br/colunas/
Title: +Sites, Blogs e Colunas

Search URL Search Domain Scan URL

URL: http://esporte.ig.com.br/colunas/agfight
Title: AgFight: tudo sobre MMA

Search URL Search Domain Scan URL

URL: http://esporte.ig.com.br/colunas/de-bico-com-cimatti/
Title: De bico com Cimatti

Search URL Search Domain Scan URL

URL: https://www.superlutas.com.br/
Title: Super Lutas

Search URL Search Domain Scan URL

URL: http://esporte.ig.com.br/colunas/ultima-divisao
Title: Última Divisão

Search URL Search Domain Scan URL

URL: https://www.radaresportes.ig.com.br/
Title: Radar Esportes

Search URL Search Domain Scan URL

URL: https://carros.ig.com.br/
Title: Carros

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/
Title: Pets

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/guia-bichos/
Title: Guia de Bichos

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/guia-bichos/cachorros/
Title: Cachorros

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/guia-bichos/gatos/
Title: Gatos

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/guia-bichos/peixes/
Title: Peixes

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/guia-bichos/passaros/
Title: Pássaros

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/guia-bichos/exoticos/
Title: Exóticos

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/cuidados/
Title: Cuidados

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/cuidados/comidas/
Title: Comidas

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/cuidados/saude/
Title: Saúde

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/cuidados/dicas/
Title: Dicas

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/curiosidades/
Title: Curiosidades

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/curiosidades/racas/
Title: Raças

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/curiosidades/especiais/
Title: Especiais

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/curiosidades/videos/
Title: Vídeos

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/adestramento/
Title: Adestramento

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/adestramento/dicas/
Title: Dicas

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/adestramento/comportamento/
Title: Comportamento

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/adestramento/psicologia/
Title: Psicologia

Search URL Search Domain Scan URL

URL: http://www.caocidadao.com.br/?utm_source=portalig&utm_medium=canalig&utm_campaign=ig
Title: Cão Cidadão

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/servicos/adocao/
Title: Serviços

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/colunas/
Title: +Sites, Blogs e Colunas

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/colunas/adestramento-comportamental/
Title: Adestramento Comportamental

Search URL Search Domain Scan URL

URL: https://canaldopet.ig.com.br/colunas/petnut
Title: PetNut

Search URL Search Domain Scan URL

URL: https://saude.ig.com.br/especiais/semana-da-saude
Title: Semana da Saúde

Search URL Search Domain Scan URL

URL: https://saude.ig.com.br/coronavirus/
Title: Coronavírus

Search URL Search Domain Scan URL

URL: https://saude.ig.com.br/alimentacao/dieta/
Title: Programas de Dieta

Search URL Search Domain Scan URL

URL: https://saude.ig.com.br/bemestar/exercicios/
Title: Programa de Exercícios

Search URL Search Domain Scan URL

URL: https://saude.ig.com.br/minhasaude/
Title: Minha saúde

Search URL Search Domain Scan URL

URL: https://saude.ig.com.br/colunas/
Title: +Sites, Blogs e Colunas

Search URL Search Domain Scan URL

URL: https://saude.ig.com.br/colunas/bruno-puglisi-odontologia/
Title: Bruno Puglisi - Odontologia

Search URL Search Domain Scan URL

URL: https://vivainforma.ig.com.br/
Title: Viva Informa

Search URL Search Domain Scan URL

URL: https://tecnologia.ig.com.br/
Title: Tec

Search URL Search Domain Scan URL

URL: https://tecnologia.ig.com.br/celulares/
Title: Celulares

Search URL Search Domain Scan URL

URL: https://tecnologia.ig.com.br/dicas/
Title: Dicas

Search URL Search Domain Scan URL

URL: https://igames.ig.com.br/
Title: eGames

Search URL Search Domain Scan URL

URL: https://tecnologia.ig.com.br/analise/
Title: Reviews

Search URL Search Domain Scan URL

URL: https://tecnologia.ig.com.br/noticias/
Title: Últimas Notícias

Search URL Search Domain Scan URL

URL: https://tecnologia.ig.com.br/colunas/internet-sem-aspas/
Title: Internet sem aspas

Search URL Search Domain Scan URL

URL: https://olhardigital.com.br/
Title: Olhar Digital

Search URL Search Domain Scan URL

URL: https://tecnoblog.net/meiobit/
Title: Meio Bit

Search URL Search Domain Scan URL

URL: https://tecnoblog.net/
Title: Tecnoblog

Search URL Search Domain Scan URL

URL: https://www.ig.com.br/cupons
Title: Cupons

Search URL Search Domain Scan URL

URL: https://www.ig.com.br/cupons/cupom-desconto-saraiva
Title: Saraiva

Search URL Search Domain Scan URL

URL: https://www.ig.com.br/cupons/descontos-ponto-frio
Title: Ponto Frio

Search URL Search Domain Scan URL

URL: https://www.ig.com.br/cupons/cupom-de-desconto-extra
Title: Extra

Search URL Search Domain Scan URL

URL: https://turismo.ig.com.br/
Title: Turismo

Search URL Search Domain Scan URL

URL: https://campinas.ig.com.br/
Title: Campinas

Search URL Search Domain Scan URL

URL: https://guarulhos.ig.com.br/
Title: Guarulhos

Search URL Search Domain Scan URL

URL: https://praiagrande.ig.com.br/
Title: Praia Grande

Search URL Search Domain Scan URL

URL: https://santos.ig.com.br/
Title: Santos

Search URL Search Domain Scan URL

URL: http://araraquara.ig.com.br/
Title: Araraquara

Search URL Search Domain Scan URL

URL: http://saocarlos.ig.com.br/
Title: São Carlos

Search URL Search Domain Scan URL

URL: http://ribeiraopreto.ig.com.br/
Title: Ribeirão Preto

Search URL Search Domain Scan URL

URL: https://alphaville.ig.com.br/
Title: Alphaville

Search URL Search Domain Scan URL

URL: https://riopreto.ig.com.br/
Title: São José do Rio Preto

Search URL Search Domain Scan URL

URL: https://sorocaba.ig.com.br/
Title: Sorocaba

Search URL Search Domain Scan URL

URL: https://tocantins.ig.com.br/
Title: Tocantins

Search URL Search Domain Scan URL

URL: https://catanduva.ig.com.br/
Title: Catanduva

Search URL Search Domain Scan URL

URL: https://aracatuba.ig.com.br/
Title: Araçatuba

Search URL Search Domain Scan URL

URL: https://litoralnorte.ig.com.br/
Title: Litoral Norte

Search URL Search Domain Scan URL

URL: http://mirassol.ig.com.br/
Title: Mirassol

Search URL Search Domain Scan URL

URL: https://igmais.ig.com.br/
Title: iG Mais

Search URL Search Domain Scan URL

URL: https://igmais.ig.com.br/prnewswire/
Title: PR Newswire

Search URL Search Domain Scan URL

URL: http://produtos.ig.com.br/
Title: iG produtos

Search URL Search Domain Scan URL

URL: https://seguranca.ig.com.br/?utm_source=home&utm_medium=menuigprodutos
Title: iG Segurança Digital

Search URL Search Domain Scan URL

URL: https://saudetotal.ig.com.br/?utm_source=home&utm_medium=menuigprodutos
Title: iG Saúde Total

Search URL Search Domain Scan URL

URL: https://creditos.ig.com.br/?utm_source=home&utm_medium=menuigprodutos
Title: iG Créditos

Search URL Search Domain Scan URL

URL: https://www.ig.com.br/compara/?utm_source=home&utm_medium=menuigprodutos
Title: iG Compara

Search URL Search Domain Scan URL

URL: https://www.ig.com.br/cupons/?utm_source=home&utm_medium=menuigprodutos
Title: iG Cupons

Search URL Search Domain Scan URL

URL: https://cursos.ig.com.br/?utm_source=home&utm_medium=menuigprodutos
Title: iG Cursos

Search URL Search Domain Scan URL

URL: https://vendamais.ig.com.br/?utm_source=home&utm_medium=menuigprodutos
Title: iG Venda+

Search URL Search Domain Scan URL

URL: https://jogueaqui.ig.com.br/?utm_source=home&utm_medium=menuigprodutos
Title: Jogue Aqui

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&utm_source=facebook.com&utm_medium=referral&utm_campaign=botao_social

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&text=Deltan%20Dallagnol faz%20promo%C3%A7%C3%A3o%20%27black%20friday%27%20de%20curso%20e%20vira%20alvo%20de%20piadas&utm_source=t.co&utm_medium=referral&utm_campaign=botao_social

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMJjshQswu52DAw?hl=pt-BR&gl=BR&ceid=BR:pt-419
Title: Siga o iG no Google News

Search URL Search Domain Scan URL

URL: https://busca.ig.com.br/buscar/?q=Lava%20Jato&o=IG*&c=all&t=all&d=all&p=1&s=IG*&utm_source=tags&utm_medium=articles
Title: Lava Jato

Search URL Search Domain Scan URL

URL: https://busca.ig.com.br/buscar/?q=Deltan%20Dallagnol&o=IG*&c=all&t=all&d=all&p=1&s=IG*&utm_source=tags&utm_medium=articles
Title: Deltan Dallagnol

Search URL Search Domain Scan URL

URL: https://busca.ig.com.br/buscar/?q=combate%20%C3%A0%20corrup%C3%A7%C3%A3o&o=IG*&c=all&t=all&d=all&p=1&s=IG*&utm_source=tags&utm_medium=articles
Title: combate à corrupção

Search URL Search Domain Scan URL

URL: https://busca.ig.com.br/buscar/?q=MPF&o=IG*&c=all&t=all&d=all&p=1&s=IG*&utm_source=tags&utm_medium=articles
Title: MPF

Search URL Search Domain Scan URL

URL: https://busca.ig.com.br/buscar/?q=black%20friday&o=IG*&c=all&t=all&d=all&p=1&s=IG*&utm_source=tags&utm_medium=articles
Title: black friday

Search URL Search Domain Scan URL

URL: https://pro-verbraucher.info/sterbegeld/?utm_source=taboola&utm_medium=display&utm_campaign=5459_pSGVE_D-PRO-Lead-Outbound-Taboola_wac7526942_wmid592188347699433472&utm_term=oglobo.globo.com&utm_content=Mit+diesem+Trick+zahlt+man+kein+Sterbegeld+mehr&publisher=ig-internetgroup-network&tblci=GiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyCm0U8omb7JgPDt0OgI#tblciGiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyCm0U8omb7JgPDt0OgI
Title: Pro Verbraucher

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=ig-internetgroup-network&utm_medium=referral&utm_content=organic-thumbs-feed-02-mp:Most%20Popular%20Thumbnails:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: https://cdn.hoergeraete.hoeren-heute.de/independent_akustiker/?utm_content=3049624230&utm_publisher_ID=ig-internetgroup-network&mkt_tool_id=97bf20&utm_term=97bf20&act=ACT0000037289ACT&utm_source=taboola&utm_medium=display&utm_campaign=de_de_hoe_display_taboola_de_hh_independent_akustiker_acq_desktop_cw46_audibene-de2-sc_ACT0000037289ACT&utm_creative_ID=3049624230&aud_adcopy=Gunzenhausen%3A+Wie+dieser+H%C3%B6rakustiker+die+gro%C3%9Fen+Ketten+%C3%A4rgert&tbclid=GiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyDrvUIokN2Q4oDH04xa#tblciGiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyDrvUIokN2Q4oDH04xa
Title: Hören heute

Search URL Search Domain Scan URL

URL: https://pro-verbraucher.info/sterbegeld/?utm_source=taboola&utm_medium=display&utm_campaign=5459_pSGVE_D-PRO-Lead-Outbound-Taboola_wac7526942_wmid592188347699433472&utm_term=oglobo.globo.com&utm_content=Mit+diesem+Trick+zahlt+man+kein+Sterbegeld+mehr&publisher=ig-internetgroup-network&tblci=GiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyCm0U8onNG1oZu6nMxK#tblciGiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyCm0U8onNG1oZu6nMxK
Title: Pro Verbraucher

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=ig-internetgroup-network&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: https://cdn.hoergeraete.hoeren-heute.de/independent_akustiker/?utm_content=3049624230&utm_publisher_ID=ig-internetgroup-network&mkt_tool_id=97bf20&utm_term=97bf20&act=ACT0000037289ACT&utm_source=taboola&utm_medium=display&utm_campaign=de_de_hoe_display_taboola_de_hh_independent_akustiker_acq_desktop_cw46_audibene-de2-sc_ACT0000037289ACT&utm_creative_ID=3049624230&aud_adcopy=Gunzenhausen%3A+Wie+dieser+H%C3%B6rakustiker+die+gro%C3%9Fen+Ketten+%C3%A4rgert&tbclid=GiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyDrvUIom6H45dr0z6iWAQ#tblciGiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyDrvUIom6H45dr0z6iWAQ
Title: Hören heute

Search URL Search Domain Scan URL

URL: https://partners.etoro.com/aw.aspx?A=45729&Task=Click&SubAffiliateID=DE_HF_Desk_LP_Crypto_Bitcoin_09-03-20_Taboola_AFFID_45729_&TargetURL=https://go.etoro.com/de/dynamic?symbol=btc&utm_source=taboola&utm_medium=referral&tblci=GiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyCY_EgokeutgYSQ24VH#tblciGiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyCY_EgokeutgYSQ24VH
Title: eToro

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=ig-internetgroup-network&utm_medium=referral&utm_content=thumbs-feed-01-b:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ig-internetgroup-network/log/3/click?pi=%2Fpolitica%2Ffora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&ri=e04f0656e35cde1537fae6c5f67cfb40&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ui=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&it=video&ii=~~V1~~-5040916269683481311~~Rbm9jXcYM1ZWxU5e5YJwalsaWRTK8qetUapPLRVCeGXTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1l4BhVWu1Dsh65N_xRLXJJdCVePkSDvpXJ2CTyivM3XECBUvKq_n-d7w24kEDDMrNunY28tHFek__VC2JD74Wzdjcvd5z9FdLxED4x8ijqOrN_L6NsgJ4Gg6iRQ8pjfEkFOjkVB2KDxoZNekyGvI0EQCXrbKYG3dScYFXPt6Sv82aX0nUjQ5pQd1whpNs8Kbo8&pt=text&li=rbox-t2v&sig=88b5dc61e30ff98a534eaf6d537cd58ac7a3d252db33&redir=https%3A%2F%2Fpartners.etoro.com%2Faw.aspx%3FA%3D45729%26Task%3DClick%26SubAffiliateID%3DDE_HF_Desk_LP_Crypto_Bitcoin_09-03-20_Taboola_AFFID_45729_%26TargetURL%3Dhttps%3A%2F%2Fgo.etoro.com%2Fde%2Fdynamic%3Fsymbol%3Dbtc%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyCY_EgokeutgYSQ24VH%23tblciGiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyCY_EgokeutgYSQ24VH&vi=1638190004598&p=etoronew-sc&r=99&lti=deflated&ppb=CE0&cpb=EhIyMDIxMTEyOC0zLVJFTEVBU0UYzf2B5gUgACoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIJd2F0ZXI0MTQ3OICspIALQJvjCUiCihBQzMrZA1il7BBjCN3__________wEQ3f__________ARgjZGMIriQQpjEYJGRjCNIDEOAGGAhkYwiWFBCcHBgYZGMIyBwQwicYGWRjCNwVEPslGAlkYwjS__________8BENL__________wEYLmRjCPQUEJ4dGB9keAGAAQKIAbzTrcQB&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://fa52cc.llsdzktnxwnnr.com/?network=taboola&subid1=ig-internetgroup-network&adtitle=Was+kostet+eine+24+Stunden+Pflege+zu+Hause+in+Gunzenhausen%3F+Die+Preise+k%C3%B6nnten+Sie+%C3%BCberraschen&subid3=1213520&site=ig-internetgroup-network&click_id=GiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyDqyFIo9Mre0oOg6MkT&subid4=el-de-a-home2de-62970-c0909-tb&kw1=24+stunden+pflege+zu+hause+{City}&kw2=Polnische+Pflege+Zu+Hause&kw3=24+Pflege+Zu+Hause+Kosten&kw4=Pflege+Zu+Hause+24+Stunden+Betreuung&kw5=Pflegekraft#tblciGiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyDqyFIo9Mre0oOg6MkT
Title: Pflege zu Hause | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://info.geers.de/unsichtbares-hoergeraet-kostenlos-probieren/?utm_source=taboola&utm_medium=display&utm_campaign=ANDIGEERS_DE_GEE_ACQ_DIS_TAB_DES_STEMXX_IMG&utm_content=3052906070&utm_term=ig-internetgroup-network&utm_title=Gunzenhausen%3A+GEERS+sucht+700+Testh%C3%B6rer+vor+1971+geboren&tb_click_id=GiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyCDkFIov47SmYyW9OEw&_ad_placement=ig-internetgroup-network&tblci=GiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyCDkFIov47SmYyW9OEw#tblciGiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyCDkFIov47SmYyW9OEw
Title: GEERS - Gutes Hören

Search URL Search Domain Scan URL

URL: https://odia.ig.com.br/esporte/2021/11/6285624-felipe-melo-rebate-reporter-da-globo-nas-redes-sociais-aceita-que-doi-menos.html

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/2021-11-28/me-ajuda-meu-pai-bate-na-minha-mae--escreveu-menino-em-avaliacao-escolar.html

Search URL Search Domain Scan URL

URL: https://11a21d.llsdzktnxwnnr.com/?network=taboola&subid1=ig-internetgroup-network&adtitle=Gunzenhausen%3A+Unverkaufte+Hybridautos+des+Jahres+2020+f%C3%BCr+einen+Bruchteil+ihres+urspr%C3%BCnglichen+Preises&subid3=1213520&site=ig-internetgroup-network&click_id=GiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyDlyFIo5vbw54-Wvp6uAQ&subid4=ed-de-a-hybr6de-64533-b2209-tb-np&kw2=Hybrid+Auto+Angebote&kw3={City}:+H%C3%A4ndler+Verscherbeln+Unverkaufte+Autos+Aus+Dem+Jahr+2020&kw4=SUV+Hybrid+Autos&kw5=Hybrid+Auto+{City}&backfill=0#tblciGiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyDlyFIo5vbw54-Wvp6uAQ
Title: Hybridauto | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=ig-internetgroup-network&utm_medium=referral&utm_content=rec-reel-3n4-a:Below%20Article%20Thumbnails%20|%20Card%203:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: https://click.gamingtrk.com/b584dbb8-4534-4042-b34c-befb6484755c?site=ig-internetgroup-network&site_id=1213520&title=Wenn+du+%C3%BCber+40+bist+-+dieses+Spiel+ist+ein+Muss%21&platform=Desktop&campaign_id=6556728&campaign_item_id=3030232934&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fee77167c72fc4e07f262fc4f32da1e47.png&click_id=GiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyDt7k8os778h5Ow8o85&tblci=GiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyDt7k8os778h5Ow8o85#tblciGiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyDt7k8os778h5Ow8o85
Title: RAID: Shadow Legends

Search URL Search Domain Scan URL

URL: https://gente.ig.com.br/fofocas-famosos/2021-11-28/golpe-alessandra-ambrosio-roberto-cazzaniga-golpista-reformou-casa.html

Search URL Search Domain Scan URL

URL: https://centraldoanunciante.ig.com.br/
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://institucional.ig.com.br/2020-11-05/politica-de-privacidade-ig.html
Title: Política de privacidade

Search URL Search Domain Scan URL

URL: https://institucional.ig.com.br/2020-11-05/termos-de-uso.html
Title: Termos de Uso

Search URL Search Domain Scan URL

URL: https://twitter.com/iG

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ig---publicidade-e-conte-do-ltda/mycompany/?viewAsMember=true

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@portal_ig?lang=pt-BR

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/3c9woJ6Tzx3JiRFoUp8Mrl

Search URL Search Domain Scan URL

URL: https://www.youtube.com/ig

Search URL Search Domain Scan URL

URL: https://esporte.ig.com.br/futebol/2021-11-28/alem-de-renato-gaucho--flamengo-indica-outra-provavel-demissao.html

Search URL Search Domain Scan URL

URL: https://esporte.ig.com.br/2021-11-28/neymar-torce-tornozelo--deixa-campo-chorando-e-preocupa-psg.html

Search URL Search Domain Scan URL

URL: https://delas.ig.com.br/moda/2021-11-28/morre-virgil-abloh-designer-moda-diretor-louis-vuitton-dono-off-white.html

Search URL Search Domain Scan URL

URL: https://esporte.ig.com.br/futebol/internacional/2021-11-29/imprensa-francesa-critica-atitude-de-neymar-apos-grave-lesao.html

Search URL Search Domain Scan URL

URL: https://pro-verbraucher.info/sterbegeld/?utm_source=taboola&utm_medium=display&utm_campaign=5459_pSGVE_D-PRO-Lead-Outbound-Taboola_wac7526942_wmid592188347699433472&utm_term=oglobo.globo.com&utm_content=Mit+diesem+Trick+zahlt+man+kein+Sterbegeld+mehr&publisher=ig-internetgroup-network&tblci=GiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyCm0U8o1J2T-56W9ahK#tblciGiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyCm0U8o1J2T-56W9ahK
Title: Pro Verbraucher

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=ig-internetgroup-network&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: https://cdn.hoergeraete.hoeren-heute.de/independent_akustiker/?utm_content=3049624230&utm_publisher_ID=ig-internetgroup-network&mkt_tool_id=97bf20&utm_term=97bf20&act=ACT0000037289ACT&utm_source=taboola&utm_medium=display&utm_campaign=de_de_hoe_display_taboola_de_hh_independent_akustiker_acq_desktop_cw46_audibene-de2-sc_ACT0000037289ACT&utm_creative_ID=3049624230&aud_adcopy=Gunzenhausen%3A+Wie+dieser+H%C3%B6rakustiker+die+gro%C3%9Fen+Ketten+%C3%A4rgert&tbclid=GiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyDrvUIo3cONkZbqosAw#tblciGiDXo-f2UoFLyU8bmppQulqMfhzkijF8KA9Cl7Dm7XwYqyDrvUIo3cONkZbqosAw
Title: Hören heute

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@7.3.1/swiper-bundle.min.css

Request Chain 14

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@7.3.1/swiper-bundle.min.js

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=67791572612 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=67791572612&google_tc= HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=67791572612&google_gid=CAESEHNCaPyAw0q1B4J62kYKnlY&google_cver=1

Request Chain 47

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=e17961a4-cbb2-4800-abe7-e066b7cbd54d

Request Chain 68

https://sb.scorecardresearch.com/b?c1=2&c2=6987205&ns__t=1638190003645&ns_c=UTF-8&cv=3.5&c8=Deltan%20Dallagnol%C2%A0faz%20promo%C3%A7%C3%A3o%20%27black%20friday%27%20de%20curso%20e%20vira%20alvo%20de%20piadas%20%7C%20Pol%C3%ADtica%20%7C%20iG&c7=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6987205&ns__t=1638190003645&ns_c=UTF-8&cv=3.5&c8=Deltan%20Dallagnol%C2%A0faz%20promo%C3%A7%C3%A3o%20%27black%20friday%27%20de%20curso%20e%20vira%20alvo%20de%20piadas%20%7C%20Pol%C3%ADtica%20%7C%20iG&c7=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&c9=

Request Chain 108

https://sender.clevernt.com/transporter/48973.php?ppuc=1&ppu=0&id=502269&ref=aHR0cHM6Ly91bHRpbW9zZWd1bmRvLmlnLmNvbS5ici9wb2xpdGljYS8yMDIxLTExLTI4L2RlbHRhbi1kYWxsYWdub2wtZmF6LXByb21vY2FvLWJsYWNrLWZyaWRheS1kZS1jdXJzby1lLXZpcmEtYWx2by1kZS1waWFkYXMuaHRtbA%3D%3D&ruri=&r=880218559&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&landing=1&hei=undefined&mode=leaderboard&ts=0.749 HTTP 302
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443

Request Chain 138

https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_00970443 HTTP 302
http://localhost/

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1

Request Chain 177

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaTLtb8k911S2gjdpEdOfAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

Request Chain 179

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1

Request Chain 181

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaTLtb8k911S2gjdpEdOfAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

Request Chain 183

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1

Request Chain 189

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaTLtb8k911S2gjdpEdOfAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

Request Chain 191

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

Request Chain 196

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1

Request Chain 197

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaTLtb8k911S2gjdpEdOfAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

Request Chain 199

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1

Request Chain 201

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaTLtb8k911S2gjdpEdOfAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

Request Chain 203

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

Request Chain 233

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESED7lW_3ZSr6TLI_64jtaUKc&google_cver=1&google_push=AYg5qPLnImApJuVYKYFdiZekoxHqmDfFQuVd6JzBBOSOZzJoddxwMxmJNJdYqLogI6WZ23TYlHB9Ie0-_Ug-lX6UYpgKr0c_c9M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLnImApJuVYKYFdiZekoxHqmDfFQuVd6JzBBOSOZzJoddxwMxmJNJdYqLogI6WZ23TYlHB9Ie0-_Ug-lX6UYpgKr0c_c9M&google_hm=ePnXt6LrRB-D6q2VHqtbczY

Request Chain 235

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1

Request Chain 236

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECQd7G-dH1MZvanxCM36tds&google_cver=1&google_push=AYg5qPKm8t4tjC6turIFAlTFSDMhxw18ZkchBWvtPMOa46vTxaAcExwvZWgLAN9ysKgxbI5-gHYQRiQ00bn3VeHR5QBgLvcMTs8 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECQd7G-dH1MZvanxCM36tds&google_cver=1&google_push=AYg5qPKm8t4tjC6turIFAlTFSDMhxw18ZkchBWvtPMOa46vTxaAcExwvZWgLAN9ysKgxbI5-gHYQRiQ00bn3VeHR5QBgLvcMTs8&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKm8t4tjC6turIFAlTFSDMhxw18ZkchBWvtPMOa46vTxaAcExwvZWgLAN9ysKgxbI5-gHYQRiQ00bn3VeHR5QBgLvcMTs8&google_hm=2a03716d09da62beea0c8051

Request Chain 237

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDOBEsls_YKahe2t5xOHgsc&google_cver=1&google_push=AYg5qPJvAmmh6IKYpQ4Q_BYk-CQgrnqLyEji1VJN3Lxahu0eokULt84xiC0K_doims0vsj5QjT0wT4hp6z_BfBhYTy70NDdvM_Ov HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDOBEsls_YKahe2t5xOHgsc&google_cver=1&google_push=AYg5qPJvAmmh6IKYpQ4Q_BYk-CQgrnqLyEji1VJN3Lxahu0eokULt84xiC0K_doims0vsj5QjT0wT4hp6z_BfBhYTy70NDdvM_Ov&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDOBEsls_YKahe2t5xOHgsc&google_cver=1&google_push=AYg5qPJvAmmh6IKYpQ4Q_BYk-CQgrnqLyEji1VJN3Lxahu0eokULt84xiC0K_doims0vsj5QjT0wT4hp6z_BfBhYTy70NDdvM_Ov&apid=UP68de19d3-5112-11ec-9982-06a20cd9f756 HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDOBEsls_YKahe2t5xOHgsc&google_cver=1&google_push=AYg5qPJvAmmh6IKYpQ4Q_BYk-CQgrnqLyEji1VJN3Lxahu0eokULt84xiC0K_doims0vsj5QjT0wT4hp6z_BfBhYTy70NDdvM_Ov&apid=UP68de19d3-5112-11ec-9982-06a20cd9f756&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2OGRlMTlkMy01MTEyLTExZWMtOTk4Mi0wNmEyMGNkOWY3NTY%3D&google_push=AYg5qPJvAmmh6IKYpQ4Q_BYk-CQgrnqLyEji1VJN3Lxahu0eokULt84xiC0K_doims0vsj5QjT0wT4hp6z_BfBhYTy70NDdvM_Ov

Request Chain 278

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI7qrWVJUL1DWDdP-VIoe7s&google_cver=1&google_push=AYg5qPIHUMGXcyEG3ZCICizW0eCtW6AWrEiJ3WAKC8tPlEKY7qD9Dt7s9nXlg-PL6_RGSKyvftPabVAxtP40bvKbrYE4e0q0Hcsxxw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcyNTM3MDkwMDA1Nzc2MjcwNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI7qrWVJUL1DWDdP-VIoe7s&google_cver=1

Request Chain 280

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEB4wO1KXusC2qyvTaYg8ZDI&google_cver=1&google_push=AYg5qPK_HBpJ1_PnlAoKspRvrbob1fEbhhlYp7H5Yr5SQayuIi6ByaQjjv2aAMutLoLL_UrbsZ9rpmL3Sqzqh9EC8QH_Hs-QcVlqSA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4XlhpMuySACr5-Bmt8vVTQ&google_push=AYg5qPK_HBpJ1_PnlAoKspRvrbob1fEbhhlYp7H5Yr5SQayuIi6ByaQjjv2aAMutLoLL_UrbsZ9rpmL3Sqzqh9EC8QH_Hs-QcVlqSA

Request Chain 281

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN1MBwf5HIhpdzZ3LJnSOeA&google_cver=1&google_push=AYg5qPKpr4NmTd3UgvkyHa0P9PHXvvUOGFZnp7ge3KI80SI-9arUYLcZkwdwgEf2Wvh_ufw62KeBKv0qptmTirAKuHA3UXsj5vaZ7Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKpr4NmTd3UgvkyHa0P9PHXvvUOGFZnp7ge3KI80SI-9arUYLcZkwdwgEf2Wvh_ufw62KeBKv0qptmTirAKuHA3UXsj5vaZ7Q&google_hm=NDM1MjM5NzA0OTE3OTQ4NDU2

Request Chain 282

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK87QBA33teF6B_LFaB0GbU&google_cver=1&google_push=AYg5qPKLjtlEhAwyDfRrt6VD03lxHua6ePPfbXvrCxTAGi0Q-zO9AybdE55JF3pKpv57EhEDXc4yW-yTYLBthNmLSJz_XxBbUlmy HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK87QBA33teF6B_LFaB0GbU&google_cver=1&google_push=AYg5qPKLjtlEhAwyDfRrt6VD03lxHua6ePPfbXvrCxTAGi0Q-zO9AybdE55JF3pKpv57EhEDXc4yW-yTYLBthNmLSJz_XxBbUlmy&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lvKirKQ8T4ikONkTtQ5ozA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKLjtlEhAwyDfRrt6VD03lxHua6ePPfbXvrCxTAGi0Q-zO9AybdE55JF3pKpv57EhEDXc4yW-yTYLBthNmLSJz_XxBbUlmy

Request Chain 283

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECQd7G-dH1MZvanxCM36tds&google_cver=1&google_push=AYg5qPJGOz48UZPZuKFiH82Z454bdVMkJcyZs9IL7oSisEBXW0Bct-Z76MwgmT48ZrABTccKxzHmW3dRuOUF9sikDo7UpvWKHKtfjA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJGOz48UZPZuKFiH82Z454bdVMkJcyZs9IL7oSisEBXW0Bct-Z76MwgmT48ZrABTccKxzHmW3dRuOUF9sikDo7UpvWKHKtfjA&google_hm=2a03716d09da62beea0c8051

Request Chain 284

https://match.360yield.com/match/ebda?google_gid=CAESENVpm9UMPRNcL5fBY27e5gs&google_cver=1&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENVpm9UMPRNcL5fBY27e5gs&google_cver=1&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi

Request Chain 286

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEARQmAmWpxiaSYyW8DoWELw&google_cver=1&google_push=AYg5qPIO4DU9KdDwEnCMKbPJwnu_EtZrKUdFoxRtfW7rSLd3ql3mL_l6VLT0eHqUdAKsOSJrlmm1SUFlQwXolG8lVAgUvtCOSJeo HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEARQmAmWpxiaSYyW8DoWELw&google_cver=1&google_push=AYg5qPIO4DU9KdDwEnCMKbPJwnu_EtZrKUdFoxRtfW7rSLd3ql3mL_l6VLT0eHqUdAKsOSJrlmm1SUFlQwXolG8lVAgUvtCOSJeo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cFJpd2hjbXkxTVJHM3I1&google_gid=CAESEARQmAmWpxiaSYyW8DoWELw&google_cver=1&google_push=AYg5qPIO4DU9KdDwEnCMKbPJwnu_EtZrKUdFoxRtfW7rSLd3ql3mL_l6VLT0eHqUdAKsOSJrlmm1SUFlQwXolG8lVAgUvtCOSJeo

Request Chain 287

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAGkHUs0Jk53fm3p-5FitnY&google_cver=1&google_push=AYg5qPK3EDqjGbEhqIKVuC3zWbrt3YqAp42bZdLbAcJ8Ey_o4GW0i41fRmeyH3_Lx9aC7B5egR4GmSz20IcggUrCY8Zq0Hoqnzc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAGkHUs0Jk53fm3p-5FitnY&google_push=AYg5qPK3EDqjGbEhqIKVuC3zWbrt3YqAp42bZdLbAcJ8Ey_o4GW0i41fRmeyH3_Lx9aC7B5egR4GmSz20IcggUrCY8Zq0Hoqnzc

Request Chain 288

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEABm-S6ADN7IQx75jdFC_5Y&google_cver=1&google_push=AYg5qPIZrUxFxPPMqgGEjcw5gzX7fAnpBs2tSn-pMolhh_R7kwPc_TMrvXz4aXKlEsfycuyrXI-14QwNttZ_nxph2NrDWE24QrrB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNTk3MjQ5NjEyNjM3NjA3Nw%3D%3D&google_push=AYg5qPIZrUxFxPPMqgGEjcw5gzX7fAnpBs2tSn-pMolhh_R7kwPc_TMrvXz4aXKlEsfycuyrXI-14QwNttZ_nxph2NrDWE24QrrB

Request Chain 289

https://onetag-sys.com/sync/i,19/?google_gid=CAESEOsMZgSN5xQ7siin1fBPa9c&google_cver=1&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Request Chain 290

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO0Mm0hpYy9a59am2ljGnM0&google_cver=1&google_push=AYg5qPKwv3kePeEYOBOGw2y0QLu5f46YO8QWR_hmqmnkG_uPqVE7MjlzK3uGPer7JUqVXquRLIZrw_PrjUsR6H4A6WKFa6azfJsb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKwv3kePeEYOBOGw2y0QLu5f46YO8QWR_hmqmnkG_uPqVE7MjlzK3uGPer7JUqVXquRLIZrw_PrjUsR6H4A6WKFa6azfJsb&google_hm=

Request Chain 291

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKZgGiRLLr0aoUBGUOwhDNk&google_cver=1&google_push=AYg5qPLhifqv4FsBj-zeTdLXCJfHmRFIpR56Cn7GWDosR3Cl_ZN1EReSYzoQUuf01JnHXedVbK8yFue7dR-_ES9OwuOl6aMVCSFSDg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uckpLWEgxRTJ1RjJCcm9MdGJpWGtldThoMXl0cHlVM35B&google_push=AYg5qPLhifqv4FsBj-zeTdLXCJfHmRFIpR56Cn7GWDosR3Cl_ZN1EReSYzoQUuf01JnHXedVbK8yFue7dR-_ES9OwuOl6aMVCSFSDg

Request Chain 303

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAGkHUs0Jk53fm3p-5FitnY&google_cver=1&google_push=AYg5qPI1nScLVEmpyoPKZAczLgbtmHH9OjWFH1d3_g1KFbrwhaPU8X3sHSFm4xOpvZeYrjUfSnDNCrPjhawOisqf8xqNIAYuEyHa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAGkHUs0Jk53fm3p-5FitnY&google_push=AYg5qPI1nScLVEmpyoPKZAczLgbtmHH9OjWFH1d3_g1KFbrwhaPU8X3sHSFm4xOpvZeYrjUfSnDNCrPjhawOisqf8xqNIAYuEyHa

Request Chain 305

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESED7lW_3ZSr6TLI_64jtaUKc&google_cver=1&google_push=AYg5qPLq2siM0K1V76kC0oRxOQGgy_zRDncSyWGtBhb1Wy1ODqT-YnV0hCRrkk0X9fGuazWE8mqAz2NB4d6awAfQs5oNLEDKlCIn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLq2siM0K1V76kC0oRxOQGgy_zRDncSyWGtBhb1Wy1ODqT-YnV0hCRrkk0X9fGuazWE8mqAz2NB4d6awAfQs5oNLEDKlCIn&google_hm=ePnXt6LrRB-D6q2VHqtbczY

Request Chain 306

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECQd7G-dH1MZvanxCM36tds&google_cver=1&google_push=AYg5qPKUCRpJbxi8oNq_fmiP_Jg9X1MSt5mEyAAb5Crvwd7U2K7sxTXz5eVUU03Msu-EpRo1fY5Udkiwr-qRGvIsx8YqGee57EaH HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKUCRpJbxi8oNq_fmiP_Jg9X1MSt5mEyAAb5Crvwd7U2K7sxTXz5eVUU03Msu-EpRo1fY5Udkiwr-qRGvIsx8YqGee57EaH&google_hm=2a03716d09da62beea0c8051

Request Chain 307

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDOBEsls_YKahe2t5xOHgsc&google_cver=1&google_push=AYg5qPLeeWz8KB4ARLP6lnFcYwVteH0qO03mD_pclgV6S3glFUq1ejTfxpnw-Yv11vcXyudWlaYnF8dKFmtVXXFDWD_p3Bs0xCa5lw HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDOBEsls_YKahe2t5xOHgsc&google_cver=1&google_push=AYg5qPLeeWz8KB4ARLP6lnFcYwVteH0qO03mD_pclgV6S3glFUq1ejTfxpnw-Yv11vcXyudWlaYnF8dKFmtVXXFDWD_p3Bs0xCa5lw&apid=UP68de19d3-5112-11ec-9982-06a20cd9f756 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2OGRlMTlkMy01MTEyLTExZWMtOTk4Mi0wNmEyMGNkOWY3NTY%3D&google_push=AYg5qPLeeWz8KB4ARLP6lnFcYwVteH0qO03mD_pclgV6S3glFUq1ejTfxpnw-Yv11vcXyudWlaYnF8dKFmtVXXFDWD_p3Bs0xCa5lw

Request Chain 310

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENFndOwMKFf4trJyQR2jPY4&google_cver=1&google_push=AYg5qPJ9U920m_xXjw9n9ReriPONPIVtGQ36AAzqmPtzma8Kp6EBk69eCDwZ96HZ8yahSKoqjRELsBrTzJEAoogGiIBv2wK9dK1T7A HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENFndOwMKFf4trJyQR2jPY4&google_cver=1&google_push=AYg5qPJ9U920m_xXjw9n9ReriPONPIVtGQ36AAzqmPtzma8Kp6EBk69eCDwZ96HZ8yahSKoqjRELsBrTzJEAoogGiIBv2wK9dK1T7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ9U920m_xXjw9n9ReriPONPIVtGQ36AAzqmPtzma8Kp6EBk69eCDwZ96HZ8yahSKoqjRELsBrTzJEAoogGiIBv2wK9dK1T7A&google_hm=NIWHjFokQYG4sgsCTzOtkA==

Request Chain 312

https://onetag-sys.com/sync/i,19/?google_gid=CAESEOsMZgSN5xQ7siin1fBPa9c&google_cver=1&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Request Chain 313

https://match.360yield.com/match/ebda?google_gid=CAESENVpm9UMPRNcL5fBY27e5gs&google_cver=1&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENVpm9UMPRNcL5fBY27e5gs&google_cver=1&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg

Request Chain 314

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO0Mm0hpYy9a59am2ljGnM0&google_cver=1&google_push=AYg5qPJa9Swv_yBvDhawXqeSUByEiMys_Ey04Tmunbv_GsC3opwE_gd9CfUcRm6p4M5pHVJgxwFkCDFjuE5NO5r27Y-u_08yjR5e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJa9Swv_yBvDhawXqeSUByEiMys_Ey04Tmunbv_GsC3opwE_gd9CfUcRm6p4M5pHVJgxwFkCDFjuE5NO5r27Y-u_08yjR5e&google_hm=

Request Chain 315

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKZgGiRLLr0aoUBGUOwhDNk&google_cver=1&google_push=AYg5qPIXyMsEAWyN3i5VrJTlkMTXaPYMVINL6nO2m6fS8xZ6ZaT6YYGQWReXfnltIf1pNWLjKTdHd1Qr2nks7WSkKRgkrwQtP0_lNBA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uckpLWEgxRTJ1RjJCcm9MdGJpWGtldThoMXl0cHlVM35B&google_push=AYg5qPIXyMsEAWyN3i5VrJTlkMTXaPYMVINL6nO2m6fS8xZ6ZaT6YYGQWReXfnltIf1pNWLjKTdHd1Qr2nks7WSkKRgkrwQtP0_lNBA

Request Chain 348

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=6991ee0f-5112-11ec-b368-130dfa940506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6991eda4-5112-11ec-b368-130dfa940506&orig=video&us_privacy=1---gdpr=1&

Request Chain 350

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-AjW0E7tE2uFEZIhAyWpFX4IVTiFyMW_ROYxmW_U-~A

Request Chain 353

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=6992b03f-5112-11ec-a4ef-125b01370506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6992b00a-5112-11ec-a4ef-125b01370506&orig=video&us_privacy=1---gdpr=1&

Request Chain 366

https://gum.criteo.com/sid/json?origin=publishertag&domain=ig.com.br&sn=ChromeSyncframe&so=0&topUrl=ultimosegundo.ig.com.br&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=EsQf_XxMZ0pFKzRQeFFZaU84eTI4MUllRkkrQ3BVaDZjTmt6NmVkWVd3dWhwMWlWd2VUejF6eDZ3UGx3WHRqWGgvNUMxSlF4SDZpd0Y1ZUQwZFhYVlhBajl5ckZLS3VlU2MwV3NUbHI1TkYwNUZGV1owWkE4T3V5dVNPQ1lmRTczSUVZTGExaTNDcERPcDYvQVJtMnJxRk9OYldGWXBpTTNRc3BRRXlIb3hqZ0lTallCejJzV05aREFtNERsWGNhaEcvdFFQRjV2alk4VktzVUpNQkEya1RFMzNpbHdhMG43WDFQZGprSGlBU2JVeVlLVXZLeG03L3dSMDZ1S2pIM3BLdGpBZC9peUthdnhhTFdUeFFkbmRDN3h6dz09fA&cppv=2

Request Chain 371

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 374

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e17961a4-cbb2-4800-abe7-e066b7cbd54d&expires=28

Request Chain 376

https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWKO14VR-1M-8YYU&sigv=1&esig=2~b2421d76a3dfea325a9ec78b3ee9987797f79a05&gdpr=1&us_privacy=1---

Request Chain 377

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDM1ZDM2N2I5YjQ0OGY2MTM2MDdmODdmMjJjZjljZmNmMzZhNGE2Yw&gdpr=1&us_privacy=1---

Request Chain 378

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESED4E934mXVIdynyuR2iGmg8&google_cver=1

Request Chain 380

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dLTzE0VlItMU0tOFlZVQ==&gdpr=1&us_privacy=1---

Request Chain 381

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/_eDpISzvhHG_0Z7x0exWzsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=435239704917948456

381 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html Show response
ultimosegundo.ig.com.br/politica/2021-11-28/ 170 KB
32 KB 1024ms
972ms Document
text/html 2606:4700::6812:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

321665f63dd01ae97ce2db14eaa65071c34d54bc5b6fe07ace2376c3ab0ad69b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6b5bf0b11ced2b95-FRA
access-control-allow-origin: *
cache-control: max-age=60
last-modified: Mon, 29 Nov 2021 12:29:04 GMT
vary: Host,Accept-Encoding
cf-cache-status: HIT
cf-apo-via: origin,host
edge-control: max-age=60s,downstream-ttl=60s
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-url: /politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
x-user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultimosegundo.ig.com.br/
Origin: https://ultimosegundo.ig.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 18:12:28 GMT
x-content-type-options: nosniff
age: 498853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 18:12:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultimosegundo.ig.com.br/
Origin: https://ultimosegundo.ig.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:51:27 GMT
x-content-type-options: nosniff
age: 420914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 15:51:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 36ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ultimosegundo.ig.com.br/
Origin: https://ultimosegundo.ig.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 23:15:48 GMT
x-content-type-options: nosniff
age: 480653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 23:15:48 GMT

GET
H2 200 0nt5sfil6b4dkbkfwwf8ydfeb.jpg
i0.statig.com.br/bancodeimagens/0n/t5/sf/ 21 KB
21 KB 178ms
139ms Image
image/webp 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/bancodeimagens/0n/t5/sf/0nt5sfil6b4dkbkfwwf8ydfeb.jpg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4715460ceb48d91ce5ca6a0fc670b5f2b6d5370f2cc9cb07ec04b82d7f3701

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=43153
x-url: /bancodeimagens/0n/t5/sf/0nt5sfil6b4dkbkfwwf8ydfeb.jpg
edge-control: max-age=7776000s,downstream-ttl=7776000s
content-disposition: inline; filename="0nt5sfil6b4dkbkfwwf8ydfeb.webp"
content-length: 21182
x-xss-protection: 1; mode=block
x-user-agent: python-requests/2.25.0
last-modified: Mon, 18 Oct 2021 22:37:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6b5bf0b79971c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: imgq:85,h2pri

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 38ms
15ms Font
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 12:06:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Nov 2021 12:46:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Nov 2021 12:46:41 GMT

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@7.3.1/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.css
https://unpkg.com/swiper@7.3.1/swiper-bundle.min.css

15 KB
5 KB

18ms
18ms

Stylesheet
text/css

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.1/swiper-bundle.min.css

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3371f801000f02d00a3011c06bd012698f91b361b6d8d4bb76816e8dba84d22f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 429447
fly-request-id: 01FN925N7VPW3RXSSZ70ACRTPE
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3ccb-J+lc1YaUBZMMYbWKKFfVHIjGqZQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6b5bf0b798811f1d-FRA

Redirect headers

date: Mon, 29 Nov 2021 12:46:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FNNVJX966JJEECMM6WKYS6FA
server: cloudflare
age: 145
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@7.3.1/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b5bf0b7684d1f1d-FRA
access-control-allow-origin: *

GET
H2 200 close-envelope.svg
i0.statig.com.br/mobile/home-ig/images/ 1000 B
571 B 77ms
37ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/mobile/home-ig/images/close-envelope.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ad3a9f52e081b13ac0b02580922cf9f472a723499f0a3ad729530eae802886c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 3553
x-url: /mobile/home-ig/images/close-envelope.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s,mobile
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.1 Mobile/15E148 Safari/604.1
last-modified: Tue, 24 Sep 2019 13:00:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b79974c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 facebook-branco.svg
i0.statig.com.br/assets/v5/icones/ 463 B
382 B 81ms
42ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/assets/v5/icones/facebook-branco.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e7133aa9ea26b5f2f1d6223d09c6856290d0928751e2cbd8019790fea3d4f87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 12353697
x-url: /assets/v5/icones/facebook-branco.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36
last-modified: Fri, 16 Oct 2020 12:41:22 GMT
server: cloudflare
etag: W/"5f8994f2-1cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b79976c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 twitter-branco.svg
i0.statig.com.br/assets/v5/icones/ 807 B
511 B 81ms
43ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/assets/v5/icones/twitter-branco.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a19984d571822b96ee6b9409e41876768a4934047124d95ee11abfe14423d72

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 12353697
x-url: /assets/v5/icones/twitter-branco.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36
last-modified: Fri, 16 Oct 2020 12:41:22 GMT
server: cloudflare
etag: W/"5f8994f2-327"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b7997ac286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 instagram-branco.svg
i0.statig.com.br/assets/v5/icones/ 618 B
451 B 76ms
38ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/assets/v5/icones/instagram-branco.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da1af9bea99eb5f40ed7ae215088540103b41491cb4c56b0a49254400504cbf

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 6356
x-url: /assets/v5/icones/instagram-branco.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s,mobile
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.1 Mobile/15E148 Safari/604.1
last-modified: Fri, 16 Oct 2020 12:41:22 GMT
server: cloudflare
etag: W/"5f8994f2-26a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b7997bc286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 facebook-brown.svg
i0.statig.com.br/assets/v5/icones/ 526 B
856 B 71ms
32ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/assets/v5/icones/facebook-brown.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceb6939190f9ceb9d0defa8d89239f2292e6829360f500aeb193c647f304b875

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 4124
x-url: /assets/v5/icones/facebook-brown.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s,mobile
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.1 Mobile/15E148 Safari/604.1
last-modified: Thu, 04 Jun 2020 14:07:09 GMT
server: cloudflare
etag: W/"5ed9000d-20e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b7997cc286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 twitter-brown.svg
i0.statig.com.br/assets/v5/icones/ 879 B
712 B 18ms
17ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/assets/v5/icones/twitter-brown.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3401afc923844ade07f26f7afc7d7b533dde9d93db00134c7d640fe36711b76

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 6256
x-url: /assets/v5/icones/twitter-brown.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.90 Safari/537.36
last-modified: Thu, 04 Jun 2020 14:07:10 GMT
server: cloudflare
etag: W/"5ed9000e-36f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b7a992c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 instagram-brown.svg
i0.statig.com.br/assets/v5/icones/ 658 B
549 B 20ms
20ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/assets/v5/icones/instagram-brown.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f9eb005b24103a89f1e3cf2b19caf956a7e0481d446be5bb6b3a1ce541422ea

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 12353696
x-url: /assets/v5/icones/instagram-brown.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36
last-modified: Thu, 04 Jun 2020 14:07:10 GMT
server: cloudflare
etag: W/"5ed9000e-292"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b7a994c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 rocket-loader.min.js Show response
ultimosegundo.ig.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700::6812:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimosegundo.ig.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 17:32:49 GMT
server: cloudflare
etag: W/"619bd441-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6b5bf0b7588d2b95-FRA
vary: Accept-Encoding
expires: Wed, 01 Dec 2021 12:46:41 GMT

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@7.3.1/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@7.3.1/swiper-bundle.min.js

132 KB
38 KB

23ms
23ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.1/swiper-bundle.min.js

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e43a5802d5ed9337da2e507c39c43080de4305db7e520e22fe3ec9fd83c1b72f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 429446
fly-request-id: 01FN925PV8SGZE3MDXNWNHKMXY
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"211fc-Vc04MSVLzRe61bnJM9K/NrBb7Jw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6b5bf0b819231f1d-FRA

Redirect headers

date: Mon, 29 Nov 2021 12:46:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FNNVJY8AQDRW1QVSY6KESKA8
server: cloudflare
age: 144
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@7.3.1/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b5bf0b7b8af1f1d-FRA
access-control-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
59 KB 44ms
22ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5J8MN6

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41b24bedde901818e2de2d0f47b5007524cb4758d879e3d5c80ad65604fbf160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59546
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Nov 2021 12:46:41 GMT

GET
H2 200 logoiguinhohome_branco.png
i0.statig.com.br/assets/v5/logos/ 4 KB
5 KB 31ms
31ms Image
image/webp 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/assets/v5/logos/logoiguinhohome_branco.png

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37a1a1dc4c5efa2ad4da95fa893fea8406d60838ef4ed0aff33c8335f3f8b66c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
cf-cache-status: HIT
age: 3422
cf-polished: origFmt=png, origSize=7260
x-url: /assets/v5/logos/logoiguinhohome_branco.png
edge-control: max-age=7776000s,downstream-ttl=7776000s,mobile
content-disposition: inline; filename="logoiguinhohome_branco.webp"
content-length: 4438
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 15_0_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.0 Mobile/15E148 Safari/604.1
last-modified: Fri, 27 Mar 2020 20:17:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6b5bf0b7c9bec286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: imgq:85,h2pri

GET
H2 200 search.svg
i0.statig.com.br/assets/v5/icones/ 761 B
661 B 19ms
19ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/assets/v5/icones/search.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b30e99c952f1ea8a910db9482569a8007066b63243f679d4c125fe8f290cafe2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 12353404
x-url: /assets/v5/icones/search.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
last-modified: Tue, 12 Nov 2019 13:01:16 GMT
server: cloudflare
etag: W/"5dcaad1c-2f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b7c9c0c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 icon-facebook-v5.png
i0.statig.com.br/assets/v5/icones/ 146 B
472 B 18ms
18ms Image
image/webp 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/assets/v5/icones/icon-facebook-v5.png

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bca82d642f5d978b59db10014913b736f527d7c742f4a2281836f7c34dfaa71f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
cf-cache-status: HIT
age: 3421
cf-polished: origFmt=png, origSize=284
x-url: /assets/v5/icones/icon-facebook-v5.png
edge-control: max-age=7776000s,downstream-ttl=7776000s
content-disposition: inline; filename="icon-facebook-v5.webp"
content-length: 146
x-xss-protection: 1; mode=block
x-user-agent: Googlebot-Image/1.0
last-modified: Wed, 07 Apr 2021 18:29:50 GMT
server: cloudflare
etag: "606dfa1e-11c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6b5bf0b7d9c4c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: imgq:85,h2pri

GET
H2 200 icon-twitter-v5.png
i0.statig.com.br/assets/v5/icones/ 194 B
471 B 21ms
20ms Image
image/webp 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/assets/v5/icones/icon-twitter-v5.png

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3424edf9930c5ea9bab2f1cc97d3d96e0634f80a4ce97ed29230caf67b0b6099

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
cf-cache-status: HIT
age: 3421
cf-polished: origFmt=png, origSize=424
x-url: /assets/v5/icones/icon-twitter-v5.png
edge-control: max-age=7776000s,downstream-ttl=7776000s,mobile
content-disposition: inline; filename="icon-twitter-v5.webp"
content-length: 194
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Linux; Android 11; SAMSUNG SM-A325M) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/15.0 Chrome/90.0.4430.210 Mobile Safari/537.36
last-modified: Wed, 07 Apr 2021 18:29:50 GMT
server: cloudflare
etag: "606dfa1e-1a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6b5bf0b7d9c5c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: imgq:85,h2pri

GET
H2 200 icon-whatsapp-v5.png
i0.statig.com.br/assets/v5/icones/ 254 B
503 B 18ms
17ms Image
image/webp 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/assets/v5/icones/icon-whatsapp-v5.png

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1493ee6db9b437bda61c7772b5d4bf1fc8deb27387e3086f53fc7d209d7e81a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
cf-cache-status: HIT
age: 94
cf-polished: origFmt=png, origSize=539
x-url: /assets/v5/icones/icon-whatsapp-v5.png
edge-control: max-age=7776000s,downstream-ttl=7776000s
content-disposition: inline; filename="icon-whatsapp-v5.webp"
content-length: 254
x-xss-protection: 1; mode=block
x-user-agent: Googlebot-Image/1.0
last-modified: Wed, 07 Apr 2021 18:29:51 GMT
server: cloudflare
etag: "606dfa1f-21b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6b5bf0b7d9c6c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: imgq:85,h2pri

GET
H2 200 icon-comments-v5.png
i0.statig.com.br/assets/v5/icones/ 274 B
603 B 22ms
21ms Image
image/webp 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/assets/v5/icones/icon-comments-v5.png

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20939bdf42aa69ef12fb0a2f8d06ebdb6f31d41240fe09fe8d13f300eba23d96

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
cf-cache-status: HIT
age: 3421
cf-polished: origFmt=png, origSize=475
x-url: /assets/v5/icones/icon-comments-v5.png
edge-control: max-age=7776000s,downstream-ttl=7776000s,mobile
content-disposition: inline; filename="icon-comments-v5.webp"
content-length: 274
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/18F72 [FBAN/FBIOS;FBDV/iPhone12,5;FBMD/iPhone;FBSN/iOS;FBSV/14.6;FBSS/3;FBID/phone;FBLC/pt_BR;FBOP/5]
last-modified: Wed, 07 Apr 2021 18:29:50 GMT
server: cloudflare
etag: "606dfa1e-1db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6b5bf0b7d9c7c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: imgq:85,h2pri

GET
H2 200 Google_News_icon.png
i0.statig.com.br/assets/v5/icones/ 3 KB
4 KB 20ms
19ms Image
image/webp 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/assets/v5/icones/Google_News_icon.png

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a6a47a362db1d1e4370b995be64fcca90aaab507abdede4d51a2942eebf3e17

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
cf-cache-status: HIT
age: 3422
cf-polished: origFmt=png, origSize=3657
x-url: /assets/v5/icones/Google_News_icon.png
edge-control: max-age=7776000s,downstream-ttl=7776000s,mobile
content-disposition: inline; filename="Google_News_icon.webp"
content-length: 3266
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Linux; Android 9; SM-G950F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.74 Mobile Safari/537.36
last-modified: Fri, 18 Dec 2020 13:42:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6b5bf0b7d9c8c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: imgq:85,h2pri

GET
H2 200 roda.svg
i0.statig.com.br/mobile/home-ig/images/ 6 KB
3 KB 15ms
13ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/mobile/home-ig/images/roda.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55904d995e0a34983ca3f216b980347a8677ff700fa81f0d99582db39685de58

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 6256
x-url: /mobile/home-ig/images/roda.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:61.0) Gecko/20100101 Firefox/61.0
last-modified: Fri, 05 Feb 2021 19:12:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b80a03c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 lock.svg
i0.statig.com.br/mobile/home-ig/images/ 1 KB
700 B 23ms
22ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/mobile/home-ig/images/lock.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfcc8f74a5cebacd2821e200bcd0b55d8b2b403e3b36751fcc5fffc47fe0d9d2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 12353697
x-url: /mobile/home-ig/images/lock.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36
last-modified: Tue, 17 Dec 2019 16:12:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b80a05c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 dr-ig.svg
i0.statig.com.br/sass-canais/canaisiGv05/igServicos/icons/ 790 B
826 B 16ms
15ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/sass-canais/canaisiGv05/igServicos/icons/dr-ig.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21dff8629c39fe1f0d4cda9e8d7670a978fbd8cbc30bbd64a6da23c7c77e781c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 6256
x-url: /sass-canais/canaisiGv05/igServicos/icons/dr-ig.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s,mobile
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.1 Mobile/15E148 Safari/604.1
last-modified: Fri, 17 Apr 2020 13:46:32 GMT
server: cloudflare
etag: W/"5e99b338-316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b80a0bc286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 icon_igcursos.svg
i0.statig.com.br/mobile/home-ig/images/ 701 B
703 B 18ms
17ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/mobile/home-ig/images/icon_igcursos.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87a621fc047090c531e9e2d685e6b3c9175cc0cfd888c90c1daf5b4f9bed717e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 12353697
x-url: /mobile/home-ig/images/icon_igcursos.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36
last-modified: Fri, 24 Apr 2020 13:50:32 GMT
server: cloudflare
etag: W/"5ea2eea8-2bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b80a0dc286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 ig-compara.svg
i0.statig.com.br/sass-canais/canaisiGv05/igServicos/icons/ 18 KB
14 KB 22ms
21ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/sass-canais/canaisiGv05/igServicos/icons/ig-compara.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc93a4534fad4d42c22ef5ba59d604a2831e47ad15310d8a878f69413deb7436

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 6256
x-url: /sass-canais/canaisiGv05/igServicos/icons/ig-compara.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/83.0.4103.97 Safari/537.36
last-modified: Tue, 16 Mar 2021 17:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b80a0ec286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 cupom1.svg
i0.statig.com.br/mobile/home-ig/images/ 2 KB
947 B 25ms
24ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/mobile/home-ig/images/cupom1.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca38646fd9d76082e9251583f9613469d22434353e4b11dadda86af37b0d55a8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 1087
x-url: /mobile/home-ig/images/cupom1.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
last-modified: Tue, 26 Oct 2021 19:15:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b80a0fc286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 game.svg
i0.statig.com.br/mobile/home-ig/images/ 1 KB
661 B 24ms
24ms Image
image/svg+xml 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.statig.com.br/mobile/home-ig/images/game.svg

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4abcb25995824507287896b94d19768c0431a2f7fe3cc162b7370c31d3e931b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 6256
x-url: /mobile/home-ig/images/game.svg
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/83.0.4103.97 Safari/537.36
last-modified: Wed, 12 May 2021 14:43:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 6b5bf0b80a1ac286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 ig-canais-noticias.min.js Show response
i0.statig.com.br/assets/v5/js/ 24 KB
7 KB 39ms
39ms Script
application/x-javascript 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i0.statig.com.br/assets/v5/js/ig-canais-noticias.min.js?v4.0.7.242222

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e53538494ea824f9b92bebbab3490c9cc861fc787e3cb2ccae6a0b70c19538d5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 3737
x-url: /assets/v5/js/ig-canais-noticias.min.js?v4.0.7.242222
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)
last-modified: Wed, 29 Sep 2021 20:38:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cf-ray: 6b5bf0b80a1cc286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 jquery-3.5.1.min.js Show response
i0.statig.com.br/js/ 87 KB
31 KB 25ms
25ms Script
application/x-javascript 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i0.statig.com.br/js/jquery-3.5.1.min.js

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 12353696
x-url: /js/jquery-3.5.1.min.js
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36
last-modified: Thu, 28 Jan 2021 13:40:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cf-ray: 6b5bf0b80a1dc286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 ig-canais-noticias.min.css
i0.statig.com.br/assets/v5/css/ 52 KB
9 KB 24ms
24ms Stylesheet
text/css 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i0.statig.com.br/assets/v5/css/ig-canais-noticias.min.css?v5.0.7.243444

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e616e0a51ae1e98f7ac3469594d28c1e6b6bcf637dd594e6734fdbe09588db4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 5128
x-url: /assets/v5/css/ig-canais-noticias.min.css?v5.0.7.243444
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.2 Safari/605.1.15
last-modified: Tue, 26 Oct 2021 20:17:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cf-ray: 6b5bf0b81a3cc286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 configmobilev5.js
i0.statig.com.br/publicidade/prebid/ 0
1 KB 32ms
31ms Other
application/x-javascript 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i0.statig.com.br/publicidade/prebid/configmobilev5.js?v=03

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5J8MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 438
x-url: /publicidade/prebid/configmobilev5.js?v=03
edge-control: max-age=7776000s,downstream-ttl=7776000s,mobile
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Linux; Android 9; SAMSUNG SM-A505F) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/10.1 Chrome/71.0.3578.99 Mobile Safari/537.36
last-modified: Thu, 29 Apr 2021 15:45:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cf-ray: 6b5bf0b85a8ac286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H2 200 prebid_4.28.0_roac.js
i0.statig.com.br/publicidade/prebid/ 0
65 KB 55ms
54ms Other
application/x-javascript 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i0.statig.com.br/publicidade/prebid/prebid_4.28.0_roac.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5J8MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 4645
cf-polished: origSize=210421
x-url: /publicidade/prebid/prebid_4.28.0_roac.js
edge-control: max-age=7776000s,downstream-ttl=7776000s,mobile
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 [FBAN/FBIOS;FBDV/iPhone12,1;FBMD/iPhone;FBSN/iOS;FBSV/13.5.1;FBSS/2;FBID/phone;FBLC/en_US;FBOP/5]
last-modified: Tue, 02 Mar 2021 19:45:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cf-ray: 6b5bf0b85aa7c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H2 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 0
27 KB 88ms
66ms Other
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5J8MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1058 / 424 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 12:46:42 GMT

GET
H2 200 prebid_4.28.0_roac.js
wfpscripts.webspectator.com/prebid/ 0
66 KB 345ms
110ms Other
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/prebid/prebid_4.28.0_roac.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5J8MN6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
content-encoding: gzip
last-modified: Mon, 29 Mar 2021 17:23:44 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "4736f80a7cfa4d0d784e4a1c0780dbc8"
x-cache-status: HIT
content-type: application/javascript
cache-control: public, max-age=3600000, immutable
content-length: 67251

GET
H2 200 ws-IFGYUOOP.js Show response
wfpscripts.webspectator.com/bootstrap/ 1 KB
844 B 344ms
109ms Script
application/x-javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/bootstrap/ws-IFGYUOOP.js
Requested by: Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7a1c3535dfa3a006455d30af09d59ea1c17f181aaed752e3a076fb37d54cb9a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
content-encoding: gzip
last-modified: Wed, 16 Dec 2020 19:07:46 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"d4874fa92bdc7986431f6714fb12e249"
x-cache-status: HIT
content-type: application/x-javascript
cache-control: max-age=31536000

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 12 KB
5 KB 51ms
25ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12f1d9c35940a2b74b61e7125d12245c1de8c96e386583979963db701383d95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 19:20:03 GMT
server: cloudflare
age: 396
etag: W/"618c1b63-31f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6b5bf0b8784b4db8-FRA
content-type: application/javascript
expires: Mon, 29 Nov 2021 13:40:06 GMT

GET
H2 200 53725 Show response
tag.navdmp.com/u/ 523 B
482 B 167ms
166ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/53725
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fcfe2782543f837703e2a2950fa8504e04933cb5b22c0cf83cf34e216729202

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 10 Nov 2021 19:44:43 GMT
server: cloudflare
etag: W/"618c212b-20b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6b5bf0b8a8954db8-FRA
content-type: application/javascript
expires: Mon, 29 Nov 2021 13:46:42 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 358 B
431 B 177ms
168ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=53725&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0b67b3057636225604c9da907488c495c5deb3000d05174dd0d3af565e7999f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Mon, 29 Nov 2021 12:46:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b5bf0b9caa34db8-FRA
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Mon, 29 Nov 2021 13:46:42 GMT

GET
H/1.1 200
OK init Show response
webservices.webspectator.com/ 4 KB
2 KB 439ms
106ms Script
application/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/init?appId=IFGYUOOP&h=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&q=undefined&t=1638190002316
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-IFGYUOOP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: bd39187a63bf82e1752acc7f108b9f55cad58d26d6e36e4a01688aac302bf608

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:42 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 44ms
9ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-IFGYUOOP.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 06 Dec 2021 12:46:42 GMT

GET
H2 200 rules-p-HGAVM7nQJ_sep.js Show response
rules.quantcount.com/ 3 B
428 B 35ms
7ms Script
application/javascript 2600:9000:20eb:8600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 01:27:39 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
age: 40744
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:26:00 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: lOKfKEU-9Xr7GjnKqeDHIkowvtYZ0a0w_PpQB3GlRSM0chc6RgmEjA==

GET
H2 200 / Show response
opi.navdmp.com/ 2 B
194 B 348ms
315ms Fetch
application/json 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opi.navdmp.com/?v=7&url=https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/96.0.4664.45%20Safari/537.36
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 6b5bf0bb0d5a692b-FRA
content-length: 2

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
78 B 174ms
152ms Script
application/x-javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=fc8b14e849981c682ae44447809%7C0&acc=53725&tit=Deltan%2520Dallagnol%25A0faz%2520promo%25E7%25E3o%2520%2527black%2520friday%2527%2520de%2520curso%2520e%2520vira%2520alvo%2520de%2520piadas%2520%257C%2520Pol%25EDtica%2520%257C%2520iG&url=https%253A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&upd=1&new=1&h1=Deltan%2520Dallagnol%25A0faz%2520promo%25E7%25E3o%2520%2527black%2520friday%2527%2520de%2520curso%2520e%2520vira%2520alvo%2520de%2520piadas
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b5bf0bb0d364db8-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=67791572612
https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=67791572612&google_tc=
https://sync2.navdmp.com/sync?prtid=2&id=67791572612&google_gid=CAESEHNCaPyAw0q1B4J62kYKnlY&google_cver=1

6 B
58 B

155ms
146ms

Script
application/javascript

2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=67791572612&google_gid=CAESEHNCaPyAw0q1B4J62kYKnlY&google_cver=1
Requested by: Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Protocol: H2
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b5bf0bb9e4e4db8-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync2.navdmp.com/sync?prtid=2&id=67791572612&google_gid=CAESEHNCaPyAw0q1B4J62kYKnlY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=e17961a4-cbb2-4800-abe7-e066b7cbd54d

43 B
130 B

175ms
166ms

Image
image/gif

2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=e17961a4-cbb2-4800-abe7-e066b7cbd54d
Requested by: Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Protocol: H2
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 6b5bf0bb7e294db8-FRA
content-length: 43

Redirect headers

Date: Mon, 29 Nov 2021 12:46:42 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x9 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://sync.navdmp.com/sync?img=1&mdia=e17961a4-cbb2-4800-abe7-e066b7cbd54d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 29 Nov 2021 12:46:41 GMT

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
0 310ms
106ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Requested by: Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 pixel;r=1003809088;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html;uht=2;fp...
pixel.quantserve.com/ 35 B
371 B 29ms
12ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1003809088;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html;uht=2;fpan=1;fpa=P0-741559820-1638190002405;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=ig.com.br;je=0;sr=1600x1200x24;dst=0;et=1638190002405;tzo=0;ogl=locale.pt_BR%2Curl.https%3A%2F%2Fultimosegundo%252Eig%252Ecom%252Ebr%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promoca%2Ctitle.Deltan%20Dallagnol%C2%A0faz%20promo%C3%A7%C3%A3o%20'black%20friday'%20de%20curso%20e%20vira%20alvo%20de%20piadas%2Csite_name.Portal%20iG%2Cdescription.Ex-coordenador%20da%20Lava-Jato%20est%C3%A1%20oferecendo%20descontos%20em%20curso%20de%20combate%20%C3%A0%20corr%2Ctype.article%2Cimage.https%3A%2F%2Fi0%252Estatig%252Ecom%252Ebr%2Fbancodeimagens%2F3m%2Ftb%2Fay%2F3mtbaywu69fb1shicx0jkwrox%252Ejpg%2Cimage%3Awidth.1200%2Cimage%3Aheight.675

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 watson Show response
opi.navdmp.com/ 198 B
215 B 122ms
121ms Fetch
application/json 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opi.navdmp.com/watson?&url=https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b112103c51c9ef84dc320cd03022903acfc96e907aa885f09348eaf468eda9a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 6b5bf0bd09a1692b-FRA

GET
H/1.1 200
OK initcb Show response
webservices.webspectator.com/ 12 KB
2 KB 107ms
107ms Script
application/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/initcb?appId=2589&vId=F3F8B8AE990D91F6&dads=0&lts=0&nv=1&s=4298&res=1600x1200&c=1&l=en&r=&sr=&ts=1638190002759&rs=0&h=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&npv=1&ltsss=0&ltsvs=0
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/init?appId=IFGYUOOP&h=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&q=undefined&t=1638190002316
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: cb8c6b27c844450802297e5b9dee62d2a8daf4d1879aadf85fd8432752529e75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:42 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ortc-heartbeat1sec-min.js Show response
wfpscripts.webspectator.com/ 76 KB
19 KB 110ms
109ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2589&vId=F3F8B8AE990D91F6&dads=0&lts=0&nv=1&s=4298&res=1600x1200&c=1&l=en&r=&sr=&ts=1638190002759&rs=0&h=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2016 17:07:44 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "ae07ae40393a03d603b6341bf9f7f923"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 19153
x-amz-meta-s3b-last-modified: 20161130T162538Z

GET
H2 200 swfobject.js Show response
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 10 KB
5 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js

Requested by

Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2589&vId=F3F8B8AE990D91F6&dads=0&lts=0&nv=1&s=4298&res=1600x1200&c=1&l=en&r=&sr=&ts=1638190002759&rs=0&h=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&npv=1&ltsss=0&ltsvs=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 15:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3974
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Nov 2022 15:48:59 GMT

GET
H2 200 blockadblock.js Show response
wfpscripts.webspectator.com/adblocker/ 8 KB
3 KB 110ms
109ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2589&vId=F3F8B8AE990D91F6&dads=0&lts=0&nv=1&s=4298&res=1600x1200&c=1&l=en&r=&sr=&ts=1638190002759&rs=0&h=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2016 13:22:22 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "0dcdd7a190caf42e7d287645d9ba0303"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 2696

GET
H2 200 ws-4.4.62-ig.js Show response
wfpscripts.webspectator.com/ 81 KB
23 KB 127ms
127ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-4.4.62-ig.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2589&vId=F3F8B8AE990D91F6&dads=0&lts=0&nv=1&s=4298&res=1600x1200&c=1&l=en&r=&sr=&ts=1638190002759&rs=0&h=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0918725725c371abd28fb918c98559b0bd7bd2ea78b0ca47c652e6859265a6c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:42 GMT
content-encoding: gzip
last-modified: Thu, 30 Jul 2020 19:27:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "2d2b31239f42dc09ff3782e73e213660"
x-cache-status: MISS
content-type: application/javascript
cache-control: 600
content-length: 23698

GET
H/1.1 200
OK / Show response
msgws.webspectator.com/server/ssl/2.1/ 67 B
248 B 458ms
106ms Script
text/javascript 34.234.140.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://msgws.webspectator.com/server/ssl/2.1/?guid=7e09e380-1883-9f74-9f6f-90ec2c5a0e47&appkey=w5tlOg
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.140.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-140-75.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 29 Nov 2021 12:46:43 GMT
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame D763 21 KB
9 KB 109ms
109ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62-ig.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 2D63 21 KB
9 KB 109ms
109ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62-ig.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 close-button.png
wfpscripts.webspectator.com/resources/ 800 B
1022 B 109ms
109ms Image
image/png 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wfpscripts.webspectator.com/resources/close-button.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f5f2153203c3ac589d446a5169260aa6d8c5aa3bdf368a67c39f93fd85d9f2d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2016 11:07:35 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"891aa2ba010c66ab9a3786314b60c331"
x-cache-status: HIT
content-type: image/png
cache-control: public,max-age=2592000

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 32ms
17ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5J8MN6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1058 / 919 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 12:46:43 GMT

GET
H2 200 791ce193144bb15e4bdd2c1649b8c8f3.js Show response
scripts.cleverwebserver.com/ 128 KB
52 KB 51ms
24ms Script
application/javascript 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/791ce193144bb15e4bdd2c1649b8c8f3.js
Requested by: Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db310e6ff85eafdb484c6a3705a7137e39f2e686412d28be6fa0195cd2bd4bc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Nov 2021 23:20:07 GMT
server: cloudflare
age: 1069
etag: W/"70af677e64098d93510b764473544658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: gxqWtrPHCC3wFs6JQIiySezgZYpz6Zxl
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6b5bf0c2bbd12bce-FRA
x-amz-request-id: EEMXR7GAF0M4T4B7
x-amz-id-2: 8nTKr01o4tJCECykSSyL5fZGHSCoQy+FG33qqDiI4xpoDyq4R4wxkU2MC0yoxyBdpwuofNqT0zA=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5J8MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6336
date: Mon, 29 Nov 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 29 Nov 2021 13:01:07 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 27ms
10ms Script
application/javascript 13.225.77.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-123.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 05:03:59 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 27798
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: dZAgCRNTI1GQnMgOjKNFFKMM86Th1jZG0KdNGiDCYnfVnVQ_JNjURA==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/ig-internetgroup-network/ 439 KB
36 KB 28ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/ig-internetgroup-network/loader.js
Requested by: Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6438652b06337d0665587b7b15dd632fa35a0e99a9fcea79b3a124e692ed64a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: DLag25eLlvuXequF1yKRGt9UOYtXHnNC
content-encoding: gzip
etag: "96832a94d2c6d591df129db7a0cbdd4c"
age: 21910
x-cache: HIT
content-length: 36230
x-amz-id-2: /H365k+gdJ3dlVuB6ZKNZkvrnjxB+7C624rmDaR6Y66iB+YNcD5vginDsQOw4NIscfNSyya+DQU=
x-served-by: cache-fra19157-FRA
last-modified: Mon, 29 Nov 2021 06:29:27 GMT
server: AmazonS3
x-timer: S1638190004.636783,VS0,VE1
date: Mon, 29 Nov 2021 12:46:43 GMT
vary: Accept-Encoding
x-amz-request-id: HY9J3PBJHH5N8TQV
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 32
x-cache-hits: 1

GET
H2 200 5.1.0 Show response
instant.page/ 3 KB
1 KB 44ms
13ms Script
text/javascript 2606:4700::6811:a1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://instant.page/5.1.0
Requested by: Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f

Request headers

Referer: https://ultimosegundo.ig.com.br/
Origin: https://ultimosegundo.ig.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 6b5bf0c2c8375369-FRA

GET
H2 200 2f5406a2-50b6-4140-806d-6ae9985e6d11.js Show response
cdn.pn.vg/sites/ 2 KB
2 KB 64ms
34ms Script
text/javascript 2606:4700:3039::6815:c0b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/2f5406a2-50b6-4140-806d-6ae9985e6d11.js
Requested by: Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c0b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ccd8267074c1e01e7d21d98d212fec77abfa9a8a7c68f199ab61c1351a02296

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1068
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 20 Sep 2021 18:24:23 GMT
server: cloudflare
etag: W/"37afb8916ac9123d1fcde51fe159e143"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfwwjtcM%2FtNJ4HFnCUFcXlgwOPlFiscLrazDjQ%2BBxWJdewc7Wghll1ZMWRnEOD3ZbPVpldjT4oLSbuHdXNhRh0iQAo7IhDbZi89HkFD3EBAMgIXx76rRQCnIDOzFs%2FKDXnpa7yAqBwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-amz-cf-pop: FRA2-C1
cf-ray: 6b5bf0c2cc635be5-FRA
x-amz-cf-id: Xf8daZDa5T9jYrz02aRSSL2ytmPMKDRJDOOl2-9FXopcpB4q3cWQjQ==

GET
H2 200 _adview_.ad.json Show response
cdn.webspectator.com/ad/banner/_adsense_/_adserver/ 0
165 B 136ms
126ms Script
application/octet-stream 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.webspectator.com/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=36285217
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
last-modified: Tue, 11 Oct 2016 11:19:36 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-length: 0
x-cache-status: MISS
content-type: application/octet-stream

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6987205&ns__t=1638190003645&ns_c=UTF-8&cv=3.5&c8=Deltan%20Dallagnol%C2%A0faz%20promo%C3%A7%C3%A3o%20%27black%20friday%27%20de%20curso%20e%20vira%20alvo%20...
https://sb.scorecardresearch.com/b2?c1=2&c2=6987205&ns__t=1638190003645&ns_c=UTF-8&cv=3.5&c8=Deltan%20Dallagnol%C2%A0faz%20promo%C3%A7%C3%A3o%20%27black%20friday%27%20de%20curso%20e%20vira%20alvo%2...

0
224 B

9ms
9ms

Image
text/plain

13.225.77.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6987205&ns__t=1638190003645&ns_c=UTF-8&cv=3.5&c8=Deltan%20Dallagnol%C2%A0faz%20promo%C3%A7%C3%A3o%20%27black%20friday%27%20de%20curso%20e%20vira%20alvo%20de%20piadas%20%7C%20Pol%C3%ADtica%20%7C%20iG&c7=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&c9=
Protocol: H2
Server: 13.225.77.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-123.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: Wk-MkE-WiqM_U-Up0HDFIQcJkxTYCFsCXDvla0KnS6Vuf8CNMEQrYQ==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 29 Nov 2021 12:46:43 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6987205&ns__t=1638190003645&ns_c=UTF-8&cv=3.5&c8=Deltan%20Dallagnol%C2%A0faz%20promo%C3%A7%C3%A3o%20'black%20friday'%20de%20curso%20e%20vira%20alvo%20de%20piadas%20%7C%20Pol%C3%ADtica%20%7C%20iG&c7=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&c9=
content-length: 410
x-amz-cf-id: SXwpBm2kWvV6fVQfG3U06p1yNnAH8AeY2wpg1OwGmhA2GBUZhUf7bA==

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 20ms
19ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 12:46:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
415 B 30ms
16ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ultimosegundo.ig.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

1ba1379142cf56bdeb04a51cab3a341bfea9e6e7612b845d8da6419c3c686fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 12:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 390
x-xss-protection: 0
expires: Mon, 29 Nov 2021 12:46:43 GMT

GET
H2 200 prebid_4.28.0_roac.js Show response
i0.statig.com.br/publicidade/prebid/ 205 KB
65 KB 22ms
21ms Script
application/x-javascript 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i0.statig.com.br/publicidade/prebid/prebid_4.28.0_roac.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5J8MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829c2d63292a922e20c5ccd6befb457396af06a466ab2829401bc175035bd2b8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
content-encoding: br
cf-cache-status: HIT
age: 4647
cf-polished: origSize=210421
x-url: /publicidade/prebid/prebid_4.28.0_roac.js
edge-control: max-age=7776000s,downstream-ttl=7776000s,mobile
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 [FBAN/FBIOS;FBDV/iPhone12,1;FBMD/iPhone;FBSN/iOS;FBSV/13.5.1;FBSS/2;FBID/phone;FBLC/en_US;FBOP/5]
last-modified: Tue, 02 Mar 2021 19:45:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cf-ray: 6b5bf0c2d8ecc286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1777286125&t=pageview&_s=1&dl=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&ul=en-us&de=UTF-8&dt=Deltan%20Dallagnol%C2%A0faz%20promo%C3%A7%C3%A3o%20%27black%20friday%27%20de%20curso%20e%20vira%20alvo%20de%20piadas%20%7C%20Pol%C3%ADtica%20%7C%20iG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=245814266&gjid=1785428505&cid=95513423.1638190004&tid=UA-57681377-1&_gid=451281687.1638190004&_r=1&_slc=1&z=1254274452

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ultimosegundo.ig.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ultimosegundo.ig.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/ig-internetgroup-network/ 3 KB
2 KB 35ms
6ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/ig-internetgroup-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ig-internetgroup-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f72b1f9ce83feba0b7861a613253f154c24ae9d37adc192422aafb0df57eea0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 0JAhba5EF4QxHeKFtQG4ZxsNTns6ExVg
content-encoding: gzip
etag: "f36c524526bf3d0a83ea4d658530e6ae"
age: 252
x-cache: HIT, HIT
content-length: 1181
x-amz-id-2: 71/tdIuFd3CpviLfDjCs2sVm94QdLGI2s9wp/SrX3RdEuczs10ATcy0Q5puD7cLMdTE7eheD2PY=
x-served-by: cache-lax10628-LGB, cache-fra19139-FRA
last-modified: Wed, 26 May 2021 11:00:37 GMT
server: AmazonS3
x-timer: S1638190004.720132,VS0,VE1
date: Mon, 29 Nov 2021 12:46:43 GMT
vary: Accept-Encoding,,
x-amz-request-id: W92ZYK40H066WW87
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20211128-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 612 KB
125 KB 7ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ig-internetgroup-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 69e18acf4210e512378ef9ce202aa504c46cf34e1abc492bf676b86a04edd00d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: P.nXZjlFTs_U2jwD6fK3jkKBPgfYRXnH
content-encoding: br
etag: "be487557bb3abb211a88a34cd405ee8f"
age: 10249
x-cache: HIT
content-length: 128142
x-amz-id-2: xtL5HT6+PJTHXbm53o/SP85AE9UYVXC2jWLv3E3Xa97xAxdYXDeKfwVS4MB4w9BlzUUenN+wqRc=
x-served-by: cache-fra19157-FRA
last-modified: Sun, 28 Nov 2021 09:51:21 GMT
server: AmazonS3-br
x-timer: S1638190004.691564,VS0,VE0
date: Mon, 29 Nov 2021 12:46:43 GMT
vary: Accept-Encoding
x-amz-request-id: CJQX1SGGGES6YYVE
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 94
x-cache-hits: 42234

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 46ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-57681377-1&cid=95513423.1638190004&jid=245814266&gjid=1785428505&_gid=451281687.1638190004&_u=IEBAAEAAAAAAAC~&z=1011202481

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ultimosegundo.ig.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 29 Nov 2021 12:46:43 GMT
content-type: text/plain
access-control-allow-origin: https://ultimosegundo.ig.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/ 161 B
251 B 732ms
722ms Script
text/javascript 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/
Requested by: Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.19
Resource Hash: ae8fc06de3bf41915d227c897a89b47a0f32a3a75c09dde8d39ea1dc27d95318

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.19
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript;charset=UTF-8
cf-ray: 6b5bf0c37d092bce-FRA

GET
H/1.1 200
OK ad Show response
webservices.webspectator.com/ Frame 45AE 194 B
590 B 107ms
107ms Script
text/plain 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/ad?auid=1295359&sz=%5B%5D&pl=%7B%7D&dm=1&ci=0&is=0&piv=100&ts=1638190003754&cc=DE&rc=unknown&sid=F3F8B8AE990D91F6&ct=%7B%7D&s=4298
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 1195918f381f5acabbf5d1f73e0330b01a579b612c5dcd15bcae3d79115866e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:43 GMT
Server: WildFly/10
X-Powered-By: Undertow/1
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 194
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ad Show response
webservices.webspectator.com/ Frame 09DC 194 B
590 B 208ms
108ms Script
text/plain 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/ad?auid=1271350&sz=%5B%5D&pl=%7B%7D&dm=1&ci=0&is=0&piv=0&ts=1638190003762&cc=DE&rc=unknown&sid=F3F8B8AE990D91F6&ct=%7B%7D&s=4298
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 85afb8f06c5a04978df28e7adaacee7ba0648503776d34b3dc75c47452df67f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:43 GMT
Server: WildFly/10
X-Powered-By: Undertow/1
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 194
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 177 KB
48 KB 35ms
21ms Script
application/javascript 2606:4700:3039::6815:c0b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/2f5406a2-50b6-4140-806d-6ae9985e6d11.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c0b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be339f8baf147b9c343cea4d6685a909c02f1c1ad17707eba82b30a19f5d20d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6538
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 14:56:03 GMT
server: cloudflare
etag: W/"f84e396e53447934e53d2fa134468530"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wddw4ayG5vz95VEKwiraGRmYBnhilQclvhWYhr045ihJGvyxh9gCiKaoW3nUe0OeRn%2F%2FE6mxqcvzmwoDB9IXX3Pif%2F2UXyU21daH65%2BPc%2F61eutTji0v%2FOlMXF2qw%2BksTcLSxx1e6mo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
x-amz-cf-pop: FRA2-C1
cf-ray: 6b5bf0c398c50eb3-FRA
x-amz-cf-id: TQrLlDn_EeJekpCMe-zy_89s3UBCNjo4nhmgiZ1ktUW8DoSNXmEycQ==

GET
H2 200 48973.php
sender.clevernt.com/transporter/ 43 B
353 B 157ms
52ms Image
image/gif 148.69.64.76
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sender.clevernt.com/transporter/48973.php?ppuc=0&ppu=0&id=0&ref=aHR0cHM6Ly91bHRpbW9zZWd1bmRvLmlnLmNvbS5ici9wb2xpdGljYS8yMDIxLTExLTI4L2RlbHRhbi1kYWxsYWdub2wtZmF6LXByb21vY2FvLWJsYWNrLWZyaWRheS1kZS1jdXJzby1lLXZpcmEtYWx2by1kZS1waWFkYXMuaHRtbA%3D%3D&ruri=&r=771567412&tok=33419711310201791433&op=called&wn=null&res=1600x1200&ts=0.004&cc=1&iv=-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.69.64.76 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS: are.clevernt.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
server: nginx
content-type: image/gif

GET
H2 200 pmk-202010011.2.js Show response
widget.perfectmarket.com/ig-internetgroup-network/ 99 KB
27 KB 7ms
7ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/ig-internetgroup-network/pmk-202010011.2.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/ig-internetgroup-network/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 307f81c7e43cf8160605495ba9994bb30dbe60df8e62cfa635e5a29ba455f2dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: Kz6uPdxPFvpDI7ByZOW9SXbUeX0xqC8Q
content-encoding: gzip
etag: "e8c6fe6328a48a94f9e9dbebb5a1fa94"
age: 961160
x-cache: HIT, HIT
content-length: 27706
x-amz-id-2: omkbzb1jUU0x4Q+6rFO9QlwsF3mOBAG13pf+E3KaTm77sICczrnmm85DiMkMcv36V0Zo2sAC+O8=
x-served-by: cache-lax10651-LGB, cache-fra19139-FRA
last-modified: Wed, 26 May 2021 11:00:36 GMT
server: AmazonS3
x-timer: S1638190004.769785,VS0,VE1
date: Mon, 29 Nov 2021 12:46:43 GMT
vary: Accept-Encoding,,
x-amz-request-id: VGSWCNEJ503FVPNE
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 2, 1

GET
H2 200 configdesktopv5.js Show response
i0.statig.com.br/publicidade/prebid/ 92 KB
4 KB 18ms
18ms Script
application/x-javascript 2606:4700::6812:1676
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i0.statig.com.br/publicidade/prebid/configdesktopv5.js?v=01

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5J8MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1676 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5cb401cc56565442f671442427b0258f8520eaa52b470be469e8bc7059e4b8a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
content-encoding: br
cf-cache-status: HIT
age: 6357
x-url: /publicidade/prebid/configdesktopv5.js?v=01
edge-control: max-age=7776000s,downstream-ttl=7776000s
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.2 Safari/605.1.15
last-modified: Mon, 26 Apr 2021 17:55:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cf-ray: 6b5bf0c3a9f9c286-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 51ms
29ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-57681377-1&cid=95513423.1638190004&jid=245814266&_u=IEBAAEAAAAAAAC~&z=823668942

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 53ms
31ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-57681377-1&cid=95513423.1638190004&jid=245814266&_u=IEBAAEAAAAAAAC~&z=823668942

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2f5406a2-50b6-4140-806d-6ae9985e6d11.json Show response
osp-assets.pn.vg/ 11 B
1 KB 58ms
22ms Fetch
application/json 2606:4700:3039::6815:c0b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://osp-assets.pn.vg/2f5406a2-50b6-4140-806d-6ae9985e6d11.json
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c0b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
access-control-allow-methods: GET, HEAD, POST, PUT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 357755
cf-ray: 6b5bf0c45c336977-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11
x-amz-id-2: mYbrg60qIGjcTsO6FCHKwL3+SD3w0DaA3imS1vU0PuxjUM3wX1cTHVIl6TNvxmfkhJI563dAj4U=
last-modified: Fri, 26 Feb 2021 16:57:12 GMT
server: cloudflare
etag: "e0234245cb00aa260ccfa99a9a0b235e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FGS%2Bak1uoEVTGbHkPTk417rfkM43QtgOVP5mAwCXoTxyLXLFkwj3BwIuCsikDj6AHY4h3%2BJVGMPsxqdEJ6v8uZjv1MB6oYnT3yL0rbrxsJYU4HJa5BkjcTry3FOLJYuDp2KA%2F23didJ%2FpVMcTi%2F"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: KSCTV2V711H5ZSX2
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/json

GET
H3 200 pushnews-sw.js Show response
ultimosegundo.ig.com.br/ 62 B
613 B 32ms
32ms XHR
text/javascript 2606:4700::6812:1d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ultimosegundo.ig.com.br/pushnews-sw.js

Requested by

Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
content-encoding: br
cf-cache-status: HIT
age: 220
cf-polished: origSize=63
x-url: /pushnews-sw.js
edge-control: max-age=60s,downstream-ttl=60s
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
last-modified: Mon, 29 Nov 2021 12:26:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Mon, 13 Dec 2021 12:26:44 GMT
cache-control: max-age=1209600
cf-ray: 6b5bf0c42945690d-FRA
cf-bgj: minify

GET
H2 200 cookie.html Show response
cookies.pn.vg/ Frame FE2A 5 KB
2 KB 30ms
20ms Document
text/html 2606:4700:3039::6815:c0b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies.pn.vg/cookie.html
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c0b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
content-type: text/html; charset=UTF-8
last-modified: Thu, 12 Aug 2021 17:35:30 GMT
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: I0iIjGOz1oDQop9wM1kApotqTFsuEtF-ildCARw2xkHJwVIKt3lYpA==
age: 4496
cache-control: max-age=14400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfIjjEeFIqzCvKItvATrSPbqF9HSra6tjf4Lh4OCrT4XedVA2E5TOq%2FGay3oiQGkma%2BcgZpjoyNIZYqBIXFcNWMcR77XKixMIw01g83OjN98IbINpn20HZIxmZG%2FBg882xBkKihGtTbKqNUP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b5bf0c47fa85be5-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
196 B 52ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.28.0&cb=321055141
Requested by: Host: i0.statig.com.br
URL: https://i0.statig.com.br/publicidade/prebid/prebid_4.28.0_roac.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ultimosegundo.ig.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ultimosegundo.ig.com.br
date: Mon, 29 Nov 2021 12:46:43 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 358 B
1 KB 113ms
79ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20412&site_id=254260&zone_id=1272960&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&tg_v.sentiment=2698&tg_v.opiint=340%2C293&tg_v.opipro=558&tg_i.channel=ultimosegundo.ig.com.br&tg_i.format=leaderboard&tg_i.position=top&tg_i.div=ad_leaderboard&tk_flint=pbjs_lite_v4.28.0&x_source.tid=9736cf9f-8953-4690-bfa4-a221022f6389&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.3098598776706105
Requested by: Host: i0.statig.com.br
URL: https://i0.statig.com.br/publicidade/prebid/prebid_4.28.0_roac.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 49c132dbc2dfd6a7fc08e685413fefb75cce0896a42ce04aed13ad2866970a00

Request headers

Referer: https://ultimosegundo.ig.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:44 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ultimosegundo.ig.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 358
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 346 B
1 KB 105ms
71ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20412&site_id=254260&zone_id=1272960&size_id=15&alt_size_ids=14&rf=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&tg_v.sentiment=2698&tg_v.opiint=340%2C293&tg_v.opipro=558&tg_i.channel=ultimosegundo.ig.com.br&tg_i.format=mrec&tg_i.position=top&tg_i.div=ad_mrec1&tk_flint=pbjs_lite_v4.28.0&x_source.tid=9cb3aef7-b695-42b8-81f0-b703d714b78b&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.380225441809227
Requested by: Host: i0.statig.com.br
URL: https://i0.statig.com.br/publicidade/prebid/prebid_4.28.0_roac.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d0bdd86697bb017441dbae00908e5824fd6d4c071310e5e52ccebc16463b3238

Request headers

Referer: https://ultimosegundo.ig.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:44 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ultimosegundo.ig.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 346
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 349 B
1 KB 269ms
235ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20412&site_id=254260&zone_id=1272960&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&tg_v.sentiment=2698&tg_v.opiint=340%2C293&tg_v.opipro=558&tg_i.channel=ultimosegundo.ig.com.br&tg_i.format=mrec&tg_i.position=sticky&tg_i.div=ad_mrec2&tk_flint=pbjs_lite_v4.28.0&x_source.tid=dee5861f-d81d-4c09-bd24-162c10ce9938&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.6232306591856671
Requested by: Host: i0.statig.com.br
URL: https://i0.statig.com.br/publicidade/prebid/prebid_4.28.0_roac.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6747e709d3592f6d0e131364774e86e4862dc80836699aa6edbae13e8bd720ed

Request headers

Referer: https://ultimosegundo.ig.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:44 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ultimosegundo.ig.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 349
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 356 B
1 KB 108ms
73ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20412&site_id=254260&zone_id=1272960&size_id=15&alt_size_ids=14&rf=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&tg_v.sentiment=2698&tg_v.opiint=340%2C293&tg_v.opipro=558&tg_i.channel=ultimosegundo.ig.com.br&tg_i.format=mrec&tg_i.position=intext1&tg_i.div=ad_mrec_intext&tk_flint=pbjs_lite_v4.28.0&x_source.tid=10691d47-bd41-45c9-8699-5b5e00863e5f&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.1361207794449213
Requested by: Host: i0.statig.com.br
URL: https://i0.statig.com.br/publicidade/prebid/prebid_4.28.0_roac.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 966827e765bea9ab0891604038f47128e807ce4f945d76d6cffc6258f2f92c07

Request headers

Referer: https://ultimosegundo.ig.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:44 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ultimosegundo.ig.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 356
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 470 B
1 KB 43ms
12ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: i0.statig.com.br
URL: https://i0.statig.com.br/publicidade/prebid/prebid_4.28.0_roac.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a87f4a24f4f01835df7934304d45ee8cbdb5a53a38c07a5ff75b882faa6e0c57

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ultimosegundo.ig.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:43 GMT
X-Proxy-Origin: 176.9.22.54; 176.9.22.54; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 57e5f6f8-3aa1-44d6-9622-40c0e25e261e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ultimosegundo.ig.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 470
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 OneSignalSDK.js Show response
api.pn.vg/sdks/ 33 KB
9 KB 30ms
21ms Script
application/javascript 2606:4700:3039::6815:c0b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pn.vg/sdks/OneSignalSDK.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c0b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27cdbc6ceb3c64a6fc6ad32390b513e0ba72f7435ba03f58bc4e8ef3eed48319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Oct 2021 17:40:56 GMT
server: cloudflare
age: 1795109
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=062iXMEMErsNQTx%2BeCs34FMwtetjFTAlgm9xhK7w8yTbCcjl%2B2gec1XqfIsl3WHPZRNHQefGUmrfVib5X1vc%2FLH%2FShfpIKEbk6a2ej2F3pPNl9ORHa0UDN5%2FRTU6o6juIF9lrb3j0UA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b5bf0c4c8305be5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 web Show response
api.pn.vg/api/v1/sync/2f5406a2-50b6-4140-806d-6ae9985e6d11/ 3 KB
2 KB 269ms
253ms Fetch
application/json 2606:4700:3039::6815:c0b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pn.vg/api/v1/sync/2f5406a2-50b6-4140-806d-6ae9985e6d11/web
Requested by: Host: api.pn.vg
URL: https://api.pn.vg/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c0b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8699269a448ef73c4746a2bd7ac33a8b04240431ab7256aec22968652ea92f69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c57-XxekAIlAgSnNgAIotrJE7olsx0E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIn%2FK32Q0OQ2eULGFmqKGYxKDzGWdMuu0rv3%2FIYkj8b9baTy2ECCi%2BpLmPUts%2FoTcr8csw%2F1SWuNh6eiBXQfKhP7oDleYrTuYW4Z3R9yu8aGfBQg8tooRdIxy%2FVsST%2BXRgb8kLQUmkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-exit: success
cf-ray: 6b5bf0c509a34a68-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 37ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ultimosegundo.ig.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 35ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ultimosegundo.ig.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 90 KB
30 KB 557ms
557ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1534574278929309&correlator=2440188248694934&output=ldjh&impl=fifs&eid=31060979%2C44752540%2C21064365%2C31061030&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=21737107378%2CIG-PUBLISHER%2Cultimosegundo.ig.com.br%2Cmrec%2Chalfpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F5&prev_iu_szs=320x50%7C300x250%7C250x250%2C320x50%7C300x600%7C300x250%7C250x250%2C320x50%7C336x280%7C300x250%7C250x250%2C320x50%7C336x280%7C300x250%7C250x250%2C990x100%7C970x90%7C728x90&fluid=height%2Cheight%2Cheight%2Cheight%2C0&prev_scp=position%3Dtop%26format%3Dmrec%7Cposition%3Dsticky%26format%3Dhalfpage%7Cposition%3Dintext1%26format%3Dmrec%7Cposition%3Dintext2%26format%3Dmrec%7Cposition%3Dtop%26format%3Dleaderboard&eri=1&cust_params=nvg_sentim%3D2698%26nvg_opiint%3D340%252C293%26nvg_opipro%3D558%26key%3Dlavajato%252Cdeltandallagnol%252Ccombateacorrupcao%252Cmpf%252Cblackfriday%252Cexcoordenador%252Cesta%252Coferecendo%252Cdescontos%252Ccurso%252Ccombate%252Ccorrupcao%252Cdeltan%252Cdallagnolnbspfaz%252Cpromocao%252Cblack%252Cfriday%252Cvira%252Calvo%252Cpiadas%252Cpolitica%252Cdallagnol%252Cfaz%26domain%3Dultimosegundo.ig.com.br%26section%3Dpolitica%252Cnoticia%252C2021-11-28%26author%3Dagenciaoglobo&cookie_enabled=1&bc=31&abxe=1&lmt=1638188944&dt=1638190004211&dlt=1638190001791&idt=2001&frm=20&biw=1600&bih=1200&oid=2&adxs=1127%2C1127%2C460%2C460%2C305&adys=880%2C2373%2C1658%2C2504%2C181&adks=3366393260%2C2875099059%2C2762808202%2C3663963102%2C2075314916&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250%7C300x250%7C909x300%7C909x2533%7C1600x120&msz=300x250%7C300x250%7C909x280%7C909x280%7C1600x90&ga_vid=95513423.1638190004&ga_sid=1638190004&ga_hid=1777286125&ga_fc=true&fws=516%2C516%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600%2C1600&btvi=0%7C1%7C2%7C3%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

0a0fbe801018e3e13cedde3c9f8af4bf907175785b019b3e08a901df08a4d3b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31048
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ultimosegundo.ig.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 49ms
21ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e078334ed45ae6772a8f19f6e0e33bce3eb7036b07b5003fb435f37bb2aa0909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9134
x-xss-protection: 0

GET
H2 200 container.html Show response
cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 14CA 6 KB
4 KB 64ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 12:46:44 GMT
expires: Tue, 29 Nov 2022 12:46:44 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK blank
webservices.webspectator.com/ 0
248 B 107ms
107ms Image
text/plain 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webservices.webspectator.com/blank?appid=2589&auid=1295359&acid=473&iid=m0915986f5b7788a504dd27a894d50ef7808054c9c2&is=0&m=0&ts=1638190004230&s=4298
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:44 GMT
Server: WildFly/10
X-Powered-By: Undertow/1
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 22ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 29 Nov 2021 12:46:44 GMT

GET
H/1.1 200
OK blank
webservices.webspectator.com/ 0
248 B 107ms
107ms Image
text/plain 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webservices.webspectator.com/blank?appid=2589&auid=1271350&acid=473&iid=p0c5344fd106598f5849a379530ad96f352b4a5e9b8&is=0&m=0&ts=1638190004272&s=4298
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:44 GMT
Server: WildFly/10
X-Powered-By: Undertow/1
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame CB08 12 KB
5 KB 23ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 29 Nov 2021 12:40:52 GMT
expires: Tue, 29 Nov 2022 12:40:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BDCC 783 B
536 B 34ms
17ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9fd2f28fdd0dfef7165c579f553505f034a9ffb2e622e5a27ee4afdf2b89b502

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KpRL4zFUv/d0ZLQbwexT/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 29 Nov 2021 12:46:44 GMT
date: Mon, 29 Nov 2021 12:46:44 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-KpRL4zFUv/d0ZLQbwexT/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame CB08 35 KB
13 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BDCC 0
0 67ms
55ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=1534574278929309&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2

200

/ Show response
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame D7A6
Redirect Chain

https://sender.clevernt.com/transporter/48973.php?ppuc=1&ppu=0&id=502269&ref=aHR0cHM6Ly91bHRpbW9zZWd1bmRvLmlnLmNvbS5ici9wb2xpdGljYS8yMDIxLTExLTI4L2RlbHRhbi1kYWxsYWdub2wtZmF6LXByb21vY2FvLWJsYWNrLWZy...
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443

4 KB
937 B

129ms
119ms

Document
text/html

2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Requested by: Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef39163cbbce50a84efc0cc838809c6e4e2ac01993727913a59f3463e100b579

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-type: text/html
x-amz-id-2: Zi8wFThR0hzwqbsQ8KzaV3gIRxftJGEmcYiLhnc9PIF6yRRNisBr9tgkac+aRtFU3C0Qde5hZs0=
x-amz-request-id: 86DY877BRWE4JP82
last-modified: Thu, 21 Oct 2021 14:06:38 GMT
cache-control: max-age=1800
cf-cache-status: REVALIDATED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b5bf0c87e212bce-FRA
content-encoding: br

Redirect headers

server: nginx
date: Mon, 29 Nov 2021 12:46:44 GMT
content-type: text/html; charset=UTF-8
location: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
expires: Fri, 27 Jun 1986 23:00:00 GMT
last-modified: Mon, 29 Nov 2021 12:46:44 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6942838852beb0146636ff0e659ab7e963bc73dbdbdcef79cb33adca54bf900

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=1534574278929309&bg=!uLulu__NAAZQLpa_UC47ACkAdvg8WuPaun-VE_8kDKj5VnbbzZ24zmRp9-c7z4tiFq7g0-txNb0VhwIAAABVUgAAACNoAQcKAMMgn_CTDFl9ZgBJr78Wh7sfpeQW3Oph5BaQ-S9_5wLK5V6b9OxdP-JqZ01F9IC5x00z8T-yy_A0R4OzEn8DWRmmdW-hWIgdjhAdBpnOt1ypY63MdpCLD1bj4f1rLy1eBMw-9sDtPpg7-9PH4_PUy3u5J67ClMkGSpNUjVLKTkpRyOUDNGzCiweHgWxikYQ5jVXt8M3TPHrXKF2ECp00jOsR9L5lIfJbOM9f5YI2_t5qs1NGIcJon8iJMWACq2MEnQLzj1SZApPzy-Kwubj4tN1_S7Iox6o3y4vGP40zE6yzekhTlvak88YRAdK7op31HBUf5K2yFrKEoTh_oMGRZWw-tbIJp3lBAIA-yDanOrR5J6dqhqE_CxFk0TNJIE6SWOSJYAVnjL5vJka5icquCcEV2I1I8CuMCvlORxPPxOpOGiRZQ_Uyp_FWw1mNhR69VW-VjLHQPbWbndoqR39kTw6-dyzvsZHxSShL4i_Y3dpCrcpqFpjD3vjbwhMWdUs5NcTnnjAQ7PD6IZKZeDliufp6CIzge_SIHd018NFrlnBh56siMcrwRgIWV3RfJoDLJQQZw6Rk-klbcB2w33KQNrYXqfrU0-YkGb5wooyEpkItpM707afnlqxH33XVgofYwZrzMTE0tHcvo2jpBSPJStk8qr7ILzYtUjvw1MZmEnGb8V0m4lkV0zyru_GHTD22VbDf_PmWMYDcSYqAJkdXy__8iftbifDrFyOiObmbXaEAUmVkr1OoUSOxMb0DT3CIYTkbMuVveNwS3bG6Q5dsbOII_1VuNQEGUqt1OdfbXlTlJAVW7zCT9TNb9eQfGHvY20D7eqthKYbV5hD2qj6_CtnkIk9YdgF_LpFsfert6Z3GiYVeWSWoHhi_ddbZ0fJvFwaQSNZCF_v75VxiQryAuQ0jGgniTrPXwx_8Nt1_4SI14oJguuBecLRmviwmoGCXxvDvXYsw7oauud823w-hSL4gxtkc8eR_TwR1WMFLoI2tZVRjSCGDp5zq4IkzgokeYYrOPrAxkW63gU5C0sMdlkFBlgzxNoaTucA4WrYhaStwBpeYaD2GZ33Wi48rF9gzRYW__gVU-CPHPeVEt2BezLnZA8MeoPcQ2jL7L_U9UXfhWemHaG9iNaFBfQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/ig-internetgroup-network/trc/3/ 44 KB
12 KB 703ms
697ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ig-internetgroup-network/trc/3/json?tim=12%3A46%3A44.600&lti=deflated&data=%7B%22id%22%3A649%2C%22ii%22%3A%22%2Fpolitica%2Ffora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1638167361771%2C%22vi%22%3A1638190004598%2C%22cv%22%3A%2220211128-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Foglobo.globo.com%2Fpolitica%2Ffora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6176%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22organic-thumbs-feed-02-mp%3Aabp%3D0%22%2C%22uip%22%3A%22Most%20Popular%20Thumbnails%22%2C%22orig_uip%22%3A%22Most%20Popular%20Thumbnails%22%2C%22cd%22%3A3604.46875%2C%22mw%22%3A924%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A3604.46875%2C%22mw%22%3A924%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fpolitica%2Ffora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574%2CBelow%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%2C%2CMost%20Popular%20Thumbnails%3Dorganic-thumbs-feed-02-mp%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2f8e1830268c54658f9fb3e47c8b76fe6d89b0b8193cb42c85fb1058c470299c

Request headers

Referer: https://ultimosegundo.ig.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 691
date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
server: nginx
x-timer: S1638190005.610442,VS0,VE691
x-served-by: cache-fra19157-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://ultimosegundo.ig.com.br
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 style.css
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame D7A6 11 KB
2 KB 39ms
38ms Stylesheet
text/css 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 122c68ef5b96850581f49f5a40038c8b540df6f61fb1050a579396326ed19898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 743
cf-polished: origSize=11951
x-amz-request-id: 53ZW9N5SMH0BRGB4
x-amz-id-2: T++oy73QAN6g4uQdhRmuobMgS55wpGRiG6U9Vda7fnCBdt5QUccpDEqZnO9T1RIhRit6zclD5Ss=
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
etag: W/"833f25b02f9e17296087a44433aecf14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 6b5bf0c94f922bce-FRA
cf-bgj: minify

GET
H2 200 ad.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ad.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e751e48f4e7ea27901a50cce0a3e5b695ede7cab50058c4cc51c4a7435d02b7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 722
etag: W/"479e7dbe9215ddc11cd4defff4f3eb85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 6b5bf0c94f962bce-FRA
x-amz-request-id: 53ZKVAN148RF9581
x-amz-id-2: NVSHnQlnk3SGZpYm4sOcEqq0X8g9hgnMJnRgApo80a/DbbS4yJao0UDcwOUjNKkeaS71flGz1N8=

GET
H2 200 logo.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/logo.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 722
etag: W/"89cc1efb4630095200908a2c0e01275c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 6b5bf0c94f9f2bce-FRA
x-amz-request-id: 53ZHQQ8Y8B8FR54J
x-amz-id-2: U4jnoidPqxdZ/DZJvTowIQTcM9wciHqoICd9ubzomZx4ZGw61JogTievRbwxzVLKuetBl0VesNo=

GET
H2 200 copy_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 12 KB
4 KB 27ms
26ms Image
image/svg+xml 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 722
etag: W/"48521ed69677855391819664023f03a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 6b5bf0c94fa02bce-FRA
x-amz-request-id: 53ZW0KD667AQVSSX
x-amz-id-2: QHs+m8EQ7AfW+o+s6K2nHMgTD2Cb645/UzWzJQEeM62I3AD+/TXebO96BKa59UsWSr7UfSL6X/E=

GET
H2 200 copy_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 12 KB
4 KB 20ms
19ms Image
image/svg+xml 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 648
etag: W/"b021ae3bd30deb5a02a9d0476e269ae5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 6b5bf0c94fa12bce-FRA
x-amz-request-id: 53ZYC4RPJQ99EGFA
x-amz-id-2: uYg9Z+0JbAOD3wMUDJcGVIvG+2cV1+PJLVCUqrE30U8zihDx8cqRKcTFNsvB7sQHxPM5NHhuyig=

GET
H2 200 copy.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 12 KB
4 KB 31ms
30ms Image
image/svg+xml 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 658
etag: W/"6a14ab0d467b44cc536dff1c855843d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 6b5bf0c94fa22bce-FRA
x-amz-request-id: 53ZMHM6YDFST7Q3A
x-amz-id-2: wYnd7zZnGhkAy7qwvJPlQKs6hLqA1rvuQgbuVGvIbNb6iXQ11rK/2vOM7psH+JeK7p4rSCym9Nk=

GET
H2 200 copy2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 5 KB
2 KB 18ms
18ms Image
image/svg+xml 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3361e91435c8d8a10b7ba8e447fdb9e8cf94681182d2ce70a59dd3fb56dfca5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 648
etag: W/"beb4ce05eda61995a0eba82cbef0fb8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 6b5bf0c96fc92bce-FRA
x-amz-request-id: 53ZH2F0MF4QGZ5EX
x-amz-id-2: IXDq/ZTWAJxA+LJNdTfwMFhJLp17IixiRE7hhcXd+l/Q0aWGQWqyvpoH9kwuvx6h1UaWhJznRZU=

GET
H2 200 copy2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 5 KB
2 KB 25ms
25ms Image
image/svg+xml 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 658
etag: W/"5dafc545e73be5464256dd78dc118a9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 6b5bf0c96fd32bce-FRA
x-amz-request-id: 53ZW307WP3GQQXW7
x-amz-id-2: tnpEo4nrFHgCMVJnydlE7d/mozt/5QiSUzFCbD7RjrNFNeRDiruVrZX6wl0eEEr8iU3/CNKKBqA=

GET
H2 200 copy2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 5 KB
2 KB 26ms
25ms Image
image/svg+xml 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 622
etag: W/"dc43a4e11b82fa41efb8bdc2acd73425"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 6b5bf0c96fd52bce-FRA
x-amz-request-id: 53ZY9QRXC6D564A7
x-amz-id-2: 9kD9ayG7LZcP+DMmbtkF5iiteo+c7J23ptU7Ed39G/ZXscHHn0TCFWXhQCNtK+c8bcBuRikRkeM=

GET
H2 200 copy3.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 6 KB
2 KB 30ms
29ms Image
image/svg+xml 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy3.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 24 Oct 2021 18:06:11 GMT
server: cloudflare
age: 622
etag: W/"9048820dc635dbe10d09725e919ba54f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 6b5bf0c97fe92bce-FRA
x-amz-request-id: V05J8RBK2TV4Y0WT
x-amz-id-2: suY/T9z7Bf6mMByvjUBKdUmx0aRb2sotOVgVAP6VynYbYy043PDlTCWFncE7Ca20N414yMKNIYk=

GET
H2 200 cta.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 3 KB
1 KB 24ms
23ms Image
image/svg+xml 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/cta.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Nov 2021 20:51:10 GMT
server: cloudflare
age: 622
etag: W/"b26d0f732978180e7c2480406f97e7f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 6b5bf0c97ff82bce-FRA
x-amz-request-id: WNSW1EEPZPEBPWK3
x-amz-id-2: ZWh/D2/d9sqOzOaYf2ycQFg+tDjppQNuDiJSCks3EGIkW4Prsv0sRS0ytc6Qmj8HUe0l/RJQetc=

GET
H2 200 legal2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 12 KB
4 KB 23ms
23ms Image
image/svg+xml 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 622
etag: W/"22316355cfe04cd150c2b810a54167a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 6b5bf0c978072bce-FRA
x-amz-request-id: 53ZVGPFQXVFGSYKX
x-amz-id-2: IYHuYk9ZTN6HT6LKESfu+0adOeAxh9xsLfgtRs0FkLqLSh/5kNfCeVGOIEzpGbEtpGT+VIQw2xc=

GET
H2 200 legal2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 33 KB
6 KB 33ms
33ms Image
image/svg+xml 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 14:24:34 GMT
server: cloudflare
age: 694
etag: W/"19cfc2171558b226e44590caa30ac756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 6b5bf0c9880a2bce-FRA
x-amz-request-id: 53ZV3NSW4PV1EH37
x-amz-id-2: Y07LfUqFKN+QRgj9IyF4bcit9AyqwjNEB83lTkkQcNGeJp+CWvW/L0zD+HdVww+b3HJKtZDThR4=

GET
H2 200 legal2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 33 KB
6 KB 25ms
23ms Image
image/svg+xml 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Oct 2021 09:56:20 GMT
server: cloudflare
age: 694
etag: W/"a33282a0f66d9e18e14ed6c9fa761dd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 6b5bf0c9982b2bce-FRA
x-amz-request-id: X293ZEWYTW501KYZ
x-amz-id-2: 4iwingo8VWRQpMBxYl1BUGrWxNuC+Cmc4e43RwhIwr5UbeTHM3qqW4BWbG9aQeU5a/CMJktu4aA=

GET
H2 200 rocket-loader.min.js Show response
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame D7A6 12 KB
4 KB 9ms
9ms Script
application/javascript 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 17:32:49 GMT
server: cloudflare
etag: W/"619bd441-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6b5bf0c9982f2bce-FRA
vary: Accept-Encoding
expires: Wed, 01 Dec 2021 12:46:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D7A6 8 KB
723 B 30ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af3e5cfbec7a3ad4f4f5ae7f38bd6e857fb46b79a4851ed6084f32adcd327363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 12:30:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Nov 2021 12:46:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Nov 2021 12:46:44 GMT

GET
H2 200 clever.de.min.js Show response
lp.cleverwebserver.com/bet365/js/ Frame D7A6 9 KB
4 KB 21ms
21ms Script
application/javascript 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/js/clever.de.min.js
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00970443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 28 Nov 2021 12:44:48 GMT
server: cloudflare
age: 28
etag: W/"f608a5d30dd77ed8de7ceb968e854f04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6b5bf0c9a8682bce-FRA
x-amz-request-id: EKRH5GHYYD8A6S3A
x-amz-id-2: 2WkfnN2E6St3kVkAiC1DNL8Y8z8aQSPYnuICq9+cdJTjg+r8knJR5EBAIq53PFmqbPsQ8FIy4LE=

GET
H2 200 720x300_15.gif
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame D7A6 137 KB
137 KB 31ms
31ms Image
image/webp 2606:4700:10::6816:4c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/720x300_15.gif?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce675305ed291e79fb12c03a16372057a9cdf3335c0cab0073a74794f0b2eff7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
cf-cache-status: HIT
age: 1510
cf-polished: origFmt=gif, origSize=168554
cf-ray: 6b5bf0c9c8912bce-FRA
content-disposition: inline; filename="720x300_15.webp"
content-length: 139996
x-amz-id-2: q8ZL8xhaMRlzFHonfWKjHETKVO/pG39NOKpjNXlcZNBx5/gnN9XrbQCf5tCwZxeyH9Uu+b+HoWA=
last-modified: Mon, 22 Nov 2021 12:29:12 GMT
server: cloudflare
etag: "503e03b4702e9932ca054a4545d4320a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: KNB9Z6KARTCTM3HY
cache-control: max-age=1800
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:100,h2pri

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame D7A6 44 KB
44 KB 20ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.cleverwebserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:57:38 GMT
x-content-type-options: nosniff
age: 420546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 15:57:38 GMT

GET
H3 200 container.html Show response
cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A081 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 12:46:44 GMT
expires: Tue, 29 Nov 2022 12:46:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8AE0 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 12:46:44 GMT
expires: Tue, 29 Nov 2022 12:46:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BDB7 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 12:46:44 GMT
expires: Tue, 29 Nov 2022 12:46:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D410 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 12:46:44 GMT
expires: Tue, 29 Nov 2022 12:46:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8805 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 12:46:44 GMT
expires: Tue, 29 Nov 2022 12:46:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET

/
localhost/ Frame 9D55
Redirect Chain

https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_00970443
http://localhost/

0
0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 23BB 624 B
340 B 41ms
19ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiQgJeTATAB&v=APEucNVOxM0VKhwpQh8DKexjrVmfeCIw7AO3oqgesZkJ4ARDjXD8BeSRJArPAop2N55B6VUpW_eKL6AksJAoHfqnYUzEC6Bv_uE99jWaZoJx5Ex2pijWM0U7UhqdO0kAHgUNyaqMvVG1dkyfgZmn-KmrVEcTpmz-NLUvrgj_DiLMBEWicjOWvQM

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Nov 2021 12:46:44 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A081 25 KB
15 KB 60ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAg4VcJBJ5p501la1r9vy-ZVBvdIxK0VHT4aMCyxN-cidcmE-A-l_dC8VI3iQyzfvDkGOVI8aWdt6c3KLc3q3SFPSdXA5uJ8WkOfHDNwBA1fCxsN64PJZoI3Xls3lCnr4n7Csv-IDuUcx9JhdfUTdarzIeWg&cry=1&dbm_d=AKAmf-BQ46_c9NS1FvS3P3D_b1xiI8B1NzO0XlsPN3hv_3q-l44VDjEz0gaPRr4ikid-tuQspyM8rSHaUcWLekN5JjHvkGQxGjXmL8mJPmCbK2o_kq5PA2pMP4y6gLY7TAyaCMAHHr2h14WOg4QuUCTepJgf0FekZs2Ri-fwpiGorzfDcmWyUTY95VlY7aBysY3uYKLGrj6DP6C96R9fWX9SfnB3qFjHgGVcu1Fi1oP_UoSkpBgqdNVCpJYrws4iSQrYkcqZq-mXGgtvf1uV9J_Q4xJDOgTAAfqxEFvm7mBw0P8bCFDBZFMyTyX50Ip17xJmtmlR4GNQ4WNLyAIGW3yB_0c2ZOj6voukgFRvMbdbJbzUzLDAopAMZDRgphPTwPaiW628mLpjbKenI4tfYmFdodiMifrCXKFq-I5e-aCJVZxvUKBhMMKEvkdrmhtrvuHQZodQD_1fKzLduwq22-Js5eKJdUtqh0aqiq1_Il3kG550zGXcjV0AxfTbmhLnt_G6vvjaAg0dD-nbv2APiI2FbRZZFeVIK3zaurBEtT_g0xFiVTiAs9FgXXXWdpoepKKBFda3fqwqlB2Pi4GXppw346i9UU6j03POCyTCVBEb0LaucW25kS8jU1fZnu7Q6JtMC8NH_Xrrcfh-D9EvoYM_tfEjgUjayqNacPY-10KMsEtwnXyQNflQdcku0DJOrH1ca4_OKD281qHd8dMT1gbZUhH5GoMs8hIDu4IvasVUL5IXu2oYmpTTJ1SBg4XJHHNixAyu_beF1SwqGeVbW8_nbGc-QTYd5zIyOX8Qd0T1SFocI4-Zal8-UFy1EmL7YM8bP7NB8jycgcBhxXuwS9SRwcEZOjZG-kV2-qZKwPFWrd9sNpcB-pWOLanPNqTlAhtWmoDc495EZtH_gqv5w78CJb3oJ9ZXXfyWp1frRWOjD0SS48cWx_iHBuDARKlFWmYRUicsJVxZvTHfNmcITQ2LuKF49LyFoZ0Y4rTf5M57DH6rKC04kuNcDIjrQ4taTuZc5Lxs7QhGFPGTSqlideue_veyH_RU-cn1on3es-LT_dAPmQntoVqXyWKHbQz1gNDT72BO3ku7sBg95qln6_emSQp7fe6RV8PP0XyHkm2SocYwuapr5dmNboS18ao0zMxDJqb6VF3qPwrgAUl0M2BWvvjZaPmuMHbv-L8jCQQXKY1zk1bvMjN-Mye3c2I8856kXxxCv9Pk-BgsDAOHCKStffYiNfrBbwoJjazYB-c4PzjCmLKiS_btc4l8aO7e6NzVy1SjUVgZBGiJhW50Wmo9y_xXrI_TXTF1kPoNiBfvDB8qO1lFOEHvb0JYLHS15wY-zcSPrauIA7sz30cTgHQHbUCs8nKeR8EAOjV4Ndgfzqy08qDHuk98tqPh6r5IyWMnWckqMH0ZJ9ARbGX5DSw7zab1cfRFsaaZRk3b6iDfcxUxBAptwLQkq8RVPdbUAuyPhwJnETKn7CRwgFKL8ufJ1yBw5ajRklAG75BM6kUb8SPqG4tf5z5zrswHyo_nbPMoWKmkaZH6Bt9bnDZ2TvSgsJA3SnUqU8mxHYUQ3wSClZgce3uiE0miOSmQOh__9OF5q8GbjDWtsmpjTtmLJftaMVpg_muD2yiu9gW8wvsKVDyj-bfFHUgn16K2iY1r2xhNpCNfadiNPFWd47uNKL4EGSLNn5-9jeAU1njbSw4NuIud1L8wbHhlAUw9V8A8fluHjg39kmlA85-HlGyqNKgPnxKQrliRPCM58TG1DoQoJo9sy6kzqczPLXyGalfG1FTU6jSgkQp8q_MuK4tv7zqa-4UwIg-Rrn5R81rpVlWexe0-Kdl-yRt9bhDq-LoAbF0UD60QBnzn9hz6ya79lojtDirj5o9_8Tt9k_Pr1sy4Jtf-mnXnn7yq4cwA7p-pQ1RwBNU_gYD4iz6xnGTEyHEbtPsoYePpvjKadJlpkswxDws0M2bfTdl0VsZC5cHeF-Js6yZBlOwqLaaS75LbSpFthSVmK5cssiWjLH6g6KOMG3cvTCOPRoP_pqaInbEJYILsZxtzCRe928gDZxFy0Zejh1p-EtM2HsZeDScqMYgE3DVDZQB92Ukg-U66o15e4odOGIOz6bDAF1ySv0KgrDOU4SL9RmbjA6iyHEUnw9IgXhHblWaQeMHmhAO02rSUFiczY0kJLWTePZBkdJCyGz26n7EF3zgmUp1aDSEEJohuA5qAnc4ALF4QxbVbV414F4TXrk6PXMsT6xN2zOZU2VTFGxP3rSRRk1cvPONZzFGO01xo4qrFXEuR3sqXy8Dv2M3Nx0v864eaqa5-8Zm9ApbTFuESlZu-gN8AJK_dYDCYocSlM_dDh7P4UQe4h3Y4YBhO48PY8XEBTuqeCX2JqoukLz8MsP2mHYAsUy1gPhoX5vqzZeZ36N90a6wKA9mP1QotkFdAg6YkiyVCQjp_T0OskaB6DEMhtGROyW1lLC0LvZku2SW009CAIxEcX0v9N8ZvxKVjHdl6zz0zs3-4I3Q50pMygQiS-hkJiv6S_a_uLbrfxIuL8TaE2dFHqz0ehG1BBSYIEQSglFWrJy1fdak6DPYCcheFFCiwmXrS-mD0lblXG77vqUsvhJiQO0wiuah-rsQVI8oZS2vn2aGNn3djCEUErk-ccRIK97se1z5H_3hHHi6ZEgLlFpgWqSYLEnFQ4IfuNrVAf8gt0jR2m_rzB7L6w61YCHAj4SKnc6FHuzo0cPuYx5JYR5en_ZFhA1ZUcorWabaUm5oeUZ7ZROMHSJWPexrWk7tdDQGAh6zkDfBTo_PxTK990svSB0jeiY9hI5s9tnKwob6QmM9eGt621Wwv79sx8dn73EJODu2RgvCGspwH7k5aOujxDItLedt7GHM8S74ieizZxgKVdvr7GRa0lxdRPUNou6h_-I55JbGwG1DfCfJbrTBZY5rORrSYqPoSkyg0Y96zKy71ld25lbslCGpQZWnl5ts_KkFW5aXO657jz-YTBM-C7g7R_qaM5ZAV5hJz64UY1qu6m0baNaG9nAaWNmrYnGprsJEgU2lYFLaxQbgvdqn-xQYhG7Gbwl_DGwiZ0ESQ5r0GeHkCVB8vTALEBrhcC97DbKfM7uAEeePtbejJQKybS91DknCBQmmb72lkp1Al5gNM7g6koOtovgjaBpFelTa9frQjOMMaI3SiIS0_NoxuLNpaqm_QHxFuV_Y-ZwOgW_cU1V81STnpmTgqR0EuB4nEVmfhFKDXBzB04WsfwiCh34FTuUio_UOfAwuEIXiLAcDPvLs7dCXYDrUw3SIU5pQZIbzSqza6zMW2T9U&cid=CAASEuRolr_UbQu6BzSAcupnuUDjKQ&rfl=1%2Chttps%253A%252F%252Fultimosegundo.ig.com.br%252F%240

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f05853e1697c6da5c376f52167e0cc2bbd3f7a142c53bd8fbf457e1b04c1060f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15013
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A081 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMS3L_9g8OduvrX2DWSWv0DuEataC2eTHUsyPMdfypdnXsgXIHayQmveDo-evBQxmwtWw7KYK-7v3Py5RXjxzwpcV4_CyuGOhMAHYjlUZYA3XMOhI

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame A081 2 KB
3 KB 74ms
17ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=40774889;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CFhT8tMukYdfmEp6O9u8PvISTkAbj3bG0ZuXM2fXmDs3tu6HuDRABIIul92xglYKAgLAHoAHTxpiYA8gBCakCR_FgF8Trsj6oAwGqBKACT9BGfqG7zkBE9Y-CqzJ3JYW_SP8WWoC4pOIdl2YddJBNO4RMSLnq-OQLOFkhVZQTcBl1kNEEFeMCMGt4k2RdzKPjXdnWX60DkFEUEq6JOM_ai-uAazV6ZTBM4Xt26In3jPK36btVN2s4Pp4P68OfCiL2yHbqXN_zeaH0g9PQClcsvO2Nmt8vS0YLUBc2ee8QpzawQbBxgwuKUxbMbk5XWx8dUkNhqMayq4esPxg1Xd-ouHdZlEztSd49DfwCtttjGx39JLI0FYX8F9eDKd7wMPA7B8MGie776CvRo0xONn2SQhrF39hJ669XbCeB7J4sC_B8F9jQBjbeUT2H9z8DcTKpeMN6EkE-ks8kIavvcZ9xJUOxKVwC9QXUAFvy2_icwASTscaI-APgBAOQBgGgBk2AB5W552eoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6_YlA3YEwuIFAHYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAASEuRolr_UbQu6BzSAcupnuUDjKQ&sig=AOD64_1awi8Vf_7BZDCM87V9JH8u0hAkfw&client=ca-pub-5366475136794115&dbm_c=AKAmf-CVmOq8TH6pbaRYAn_Meyr6esLJvTv1QE2_9J-6O7YU1sbBpKpocCM_u9DR-iw39Kh1CBsGxrqholcTbrJCZObs_CqWXZf5jLuMDASF9by9UMK6oFybt1kCqhCFJob_K96FEJij9gL_J0E1tBp4Zx-TFezWmQ&cry=1&dbm_d=AKAmf-BAtmrpL2xE5NYuFrxqlGmt4MKdSk1aNkOf3wr39rK6JAFIk6cDyyV3ZhCdDVO9c73FVEfM__ThYq1gXaT0G1DyQpDZak5mpGJrwkQA_kSN7jK8F_ENxjwDYKxOe7NkjLYnlrNe8x5VB68OVdbTNV5-OhK33m4xhd7eOJNrTZrP3xVJvG7ZA2UeR0_fePOW1JVnalPgz6IItGLc3BnCfKaFsfncpR5ZxYiVeeVOHkDD9Iw_MNNC7EK-1JknawIZ0tA0fAUUdnYmn0H2ttMn6_Yja0gqmQGDqU3KDjBL-cnODlVuY71I_hkzS_yvi6hNoPfXzB1DtiGTKXEeZ_OrwOhvCdn2rbaS-yCW_LdwLoh0x9xwxuWD25i7judqoZ_yiDnq5oeiHl1107Wfo8f4iRaQOHzfjoCVq8B2ib1duKdtPuuYwzMq0Fr87ZGQBQUd9dQsX8ubxoRnQrqbR7mrdGtGC7vVFMVEpuTffWTqmKPw377WwKyPr9NiWE0-BqPvVH9dCucpt9PcvFy8oAqEFyyKQQZXhy9ZvzNarQaE6Do_YvbOUQhSF6nyeKlUblZKzyhIBUA3r-5_WqpkivKmm50sC0WzzA&adurl=

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7eadfe2faf760f5867c746c48b7661683cdf1801ef401b22aa47e8844b594179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2303
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame A081 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:45:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A081 119 KB
36 KB 64ms
54ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 12:46:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame A081 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:35:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A081 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZhP4OEgzKC5LBia5ab4U2LrQOY0d8fKGwT_ZFNPUEf9OUvM39G4eZ0kspKxAoJ8SjkEv-KkkTN5KoEH9mREwCfNNw4A
Requested by: Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1C21 624 B
733 B 34ms
19ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiv_5aTATAB&v=APEucNUad36xpR1z5Sn8qJRevt79p30N7Y8PQecjtF7EiTMFClrolLvo55fLX6N3XtNwrAk0mV6RXfHLd7M_CJ7DU7caqINr7M4diJfskH2V2Y90g3rfHZVZFN42PGH8AWXuwKrm6g2URLsKwpepBxBgkWnGZeGOmOhwHH1_Gy0GqciTwc-hkX0

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Nov 2021 12:46:44 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8AE0 25 KB
15 KB 56ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTpG-HdFUuCqxndJCnVeRjFEGPrhhN_LoWd_AfvjRxLldLqIkSxMWA77ARXj7zoylP0qEt_aPnL_eNH-JaYhCvd3LkPppPkR2chgyDGm0JfCm-n74ugDC9UzJ5plX469kJCT_VeJnDgUyA-Tw43rjLPpNanQ&cry=1&dbm_d=AKAmf-BT01BT7K4uXtSp75R4vdV7oGhbVaJCsWcfoca9-lHt1_5ftN_jgUJ6wX9COy0yLF6MdNmShrOJYfCOFRnW66zFaN9ib5SzJ-RkeMF8ZVZG0DN3ol6WQCRKNjpQrRXgM3earVqiG3odyYRDQBALpCNr0RGnxkSykmFtRTHuJyglEYUe2lukDPkjfMQy4L57Dhv6SxiyTUfFuZq_tGLhG-92KSf1Gs0WXTM1kIFLn3_iQnMw6wYg_sProomk60yjCE8XM51qoVLxVTZJauLG7gOCWotYrsakXwzqlLApCpUSBzAhvT6k5B9MtzQ9ixjiCbKTqTGko3QVaeSRRGS7Kvg7zstNSTuCr5QHHbYEROrhAVPAuL45iqGHJ8aDjCXw4eU2jJhCBOhVHhk2ePks0hGJ40HF3w1VpBTy_A-RMar_WjQ8Vii41dZEtt4FR8coLhMJ3WAlf5I8zsYy6Ai7s7deYo_mRRhjkUjfffwjUqYy1F477-h0TnewaFPnEwGHANIeUzvdMrGsQnSBRRCuTuPKfrEa1ANQGVVRNln9vlQiQJaC4vxPr6_Pp_M4nDrdafmqSWBZDRGpRQYC1oCWydUO8JVcD7j5kPxFi_O_ioVrlkTo9gmaGbo6Z6N6ip5GtHcNDUMFyFTIFqHVK4oyNQhJNwNvhcws0y8epxvEnvmsiW5coM4g5PdbTErvUa2sDGQmqviGOgI4MVRUW7e8MlHOWx6I1T_uiCHr6mTtPeCKMoZMlL850ciXi84YXyO9sq3MSxvwMwx-8xYU8y_ahP6yaJp9xvxkNouZqtPaqrInBA0gMDjTItubmlkspGTlekZObW-ep0rJkOYhNd98cX6FgjZeN6dm1PSokl5jxlwhnDr1nySoSqY0duEoBmNyKP7lvdZXoyQiPkm0Q65UwnNt8jLUOWJdsNrI-0i_Tmk3pm19DjI5OkZZdCxe5bQ_Cq4xiST6kiU5kmAmCqEfkF0My3ZGHqCWqobZu6gLopESH8firUrF670S4-V9KwOur4a8dpoUeUsfUjsUe-5HgLc0tyJ7-3c8OkFNxfAqJ1dqhzV_DwOz5d07k6SE_HW5fA5BWYOLH5wux0yIpVTWB-YVRpBLnj76g0ETDkVNfTFEgcipw8EtsZPq_istPJr3tFTSAnxXQJjA-z0dzvsmrASsEvhT5uCUOxRh82JQwZXFgP7y_JmMCQnk9wgYWP7180V8b6NkwTfbPPx1V4SSWhlgcV517bXmztEtEuA8EYUjVsKjVVvoJed82aCYEtLAWJYYkAi2ZVnFnsKJvUmofnuG7rkBws58rseiKLNc6WCWro_LlK4JBiepSvR_Y5j39p5-FZMUpkEg6tXg0vgkhAWJ8mI1W-hcY24ZG4TbYHJlyjYW6dC44mUO6DiBfQaWZSTMzwWJmnu_DrxlSihTwoLsXqEbNgg8PHjZGRVt41iLAoiZtB3wfn9nfaWp_1h2lh2s3KOvMgWFCnAXgKPqN_Gis3PISsEsqsyBOh2coes_NaQYveoIaR1ug6ORJ5LQNHZPtLHjzQxWK9Hhc9ykj_fpbGGFVHSx4K0KV7rDEk8mjIzqkW4CDKsSxl8v-ppa-1mvvZyRg354lGWiXFM0nmHVYTDMdTWd06nFe1er-ilBzatmOBgMTQLXE-mL0J2CautNsyf4nGx-n4Zw6MmfHv9ifF65wEyiBDdJu-fB2BDPUi6FMbizDsg0EgZi5aayPFMsQCnVi5O7VnlRghYGNQkdGD7D9LoA_XbkF15OOwkDt4_28b18aW3r4BBlnl04zY62rNvhC6VSpPg3zcA24OaVZp_19LiF9hPW1TW4G0Sa3UPPoJFzZP9efuqVcAehyCsUqJJjAwm5JzpVKG7shZDBoYL5OinEePzS-STZo6mTrSYBQfoI2_qnhzC5qgLRVS-YycpS3eLWMdPrFwWNB82bRCxbKV0-Im-FMWPuPNJ0J-gYJ0q30L-W-cRWRDuMjn9Vuj-fcLL1gzdybaHNKo-3r9J1jqKLQ9_3p94_igA6tO4GrxvAS7muOtvbGhSMzfH1-07qLWpJaKXhyaTo_x0PMgN8smT5CdHWpEpMPqO-NSEXiQBhzkQN3St-WxxLs8FKwpJB7ENMVDfEdCFdjZgMMMjbJUHDm5Y_eexVF0CEi6VO7vAj7sMa3S_tPdBykXPEYG-LbftAYv2ZhYlek8m-wH86oNoMbVd2auXyijRJmmeqJgKpr_SXki5u_cTl5cCEc1tZujhcne0E3MdoXggwuiR-LC5Ip57hId1Wtmokwhnk2s01VSHqyWr0m_bQlot9CdltayN-4LiUi8GzDZDVlMhAjAA6U_l7mafcRIY6PT03IEJRPXNZU74TkSCEel9IBZohaXIweRfFLv7taLZ3NEmKwMqNHRuWj8BkKk_Y7H84TP09Gnz6n5JQfwuZ1-LYJLr9RcF4qjeuZyMRF7_Yhfplwi9HaZiBuznOuFrG8zW8cvXNZu-e3Rh-AQJMV3s4ZwiNtFfaTQg6hD2HGybsQWKUUjbPRUGm75LUoQBaKbjMius5tRDLF_F5ho8dxNQIJNaKQVm0BXzzuk1szBXhjSdTIIx4rb3mFURQH24tbPX56tjnpbriuPAV2U1aIMzBpTUdlR6QO86Qansglf8FlFLHw4PYJfr6aC5eZ9PTdiw3RvHXKiMxsYS354ScoOwAWjMT_bH2VcmmNkHYDNdbNSNZfLahFnEj1wLzPIUw-ICUOJIzhw0IoFuaA39yHX7SSlkB7XEIK16nH3bP1I8P6BFCPKoBXeuDhc7UguRR-Pjr7yibAUR2ldW6Gs26knInty0_0hEcNC2INpMgWXKBeu2cQUhm248C2_51xU5GOUtViN2VHVQ2sEfVXp7iDlmHALb4N-QSUideSQzEfYJxcwHcEm7cyqix1rjtFYvcyEIW5fahCzqfVSxWaZ6LOXYOgtox83LjlE3YBbwK40GYe12L24p20OYeKB37ZIrErFZHcqJ45f6TaPaCGqCmIkR7uZtVJlQdKKuWjZKnVKLgm-Q6rBKAv0hc2gnEWfSEaNwSbke0lnuTpHn3x6dZG-5KVzBcDd37L6J5liIOxAhGRuj7Tw6RQhulM6_FXlj4c4VZXxIWj6Ho0fhRM8XlvJ51kSyTe2pcmVJV1LaP69im0Gw1cOgnqSgH_rT7CWDrywYeS-_SvbrSbFTNIBeuwvXSPZDWT415kQthqfim-FHh2929u4PAXfdp0fBHoyFkFJ9zVF3ojnnalsGg2ospH4p4Jk-Ad_HQzfRHT-uP3BZGtUXUpFAioqQPAIqpvzJrzaKAuP8&cid=CAASEuRoSydUHCycFQx74jhlXxAmQA&rfl=1%2Chttps%253A%252F%252Fultimosegundo.ig.com.br%252F%240

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b70327b18b83eaf79d0b3b175e10cbfc5ead3f146684fb9e34d59f1a8345fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15026
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8AE0 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ASKpPi1Q3Ql3Evyq-V6-KirwU-YIzV7-wuzRuvx98KIdR9iNbBIR4scbnvxyeyT2hOYtwrzPnJqbJ6uBL5E2tPjn6w7fAnl8O2mgmM2wqAqVQLmAw

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 8AE0 2 KB
3 KB 66ms
16ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=40774881;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C4N7ZtMukYdjmEp6O9u8PvISTkAbj3bG0Zo3N2fXmDs3tu6HuDRABIIul92xglYKAgLAHoAHTxpiYA8gBCakCR_FgF8Trsj6oAwGqBKACT9CQrUvwOklOw27_I5FXIJ9mXJtr5jUoFa0wZ9VANI0TgUTy8tVE98cCpeb_qivfpJ6xsku6tAT4Kl6xfKavAfOUb9b2UNnEou8ryxSv8U9zDCoUzWAgO4emOy2gK9MGnbU-zQNTEi4Sq1lzaCv_BuYWbKhxn0U5irv3waLnQabanQP4KDg0NzW_Rj_Lp6BtdXXuA6CB6Au1SenNOeQhukRJKZI937RXRp8FONsNApa_H6JqmOrNkQyUNpfVX-cjzf5Ni0G1MJw5nGjbCb-diHZSGfvQZZdzCdjjXNF89TG2sNuMTS8S-Na_einntO9q520nhM-RYvJOxnhOO35TNGVtHpZML-tADI_4jAjBz13904jXa31s3cG7kxHWL_U7wASTscaI-APgBAOQBgGgBk2AB5W552eoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6_YlA3YEwuIFAHYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAASEuRoSydUHCycFQx74jhlXxAmQA&sig=AOD64_3bvoyW8FausqB9jbFtsMQFagPlCw&client=ca-pub-5366475136794115&dbm_c=AKAmf-CoGHnDZDEMDUn7T1aM5aAvJQcVCdRgcpikVwKbL6cwlyR6aB3jFk0kCdsmYyBkILrW0T2AY1S1njN2Ljaa-aY4q4Qd19yHbZFgG8g1yfhvrklV56sTLRmv4Y1J8cL0MSVovVOrosCEC86LicIxMGZuXCIJJw&cry=1&dbm_d=AKAmf-DY8Msx8jyHV88QRPai2HgKycvrAYY7ACs9YFZM_i-EFQzpegewshBNyDsdolRjm2LFo4exCKJYfzLsAkHrVfb59V5iWbWriR9SSQC8QBM39jnk54-A-TDLFsXYQG0dMqHC2B9potAOhJ1BrHx3YKQGhmWgNwrdKSNP5QKrztDjFVZFgivvwMymvW-prrGbr5XzcO3j88pj5ZFwAmNt5AAsjTJyGORRO0HcoP7sOGpdJSd1R0cZH6vJDerHFVa_sPrtn3LGAzKQEstDUPko-W4XWzAAM3h-AaPzD0UOajDU9ueW4ix-1o_IKFhjOzqT7AeBWcd6v1kmgGH3nxWLJtwW5dnALOYINaL2kjrg5tUENER9wxW2mHd2wWpNFIkFPylOAqQ2WLXaoxA6aDba9wPSyTe7EKdn1Rq_fO-45ecEQ6wxQmAJ_VhZiKzoTZwKNjWH1wj1gm5l3WHI20YNYx0si71X1iJpISOyVuqmfFbYtDgJuc3w2X9dc2T2n3gcnakm3xKOwsRD7A6hfBGPnbhRPJ5gnXO9eWtZjPu28IYG8bb__MPAC67GkVpQt1_rgGNPdlSyvemJlCgDz_PQirlZF1KVsA&adurl=

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

31c64c49aced83c84ff88bce719ed564b507f80bb2a586e3d5135e709c00eb23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2288
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8AE0 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:45:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8AE0 119 KB
37 KB 41ms
37ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 12:46:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8AE0 15 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:35:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8AE0 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQff_fLekKFeWXd7qpZ6k2jor8TSu8CfbhF93Nl-gvtNBtDMEY7noOLGk2JhRSbgg9cBPJYoPoEIPtHbgbN03GseNOpPQ
Requested by: Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BF11 624 B
340 B 39ms
27ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiMgJeTATAB&v=APEucNW4ksZUyOIclzSjgmvpCahsOS10kozHg8QwtNS_GhUf4AL5ndN0whqSmRRKZeGRd74Hk9EjMyuIMv4O2ApBXT_fYNOx9PHAX8u6sA_O6xJTty9Vt3kw5MpdAzQ5ds1JZALqyxPK0dkxxQLlBvrhPh2b7gKVSMEhiHxz5xpCVELayC0Hzds

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Nov 2021 12:46:44 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BDB7 25 KB
15 KB 55ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DrN7-ng6k6E42RkNtAW5t7FX1QRhPGiE1yfl-WJbo3VJh3TYPgJoXpeChtIbNekjFIrs8W9ilYzDDErWMooN6RO03XN5zGPahMzONJn93xF6QzOCnLymc89ciZonjblbDyjHFQYNS--ZiMcKLh_laCSubYMw&cry=1&dbm_d=AKAmf-DyQVu0gDMg2u3U7fhAXEULru3KSWTQ6Y9OtmGPuO5L6bNOXeECwx3XvGZh_ht708POsY5LExk0Nw_1D86tlPNaMbRcRXZ2DsMk9goqJ2whu2Vxd64LNMcshUVErFV6CXCHHywrt5CBdC_ntA0hcuP0IWkKJ95RwejaZvP9WPd3dRU5hWA6KoIvVjRaqOZPfGV_psv961ZVPhwaPUaAqe3428A2Z7sHzWyiiKjnzS-Fq0Bubb3LGYA0fyTrcoeHPu7lSjCjtT1RqhAkOoEWkepTJ8IPanUpmBLgNs_Vzy7WKZjpM4ARcUHWcFDy3Eg4qn1FN15ww5r4jwqMvJTMKnXHqXySUSZnZ5CmC71wy2ZUv01DvOWlx8BLbtM23Y-Ao4jDT3Yv8qfMC_JrHTO4euctP7yg4dgIdXLz7Tp5eFvCbNsNGb8XIwGEvvQPTLJc8p3GeIYrkes7ScfO0MCnTq5wepOw9qvMES8BNyZekEtqthuifNENIv_JhucFuVteGmHJaCYseuw1W1jeEGxa_l0efufKfK-Rr5d6HJmGZLs5w8Jac9W-0BbRZa14ZZThp_cgnKPlS9G3ccOkA6aqhuj9u54L3PZFJVlj8VBdXEEB-DnTBpmSk5AebCCPa3C1Kltj3sMeF-H-DD-8V0MqJ8pMh88q0UTVZCqQoWS4K1AYb1NTDgR59L0H0g8Wl04CEqi1uGwzj4XH-o-kFjypt5V3fugjHBTOilJdWkbjciusY2Ei1yQhns4eEGGvkmrxrjNDfyDnJxFeUT-hK5EFT7lCXIhp4p05vX6Oz_dQXHuW9xYP6Zo3WAo7rxhVv-NuHtlMZzmtM3aiOi0bqRHPtoIy97JMt0lxYSt3rFgzylHiPyuZdVLgwx4a-Pl5lQ9dWUoC2XjYgX72F1agjOtlG9WJrjVoMVJswW6NFyWQhhq6MoVgf8R3zLDDsZkg0J55rBNNM2e318Xf0SKjYG4-uAQA0fwyQAV4yCGYqKfrArzc-yjF2pl9joAsR8TCFg0tnlldNLD1Rds1kiIGPoTotepVI9uw4h41bkArb_9_haJkzldQnJ9ak4dJBN--uCHxz1xUQxyBujnHQgeNvHFXCTt4C8T5IF3rS--HB0UVSwJUsyjJhJnNm0YxXYfq-pipS2wyAp3x4tPD5XD_GodNJ910dNiJ3z1kYU1bFDmMp6rew0xNmzawJRTdY00gGbWGksmF3WI0iI-OLvKJi_nFJ5G89JnpiTtwFea4Fl1hZxYxc_JUFLGG1NUIItMvKuhH3GfPl5A9NwLXLwDt1_4pMsRCyxiANrcLcxZG2UYgtmzBObK31EM_-j1uOOQToiv5kDAOgiQhcdKl_jrJEEFbPBVVKgsTOxTnqdq711h_vaONmUrPkNE1cM3gUCjeoDLEey9sTSf55lfaXil3_i8ekYSG2Xbup1z5HIFvAzYV_9-D3h9IyVmVLmktI_UBJipI8f9QB5IiKy4w5GrhCIdk9gMc1F5oFGc_Kc_bGb_6XKw4PA9y3jlnZFDattiY3rKCYUa5G7EfQUIe2Ng9--2OkNlAz2y1Uz92_ElYQIRf_5nfK9vPLmcRFZFpTFYE3-LqpKin8j84RUObTk6Tr9tQjzCIoBY2_8E9RMz30E2WtrJ53WjXZy5BhpFy19kGCEdwD4z38H1a_oBkaoG-XEH-yNEGatR4-xzhrGbDHb7VLM5-K4D-InrXsWPvVRRtRprlnv9SvRMlNa9BlPgw-uH-V6tz9hcCzTICa8ixszwKG0eVUBmYGrkrMrG4WKHl73lwFwEM64AxbF9EyEohAzcxpfrR1gqgbtSPvstR01p4MIV3Slfuy_cXz5n7cW8DzPcKkuK3PArYxo_6F4mi6uqtAepUOklJW6d7IpRVR0jHZD3t7-luP5Ai2I0FQEBHxvMBbrsFmoMY9waQ4oF-Pu55CXU3TJCSn0uLXS3uVECwDTLIT8q5lSG8WNJZo6caimDgtvyIE-XHFPftIzwk5wVykOnVOoh-2lkxNdAMXR8HyPVaCNjNt7GemSbUNx8abs3Ki1SqHgRkyyjM_hok8k90juJWgTrWMiknL8fhoWNoAfSjgIC9Vpel6JGzHoWf2yS3QHxE_EcdxEB2PMtNdGOJrKmSEQwnwSFByPBFKSzX5pYUBhByygn6xKOsOFF7Gy2TNyKCzvScOUPBavhrSp9u2OllB3JFRUp2d7GO-roR8b117UEL3pD0ag6sfkQbyO5D6m-PDd7cJW8Oky_aUf5a75XBLoD8mbOiL4YkR4euAIcMZ2zVowrgRlXRKpP9cfAJ0f8KliGD48xTFsOSAHtSYS8UNC9hcGvIZzbFbbV9ysbBt2IQ4YD0QllpaZc4jeQzt_911Phqi_Xi9-_pIqfSPNuzqodRbOZZxp7HkbdAMzqKEGHpY6Uj8jxhMzGVr7722_kcfwTrrmUEn22q-UbFtm5MH7FmRWEABsroyBAoZtwecLnCcpAQ44W2E5sokhNaeKdATPcksjOwKLrqXoH6CGpikn3Iq9L0bpYo2PQJ28O1an9e1160e6pdQsg5RBGbOzO45ZnAiAZJQIAiGVM4izxa_1ib81qMI906QvDA8acMW3REAfdveJZiR3Nhqo700MtScBDPuZYJ-DyIFOavY_aMVYGCauHDPWbos4RaQwWze1i6EEZbqNq-2OuCDBrKbFqz-Bm1Td6SxLtHVd9sGyn3buBIxRKgYiLg3Mjyz4_VbP8Yw24Xi9pzXqDXQUX4OrVzrCaCs3PAR3fwE5iutGg-7n3rT7S0D1_N-rcCMPLL3fHqpc35Cka6mgASiygTebgW3fL-d7cu0OgniLV30sQ4fWzUEVczPXgKnp4Dlj2N3NtwM5ohEagyhelLlhtwtEV9qd4jhT5-xdlUeej-KRAXwBmZQTJKzd2JbzLZh4EyFiXfYO8qiA0lfd-CzpyALRtvXYbEP7LZaJzTZoVJ1pgwAuPz-rJBbKjYgCEfJ-N5HZ8O3I1V8Cx0siggIHqZf1npG6pNEeG63coC6qc8URZD0aPz1n1OiSmioOHjDtsRNk6ziCk0FFQDtJLNEYVBKYOyw_VHP1m6NpNHufafRoTLXDtduS1XD57VZrZmRFEhGxHr6_yUuf40c2Wa3bPj3gfZz8Hc3PphQ5xU6VFTZ6RIlEpARU2O1RXemyepW865Qz-oIyfGQjOr33PJagElCnG3x4uJjnqED0scIb8ubfCievMe0YmgOCVbEVTMwsP7uScoGXfCVfAPtyMFk2uDX7-EFdCqlnTwOQdkG_USUPTGY4EUyDlrZUSwku0SW4fNIdSGT4E&cid=CAASEuRoQlQqn5h-9C-LYFMe2V0kTQ&rfl=1%2Chttps%253A%252F%252Fultimosegundo.ig.com.br%252F%240

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51bed738a88ebcfee0b97de05f5794b492fef21c54a406d86f5c9e4cc969e68f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14994
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BDB7 42 B
63 B 44ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AeFPiLuWbbPV5Zp2tcArbjP3PRcamF_RyK5Irxj0oHxBdq1qoz1UYvxCDwq_sImM89RQxDpz2VYkeg6B7QHJ9TvOuaHlEdDzDYm5eh06tMjLbCm8c

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame BDB7 2 KB
3 KB 73ms
27ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=40774892;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CTMPttMukYdnmEp6O9u8PvISTkAan6bG0ZqiGzLqgD6Xtu6HuDRABIIul92xglYKAgLAHoAHTxpiYA8gBCakCR_FgF8Trsj6oAwGqBKACT9CuPgCXYeXvxDbDIe-NaQx7nv7B2fJzcmTmwC2mSjCfG9Fpi4GZVmsC44kWYrirF-BH-1yIucWSaL6pibrIT2SowRC6kavQQZyR9B891bAiinH-PsRjJVRz-ZFaBftLD9_nVcjvxy0af8sGWhCGO0krgStind2_iZbLX3I1XNm-yG4jA7V5BcFKG4OQZ8Us8Czl69MQk5HDrJzsLBgzcIRVBvvWpbBf47nGOPPAvt5yNH1nBxtiDmF5Vwe7eAHKzUPOFFeZ_IPiPEDuzvRs6XZGAiOX4ptfjD1fC2Y2IUM9kYohLPXTAsu0kYd9hX8K4n0FYmYiBt-fyzwL_VjOLANdiccoHCQCrM6032kSQSy-MCTCJY-Vl75PfW9qv6s8wATAsITs9wPgBAOQBgGgBk2AB5W552eoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6_YlA3YEwuIFALYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAASEuRoQlQqn5h-9C-LYFMe2V0kTQ&sig=AOD64_2paOuQk1dmOO7MV71AY4t7dn_yxQ&client=ca-pub-5366475136794115&dbm_c=AKAmf-Af_MA-_2gB75u0X6OV7JNuY5voeYM719zSuZ1KBsrXst7rQd_LRpfSSqG4dFVWOuxLHibGGokFENgECxJK4KIVfFXt-x1FAVchTZWqMFKqEovjHV2xpJez-5WWDkYyGjUOXisW7vYDTUwUQ5Uld45kCZEu2Q&cry=1&dbm_d=AKAmf-AOT4n1YqWXDfTWuueMqgJnJD-bC6BwTH3ji98Du_C677NHcwz5OJUjSVQMRSLzpDRAuo95UaIHkQRr9c7lF9VwkMbweqWKP5cJj48bC8v0LV6gzN8BgF-Sjw1tcXaC2_ytq1C0_Li53upfrMuw9ZRddWEUTXQ1RYg_FpDIXUJgoQ4YCa-4-ilznHzoZ-NUWHmTJM6NQatlRhzbg01735tMPPP24UJOn10za1kKqgKmbh-ghmb4CdZMRORQPZvoKmufZNCQGUk0VN9e8YE8RprZ5Qhb7Bei_lDoq3paAHZTaWsye0pK9UiZFMMLu2z4q44xH27hPwgfO5Jxf9cZts3lLUxHqTqlP-jFLZ-jD9S5OLUzrV60i_nYbYFxqxDLeJzKfHGzCXMGxv2NxEuacgkPyCUP9fRpIr9k_C6Y2P1nvFxi0M3QIHrQcOgZS5F0QBQZw3vsDpNpUmWgGi-aqTvBdvOKYObtJoOmoq0IJr-saMzisUfzQt9s0vPK0iw9h7If1B85yoGOVSLIoTi42lUNFzfJ4GNl9NeEXBiCM8CW_TKOnCELeAUTidZcVojbTxeBAuy9EQX06GxXCpHUgkn2sRVu4g&adurl=

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ce6ef2801940a6e14e273264db836dc087ccf6c11902f693f0c61321ff2aad0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2297
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame BDB7 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:45:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BDB7 119 KB
36 KB 60ms
59ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 12:46:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame BDB7 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:35:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BDB7 0
0 14ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6c7glMw-6fJS_wilUDjLo7XZzXHCGUgHZHQ5X1i8LgR00-PQjoLYq9oDcyFuR8KvYiK2gtxwwhiAz4fyQDeiIheqQ_g
Requested by: Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D462 624 B
340 B 37ms
27ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiMgJeTATAB&v=APEucNVx7d0hvZ7Msdz-e96myxviWBc40h8x4w7BVvZ_oV57UbwgrAPUd6hozZMfMN9iKoJEQlgHv9g-0KdoPmefF2f54wmc0SqDKgaF5udkvyOHu0VWZtts82cw9Cl2-TXT46BsWMiQxBL9HIOOgqX2tTse1HoBAt8VrmgVdqGymAJRf3bTzCU

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Nov 2021 12:46:44 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D410 25 KB
15 KB 45ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUNE0Lui-quPoZuwHPPTCNVVAhJJsaJTWu_ZKHEd_oVt0pewydzsbFawYSAkS2fC1z4EK_qX7vcz0kr6S1S28yOyeHrpVGqMB-LjJ1eFMGfUwgGmsWRMxaSJoeczUahSeNz6CL-YekEsqcdCLY3WO7KnNKhQ&cry=1&dbm_d=AKAmf-D9jBCXPQTGp9IxkciqbK54XsI4dlKwlNJV4mO3mNJqLOQEaHPE2DS3CiH2pC53DGexHaP9ebK_-0xVKPw66LOfscz6jADrYXKTK85LlzJr-oIIjypnsNaSGWLTcWh6kppT89yc4TRs8MnOuRTIAbsYaxw0lWvUvaW2pHmwbYKKXwASwWVyvcaMOrLaNNXZvCEfjtvK1cvobzRw0UuqZVP_YSFPJ19fc-HvdJSED0vL9TIT91tjb2EznK8XgGfJ5qz9mYIczO6u_1PqNagtlbC8XVWPZoZ-qyvPPpMRLEUQH2xiG66-sdERNUTswKyRZba3qAqGv34tvz3S0hpBdUmqDNj9K76TjnZHBswReHPOgYaDNmrenT0wNofpIFVIaAKSbYj6mwj4ML_tAY4p1Lg2AT7ik4zkdwlGT7FCROS3UCSIa3SNxQKiEAj4rcQu_JiuMlLyEMbzthN-KDwSSmjOliDjYIMqF1ebRCXZ-kZHgyUhi5arVxpFDr5JtbLnvQC-2RiIbMGIb9QmUqpqLzAu90EgCh1-Gn1sV-Bd2jCwlCaOC1dLKYPpnSWj2J6Xb7byl9B0JlyLYgy5JO8quw5RB6f2CrDythk6J8qjY9ok3Nsw3n7-ePTaVxDBA3Gtma4WEJz5VFM64TAgzz61pBtJWZKzkTYXqreIHitMqfpCV_7RjcgNPEgUMKz0StObFxf-nPTKP5s_J4mcu4QPXXQNrMs8VXoDQhcfuL75TSRt3Y-5g7M-arH2oERalwM3uT734QNVRSOMVPFoxMZ9dVTBHsAByN-TWM8wL7hOEP_HtEw3RP85vGwovQFcyIw8WknqAzrQhOxqJL0KwuUP9Ro4VfR2I3fgVxwCWznkh3JeAbrcY1BfTEenpVWXiyk5evKU_M1XVz-8Mgitg1WrVRhpC3Sg9vh0gBvGln5X8spnaMPPM3USwxjYko68jiE8SowxfP5ZHUfeK2py1-ZYeHlx-6bpTA9hqPE0ztrln4rXPvhDUhpy8HsfdKt-jOio3c9y8UVf0kQVWP4IsEEv7MPDfd_ylouSRgWGG6sXV4ROrU-prraimuokt007s3tH4qva5GWU6LwuLRyZtgspbYMh_UDVI_HHqgTrYSkrP1DASJvpDIUq-aUC2h0nXnEQ4M1YXIEGMAEMdpJpp9VWHHa65X_FnmulnLbM3uUK91xrsbpRMCLumisqUOk7z7hxBsZm7ghhltkjZjvFwcyZmwLWrq-aRFSsFAaRoMq6Pvz8JIRu6d-e-P5G8J2A2LQTSh_XL4MLl-zugVFG1w-d0o1zhy9XcJcWAOTwLP2l1lbBHqxicaCW5EkCKb63IfwTvY-0wEbYh5gWiizac43f7nAEEn8zMa10xnf9KqdGaNUFunRaBV85QwE5pF1h_TthLaqqQdjZRJBplMnV1C5wPL7uVj_t8HC-3L4u_gblAElyUYgRa2J7zmUNVvMjhOm6p9DfFFewkeVQeXBgModquOlsqiWTY0yfQPAYv48mt-o2KAZKuHnxhi97bASS5icR4IgqAAOtrRbmoPGiGiwNrQ7eoMH5At6b9QZrYiJh2yYulG3nS0GZs8zvJXpfoq0zOwirLflaBytd4xnMoi3bvlizSlkMWn84KZHLkn-a9Bg15RCstF4ruwKO8vfzamATxffyWdr6tfhpl7e6uO10EpaRfcf-6HLewR0eGaZXM6_cqJTT-46UO-ad0H2SLAxYbOsku_ecNJHh_PfxLu3rzkY9bl1eWsJi7CH8zbj3AnpwmojmtXHlVhYtW53kow5tiJ3Livx5FOUJay362qoIPbI8UjzJMrWrYsCemwtM6M95OJ5YECMZamGzpoupcy8kMfrvh7zBcqebLOz8BxfM4Ojzj1mBmOzc8mclsVHf1bUJuWLDGbki2sVvSel6LDCxF4Z8HyySYXdyBYrETgIa8VowEVDKqumThcCfxW-8ZWaIAe77C0jzgrRXTgLjKPh7eoj5FWQEiYIr3JA0WfF03WwjBZ5Sm347g0Rl-FW0GWtBkNxpVwkzlCx_ncoWYClxSrVKmtp024HAjsblxsqtvlvI5o_M8-9XI1Zwg7k9UhiRkGHulxJOHaapGUOJU4xH38MrAuv5AQJV4AZ3ltk2IaS-IVOHCiMwnvRU9qg0dwav0R1K-GtfLwaIBSgPiIIExhkt4hk_B_4K5cC5Vn-Yu-NfPxVM8iQY_h5u1M1YoiCIL3aBoSM0tp-wHa68J-5_Vku30NT6-lLWwYEA_3dBnjfYmML8CFJ3oafgUev8CSR7yURoaOfsnRoEGwjKNPSzu5_8ei_jDpMNyia4rajUcauKCGPYqpE1YuY7woNE7tqUqf8Y0CTdwxYrH1uG1glnY8V0QikV566jZDM49tDJDWVxoM6vCjjkOzBK3kayhXKxMnojqif-DPaIK8n0qqXJWPI9jQ78tz8DUINjOfvO7uBHaTKkKGCOdNSygenSNEiJvoOIByBUY9bdaUPhlbBjRG2manp08x5A1eqOWujJFCFiM5OkTIhWEhTZJQq-uyJ9RyEFfc7hadAGPu4nViU3FGBqSkimPf_EAJgvNb8Gkt_YuidthgQrrq77w1Epsu67G0gitghXRuNmw08eH9MbH9-zvkzMqlaEbUEQyt4gopWZ_7Na7Np00QOm2T8p7_HWSXx5fQK9xsnQ1AOJb56HWFYnosps-W_RSYX9rLOG2UJU0g1W84uLzPwikivOdo7l5Tl3DsFFHde85tW5VHATGYZ8riWHMzMVo_p_vUiBT4_YIx63ubPjw30wBo_l7I_Mjw_H8_RnVsnwYYrhYqO8_DhP2OSt3En6pXtwqE5ChDT1VGCgYAgD95t1rWuGCs9bMbtumJYRzayA6LPf-5lKf9hh3pV_H1EvdgKh0l7ZE7Ce1aowwP9mpN6ZzhVqvnmnfRBasDCu2-DUYtwHuUPhOsWEW_ebsyrSTvPf4iIOoqVcIRGly-f8h6FfT2z0syprv-hdsAOISyLP5FFPjwguM00ZO19IasA292B6y_QCv4KOUg-FTI0XLqeI-uUi50X-n03q1CfPUG1pRi9xNRhpS82nTqCd8mI-M1LCLiVu6uQiIZ4kk115wdIR7_T23fI5CmeHA7EewBb6y-ud1NSiczOvpG_CDTexWIOwPNa9s_lgO-Xc2j4tfhZmjBHooieVyL2fOmYsd5ckpglxxnRFAHnG43gjTsKryO8fAYttUJu8BH0QNJkqe2_1yAJvRfQbMg5so5xFlIRMvr0k6i17ebNI_R8O5w38KNYNTGGjSVTtvH3otOwwZifb9FVWfwkfekx8e-E&cid=CAASEuRo_lJiRtTGIPh0yCx617biUw&rfl=1%2Chttps%253A%252F%252Fultimosegundo.ig.com.br%252F%240

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bd58e35553fae10ffd9313150213d074a422bec27024257ca2eee3aa0a27494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15027
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D410 42 B
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJyQ09RYBMYyWlk9nUs2rHtu9w46T53ok6TLYW_Xj3ytyqTa1SruN7yCV8zm15207Kgmud2iC3kFz-tRSqOOEn7Y2WAIBF4hmzhoIZ-uQG1ugP1Us

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame D410 2 KB
3 KB 70ms
27ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=40774892;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CJQNotMukYdrmEp6O9u8PvISTkAan6bG0ZqiGzLqgD6Xtu6HuDRABIIul92xglYKAgLAHoAHTxpiYA8gBCakCR_FgF8Trsj6oAwGqBKACT9ACtLB3dEsebHS_i6fucxZvVKnFUe6J6hCLQFcrmP_qxX7skUHYB3z5HJWN2E14heOixJ64g6lbTUtxonVY5kUrR6sJCF4-pTpl4Y2ZvOQRdWPwnVV-Lbq_icNoaAo-trnn5_OIT70vsxmj_d2rikFFYWytbIx_bbrrvQDqlredIXJPQv6TSPPTdC-XrQHJnjvNp7UQXALKcUqZ2BWit7K-CjHl8MKAEQPOobtrs94JRSThrzHn1vim2eQoAOsKqsA7n9ZoU9c-ZdwdQyPAd514FARQ6olpQEgy7pSuznlVr916GRkodLsuYnpey8sZTNnEZeNo7-GfZEaqIx8t8SePLLX9qXwhNa8IOV9cwOe-QQJBa0nhnCAB9VNVSk3EwATAsITs9wPgBAOQBgGgBk2AB5W552eoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6_YlA3YEwuIFALYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAASEuRo_lJiRtTGIPh0yCx617biUw&sig=AOD64_2rXKk5iZBMXvlAfSDfPbINT6rSAQ&client=ca-pub-5366475136794115&dbm_c=AKAmf-AvPEPWhKxj5U7nGNbCOygYq5X7SnwKY6yyiST5tihPM6WE4_ZYlPDvxJrc0AjMevW-bMgL4Shg8P_3SpDDYCSleW6sp7TznIKbbwLiqg5OYExYvpPihYigMxcvlJ7UMbAs8DgoFMhlpTmMPd3FUbyqjAZUWQ&cry=1&dbm_d=AKAmf-AXhSAkuzkWzxbwqNbhEXHnd19dCRVY-iFoTjMtH9nRG4ZWsRKE1xEgumzfK5gNOKkKr4iU28y3xYJNNTzSszlDM2LuIKD7cUVn6f4Bp45Q7yG-u3oNbNOPBIlHHyADvN9wCVbGhe5P4-57biGkFFYZ6pbiyT4PpwwsWr7hIUZCKgMse4CL2DMrxHbPKvInhZ1nIhbbKY7hd0I7SnaI3kjDqzUN2g60_7ovrLzclWa-8bHo5jYrOHKetaTuGJjeQLK2oN5aRgr0OFmAR0gdAkBDxtWcYTuVYWh55iLxAwfJEts4dHy_whGgwg1uoz5zDY_4kXKJNB-Pdvmk-AgpX2cHQ5OBcv5WRTPz1KlvZ-CQ70KuJpZP6UEffvryVAGvP8weG0YLM71GKIERJ_nKuxkY_l_O3YeCs0fVdNsSR4Kvlh_HClqgsw8GuuX35A4zTA7TGaGRGoiM41AKHQeUxO-AwPalJoA-Go631Jdx2z7UX0xrxeYIrVNIL-qJQkMkSf0LDao-81opQ4ntiQu06xFeiRgyz63s7gGUOxp2o4Ta-UeE1kaHZbkR01dWEuG0sEH7p7FzrAXjTHAHrx-fZmqA_ktHYA&adurl=

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3caca0548dfa1e75942da5de52e25020df9782ccefd738dab59f0ca81cd0f9f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2284
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D410 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:45:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D410 119 KB
36 KB 53ms
50ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 12:46:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D410 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:35:40 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0C12 624 B
340 B 34ms
29ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYo8OzZTAB&v=APEucNVLYg8nXtfNbrnlqFbU24Qt3WO0iuyQEwHUJzDgY9jbwsPDx-bfQPOb_hEC3G4_KZZYTY0OSCS8yQw2I8U1RCPO17YvnIchJCOoqW3n92dRqdQRcOxp2QE2OAeUpFiLsILrsiNpsTKAS1ZCoVJDOqYS-nEX2zOMPJPMkjnExhitUy2L79w

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Nov 2021 12:46:44 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8805 73 KB
31 KB 57ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AofwlbJwkzO6bu1EQU3f612wNTbIs7-_5dnk1GZiymJ24T-kgLeP8hwbFhNoVNHcpAHKEI-J7tu2PxXv45YwnvvQeDzINcGg9Zbr7rfuzTkknicSxsrwDSNp0y6m3ySCtYdIYcOWFMCgWUSwN9jO2jKLMZsw&dbm_d=AKAmf-B3fyFIT5w_ta3DSiqBhY3PNeda7iFfcwreqCyCEVtSZVJx2H-gCmR7RwpKhkMJOuR2US1eFUJ30S4vehLs9aCCgNbApy7xMcE0siLfyYfREmahY3jC_UsfuPhgj2qBrsCdQSuMpWxh2N-AwHy5dy0ceZO3OZGAFm9O263xy9KyvsWgYOZGsrlVlwHHREvX-W9SrGf76_wAH7k8UEoHs5TOr4fO7XvKqNflMDzTU5GcKay0rma6AIeUeURrCL1mjdrYIp644sjHb3zhOkIrtM8kHFaBTJXfM4cQ1wZOLAGVeVMrDOEM4bhdeEowm9lQ_Vj8i-JjGsiTa60sDYcMHCThZCdvJQnCF1BbjrKBP9LiYJl8wsPeqtkkEpDABpcgYPavWgxKVP6_G4ANeLbWAoTYxHD9_5tVaL1i1uqM9cOVJYGctcnu6RSdF_lHplT0X2K4n7Y4vU5NrEOOXhkJi4I1SbqFek19omjrr2EYx-hPRlqGRDyAoz0yF8mWCQw-JwerC7ObB9SQiLkKyjTLeSikUp2EEUpcrOdfcyvYlALr8fw9JQd_cmIG7dL3gk7fREYf7N2lhLhRN7oxjkr8wiLvBk1n040XruIRdcrAPxj3rNUSaAEC81m399XlecGn5Clr-5B8a9y59r3rlNvUCszZQ_ml7_eGsPnzLhCLBE3MD1jWStluotbeKFwwSvtQaXP9CkgkNoxgMH8Uu96-rA6CdYusf9uwkQnsLAc860AAdibW1HUiOo8crYV6RH179cFkjIxDocQcusWf4K62A-AOXKJWrrMTX6JwF59fJSA243vB_M1TBKWWoooNHqRAD1IHZmqZsvHXOrCl150euu4LHdxWaYxJzPfstEaW8Bu1HLkxjxacPKYFQoCoG-3sw_-sNVefm26Wog4Ui5Z5fdcdTutKKKZvfrcMgcTYRsmHS_VHSTDV7X9CsEAb9-ZYTv4eFHVGtROrtdZoe19xYudTQEhcVWvThpdUYx5r9A572838EeCRK_BOQDHwxsvEL_c1zs4oM7IBKGqKro-wghar-51CGXxgiZMzDV52eUEicLaShCaaHIBiXIBVHJSYle8kKQ7mSQFYbnS6zSzy7YIXx_VOK75JstTyXW__mtRml6s6iTW9LvWN0Tl5Q42zEg6ucabCvN6kpb9U33XxJZZYToP7E-zRYKTqGfkTAGpSf1VkgCDERarOJ0L34W5__XtdLnCE4cvr36zhUS2EMbsnLo_1qCWzVcpE9POK-eSD6eACWnIzNDaYodXrfMJbGvsqa9xIvXKts49VnWJABNF7iTb_JM7LrmhEY1Sqm7CsB3HqXqwLCK-R11rwO6c3MspoSxKTwdplRe02uqkUgmlkvBH6rT091lnCYIZd3W_d1P3As0Cb8AKgQw7W8eI6ysehRaLIWzDSZJxxx8ohlzvjcoJ6HIm9xqM3Np9Y35s56KT0e2noubj8wn57_8nF-pQW8GwghZE3MnB6sVNj6lWxcbUfKYBqTtVGIKshElSvTUjx2i1fEJZWO1nbsZ8TcAZNSRBl6SCzPBKPjpLEoIve6_K3CBlcXKfi34_T9rfZ1bfI_XfJ437mQt37LR32KF3h-pLi7ar_M9TtcI8AGPYOCd87i5gKLv-3lwILFAS8BbTnFIljAkFrThuNpkYvC6VyO65wubqjSTgBbABJlGQYH2jMxgvAS4N0m6y73GB0m5P1vObpHu_knR_yi21eOPG942S6LbVmXh_-uG35zcmvynqWGMZWPBpkhbeP8E7UVEc5yRQcUSJtfepGndT__Q9X7Abu6FXT1conkp4wHik6oT4oHTEeWjeJ9bSzgv7s8mgfILzc2EYmWqAZM-0XyjOnE8aLgvQUklQrCQv_SkrRUEi5tvhPrlc30OjzZUY66PLHchTwIXqxieFkJhxFQKaEv6ztTbWPoHAVFt1oGa2qwhGQfNEcREcdz9Zkluf5WdzcWj7jY1XYFOTx2X69EVRN7mnQ80aWhWqq5ZgX1BKPNYjYJuFTUCegsPK_m1BWbNuNzmkBo-MhH6403JVuNECZEHngkcVohnGYfnrG6-LyWVRQAT8AsRjGtM0eeZgLQsNrLfg4f1wfvhbdgEOpLZdU7_UPvIB85QEq6BzXb0fuTyduh9jJ7sf9TVvNfC_dG1MixZTx3ovMGowFibyoozekNzgbyPPcIpIPUjQpC9BBLXofcfmjh5zKCy6wGj1UTCCOiZsep4U1TWEH1eXBNwMn1BNHPsSyuSgRHumgOf7dxWcYYq8xx1WPwxsht94PqyYRK3PsNunPIjBZLXMpRphD7M7Kd2tN2uzZEJVsQ8jSMtzgR3B0pSTvklz3nLrzZEuclSJTAarK51yC1ANLsImzFwA4u9QAvhuMGq2AYMbmjxhQd4WAULJkqniZYS9vdbejm_3M-SyQlL7x-xqePjrD3LYXldxA_UEJfBRYIcY-tr3DDksIZpXu2FEqIMt_t4AyundNd4wVppR12eFW80a9Gt5xG0mTno4vAuwxh_VTJ2_hTvUyqadEY65uUMLBPd1H3DzMwasdW8kwLFah4iAV6qvPsaCylFeD58ZLHjxXhqTVZyu7LJ3D8i7iPFBEnAwoUgVnmkkDxDbw_dH_h9tvZT7CvjSSz4JVg6CplkSH_McjR-4PTMTJjUdh9wBCGWjYQsll7RH6m1j3yUMPZ_1bK7BY_wMzF7PFLYMTi2wdo_3Y_mGE8g1HSSN6rVJ6NNkwG6j19g9Bjs-vRYaiecRzvdsUKWbWtYdAOvQXfRcZ8zYmFN2a8F6tbS5jf83tLoy4X3U5RX5lLqNEZHZRhRuDp9FXU4x21risdzMEn0llUOzz0kf9e0O1abkUBg38LO3rS7wBYvQWIxDZ1LIdiFyXXiSIOYdy6lqxGr7Mh8LFlH8eYbHlpDiZ8N4bDJPx0JV0-PR-AZ1CV1K3Cas-wnaLR9eOWm5u2PvWRGyChihAUs1RgprzicbLsjcSfYzVsXLw2emYqO4HsajorJ-VVW0xs1MO0ky7BpS8uowMjlSz7InOAHHNpwcD7FGV5xv5IHMyaHH_yRf28PNWWZTuankr-9Se46ljWRWwucfnIpVKtMsw1AiEh0mS2TWWhQbjIYDS23jPuzcEqWD4oFZzTya5perNgLQmMiCcwpBMciiWgyV8CQ18gM-GoIh8bEjzvR3o35FawohKlPUIXB-DnISVKvP_srlxL34zdeUoZBoUA3RxzQMzRRIdNqiovuf1OsGLIJWQHIDjnt3X_7SNzOcpjR7EkgSPq-8dSXDpRoF_vpJqhy0lwz-92HbhJP2QCNBcy3Vmmwl3_0nRaBX2G41mwkO7WDPCh5znOmLdL52x9XuZJcFXYkehwGOH7E0lAZeu9H3pKfhwvuQuixLFUS72jdUakObKCIFQxmKUYef4EvsClw&cid=CAASEuRovNOu0iRGVppjNDcsebbArA&rfl=1%2Chttps%253A%252F%252Fultimosegundo.ig.com.br%252F%240

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

903a30008ee9249cc71b6cb534c86e5e8caf0358be048234734e5267c5051177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31339
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8805 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BCWoaGNHHk2s2nHG_9g55LVEE6wLJkP2XLSPzLnOiOQuWecvtpFMbBLYnfFXs1BiyLjwyrMGbiAuTJCz5TJqpI237d5TOFu6FkcXIYr4Lw_6-g6YQ

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8805 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:45:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8805 119 KB
36 KB 48ms
47ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 12:46:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8805 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:35:40 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1C21
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1

43 B
1014 B

76ms
29ms

Image
image/gif

23.202.53.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiv_5aTATAB&v=APEucNUad36xpR1z5Sn8qJRevt79p30N7Y8PQecjtF7EiTMFClrolLvo55fLX6N3XtNwrAk0mV6RXfHLd7M_CJ7DU7caqINr7M4diJfskH2V2Y90g3rfHZVZFN42PGH8AWXuwKrm6g2URLsKwpepBxBgkWnGZeGOmOhwHH1_Gy0GqciTwc-hkX0
Protocol: HTTP/1.1
Server: 23.202.53.51 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 12:46:45 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 29 Nov 2021 12:46:45 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1C21
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaTLtb8k911S2gjdpEdOfAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1

43 B
894 B

44ms
44ms

Image
image/gif

23.202.53.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiv_5aTATAB&v=APEucNUad36xpR1z5Sn8qJRevt79p30N7Y8PQecjtF7EiTMFClrolLvo55fLX6N3XtNwrAk0mV6RXfHLd7M_CJ7DU7caqINr7M4diJfskH2V2Y90g3rfHZVZFN42PGH8AWXuwKrm6g2URLsKwpepBxBgkWnGZeGOmOhwHH1_Gy0GqciTwc-hkX0
Protocol: HTTP/1.1
Server: 23.202.53.51 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 12:46:45 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1C21
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

43 B
1000 B

15ms
12ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiv_5aTATAB&v=APEucNUad36xpR1z5Sn8qJRevt79p30N7Y8PQecjtF7EiTMFClrolLvo55fLX6N3XtNwrAk0mV6RXfHLd7M_CJ7DU7caqINr7M4diJfskH2V2Y90g3rfHZVZFN42PGH8AWXuwKrm6g2URLsKwpepBxBgkWnGZeGOmOhwHH1_Gy0GqciTwc-hkX0

Protocol

HTTP/1.1

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
X-Proxy-Origin: 176.9.22.54; 176.9.22.54; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bab08aeb-88f9-4b93-bb4b-60c35d4c7306
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C21
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
X-Proxy-Origin: 176.9.22.54; 176.9.22.54; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a624bcfc-e42d-4895-8090-968b7c9e8c88
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 23BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1

43 B
1014 B

76ms
31ms

Image
image/gif

23.202.53.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiQgJeTATAB&v=APEucNVOxM0VKhwpQh8DKexjrVmfeCIw7AO3oqgesZkJ4ARDjXD8BeSRJArPAop2N55B6VUpW_eKL6AksJAoHfqnYUzEC6Bv_uE99jWaZoJx5Ex2pijWM0U7UhqdO0kAHgUNyaqMvVG1dkyfgZmn-KmrVEcTpmz-NLUvrgj_DiLMBEWicjOWvQM
Protocol: HTTP/1.1
Server: 23.202.53.51 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 12:46:45 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 29 Nov 2021 12:46:45 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 23BB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaTLtb8k911S2gjdpEdOfAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1

43 B
894 B

40ms
40ms

Image
image/gif

23.202.53.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiQgJeTATAB&v=APEucNVOxM0VKhwpQh8DKexjrVmfeCIw7AO3oqgesZkJ4ARDjXD8BeSRJArPAop2N55B6VUpW_eKL6AksJAoHfqnYUzEC6Bv_uE99jWaZoJx5Ex2pijWM0U7UhqdO0kAHgUNyaqMvVG1dkyfgZmn-KmrVEcTpmz-NLUvrgj_DiLMBEWicjOWvQM
Protocol: HTTP/1.1
Server: 23.202.53.51 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 12:46:45 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 23BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

43 B
1000 B

14ms
14ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiQgJeTATAB&v=APEucNVOxM0VKhwpQh8DKexjrVmfeCIw7AO3oqgesZkJ4ARDjXD8BeSRJArPAop2N55B6VUpW_eKL6AksJAoHfqnYUzEC6Bv_uE99jWaZoJx5Ex2pijWM0U7UhqdO0kAHgUNyaqMvVG1dkyfgZmn-KmrVEcTpmz-NLUvrgj_DiLMBEWicjOWvQM

Protocol

HTTP/1.1

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
X-Proxy-Origin: 176.9.22.54; 176.9.22.54; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5e1d5f71-9d7e-42a2-b47f-c9a7faa3b3de
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 23BB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

170 B
188 B

47ms
39ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:44 GMT
X-Proxy-Origin: 176.9.22.54; 176.9.22.54; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 23b13a0f-b29d-4b06-9525-7b81a447c0c9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame D410 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUNE0Lui-quPoZuwHPPTCNVVAhJJsaJTWu_ZKHEd_oVt0pewydzsbFawYSAkS2fC1z4EK_qX7vcz0kr6S1S28yOyeHrpVGqMB-LjJ1eFMGfUwgGmsWRMxaSJoeczUahSeNz6CL-YekEsqcdCLY3WO7KnNKhQ&cry=1&dbm_d=AKAmf-D9jBCXPQTGp9IxkciqbK54XsI4dlKwlNJV4mO3mNJqLOQEaHPE2DS3CiH2pC53DGexHaP9ebK_-0xVKPw66LOfscz6jADrYXKTK85LlzJr-oIIjypnsNaSGWLTcWh6kppT89yc4TRs8MnOuRTIAbsYaxw0lWvUvaW2pHmwbYKKXwASwWVyvcaMOrLaNNXZvCEfjtvK1cvobzRw0UuqZVP_YSFPJ19fc-HvdJSED0vL9TIT91tjb2EznK8XgGfJ5qz9mYIczO6u_1PqNagtlbC8XVWPZoZ-qyvPPpMRLEUQH2xiG66-sdERNUTswKyRZba3qAqGv34tvz3S0hpBdUmqDNj9K76TjnZHBswReHPOgYaDNmrenT0wNofpIFVIaAKSbYj6mwj4ML_tAY4p1Lg2AT7ik4zkdwlGT7FCROS3UCSIa3SNxQKiEAj4rcQu_JiuMlLyEMbzthN-KDwSSmjOliDjYIMqF1ebRCXZ-kZHgyUhi5arVxpFDr5JtbLnvQC-2RiIbMGIb9QmUqpqLzAu90EgCh1-Gn1sV-Bd2jCwlCaOC1dLKYPpnSWj2J6Xb7byl9B0JlyLYgy5JO8quw5RB6f2CrDythk6J8qjY9ok3Nsw3n7-ePTaVxDBA3Gtma4WEJz5VFM64TAgzz61pBtJWZKzkTYXqreIHitMqfpCV_7RjcgNPEgUMKz0StObFxf-nPTKP5s_J4mcu4QPXXQNrMs8VXoDQhcfuL75TSRt3Y-5g7M-arH2oERalwM3uT734QNVRSOMVPFoxMZ9dVTBHsAByN-TWM8wL7hOEP_HtEw3RP85vGwovQFcyIw8WknqAzrQhOxqJL0KwuUP9Ro4VfR2I3fgVxwCWznkh3JeAbrcY1BfTEenpVWXiyk5evKU_M1XVz-8Mgitg1WrVRhpC3Sg9vh0gBvGln5X8spnaMPPM3USwxjYko68jiE8SowxfP5ZHUfeK2py1-ZYeHlx-6bpTA9hqPE0ztrln4rXPvhDUhpy8HsfdKt-jOio3c9y8UVf0kQVWP4IsEEv7MPDfd_ylouSRgWGG6sXV4ROrU-prraimuokt007s3tH4qva5GWU6LwuLRyZtgspbYMh_UDVI_HHqgTrYSkrP1DASJvpDIUq-aUC2h0nXnEQ4M1YXIEGMAEMdpJpp9VWHHa65X_FnmulnLbM3uUK91xrsbpRMCLumisqUOk7z7hxBsZm7ghhltkjZjvFwcyZmwLWrq-aRFSsFAaRoMq6Pvz8JIRu6d-e-P5G8J2A2LQTSh_XL4MLl-zugVFG1w-d0o1zhy9XcJcWAOTwLP2l1lbBHqxicaCW5EkCKb63IfwTvY-0wEbYh5gWiizac43f7nAEEn8zMa10xnf9KqdGaNUFunRaBV85QwE5pF1h_TthLaqqQdjZRJBplMnV1C5wPL7uVj_t8HC-3L4u_gblAElyUYgRa2J7zmUNVvMjhOm6p9DfFFewkeVQeXBgModquOlsqiWTY0yfQPAYv48mt-o2KAZKuHnxhi97bASS5icR4IgqAAOtrRbmoPGiGiwNrQ7eoMH5At6b9QZrYiJh2yYulG3nS0GZs8zvJXpfoq0zOwirLflaBytd4xnMoi3bvlizSlkMWn84KZHLkn-a9Bg15RCstF4ruwKO8vfzamATxffyWdr6tfhpl7e6uO10EpaRfcf-6HLewR0eGaZXM6_cqJTT-46UO-ad0H2SLAxYbOsku_ecNJHh_PfxLu3rzkY9bl1eWsJi7CH8zbj3AnpwmojmtXHlVhYtW53kow5tiJ3Livx5FOUJay362qoIPbI8UjzJMrWrYsCemwtM6M95OJ5YECMZamGzpoupcy8kMfrvh7zBcqebLOz8BxfM4Ojzj1mBmOzc8mclsVHf1bUJuWLDGbki2sVvSel6LDCxF4Z8HyySYXdyBYrETgIa8VowEVDKqumThcCfxW-8ZWaIAe77C0jzgrRXTgLjKPh7eoj5FWQEiYIr3JA0WfF03WwjBZ5Sm347g0Rl-FW0GWtBkNxpVwkzlCx_ncoWYClxSrVKmtp024HAjsblxsqtvlvI5o_M8-9XI1Zwg7k9UhiRkGHulxJOHaapGUOJU4xH38MrAuv5AQJV4AZ3ltk2IaS-IVOHCiMwnvRU9qg0dwav0R1K-GtfLwaIBSgPiIIExhkt4hk_B_4K5cC5Vn-Yu-NfPxVM8iQY_h5u1M1YoiCIL3aBoSM0tp-wHa68J-5_Vku30NT6-lLWwYEA_3dBnjfYmML8CFJ3oafgUev8CSR7yURoaOfsnRoEGwjKNPSzu5_8ei_jDpMNyia4rajUcauKCGPYqpE1YuY7woNE7tqUqf8Y0CTdwxYrH1uG1glnY8V0QikV566jZDM49tDJDWVxoM6vCjjkOzBK3kayhXKxMnojqif-DPaIK8n0qqXJWPI9jQ78tz8DUINjOfvO7uBHaTKkKGCOdNSygenSNEiJvoOIByBUY9bdaUPhlbBjRG2manp08x5A1eqOWujJFCFiM5OkTIhWEhTZJQq-uyJ9RyEFfc7hadAGPu4nViU3FGBqSkimPf_EAJgvNb8Gkt_YuidthgQrrq77w1Epsu67G0gitghXRuNmw08eH9MbH9-zvkzMqlaEbUEQyt4gopWZ_7Na7Np00QOm2T8p7_HWSXx5fQK9xsnQ1AOJb56HWFYnosps-W_RSYX9rLOG2UJU0g1W84uLzPwikivOdo7l5Tl3DsFFHde85tW5VHATGYZ8riWHMzMVo_p_vUiBT4_YIx63ubPjw30wBo_l7I_Mjw_H8_RnVsnwYYrhYqO8_DhP2OSt3En6pXtwqE5ChDT1VGCgYAgD95t1rWuGCs9bMbtumJYRzayA6LPf-5lKf9hh3pV_H1EvdgKh0l7ZE7Ce1aowwP9mpN6ZzhVqvnmnfRBasDCu2-DUYtwHuUPhOsWEW_ebsyrSTvPf4iIOoqVcIRGly-f8h6FfT2z0syprv-hdsAOISyLP5FFPjwguM00ZO19IasA292B6y_QCv4KOUg-FTI0XLqeI-uUi50X-n03q1CfPUG1pRi9xNRhpS82nTqCd8mI-M1LCLiVu6uQiIZ4kk115wdIR7_T23fI5CmeHA7EewBb6y-ud1NSiczOvpG_CDTexWIOwPNa9s_lgO-Xc2j4tfhZmjBHooieVyL2fOmYsd5ckpglxxnRFAHnG43gjTsKryO8fAYttUJu8BH0QNJkqe2_1yAJvRfQbMg5so5xFlIRMvr0k6i17ebNI_R8O5w38KNYNTGGjSVTtvH3otOwwZifb9FVWfwkfekx8e-E&cid=CAASEuRo_lJiRtTGIPh0yCx617biUw&rfl=1%2Chttps%253A%252F%252Fultimosegundo.ig.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:41:46 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D410 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259119
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame A081 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAg4VcJBJ5p501la1r9vy-ZVBvdIxK0VHT4aMCyxN-cidcmE-A-l_dC8VI3iQyzfvDkGOVI8aWdt6c3KLc3q3SFPSdXA5uJ8WkOfHDNwBA1fCxsN64PJZoI3Xls3lCnr4n7Csv-IDuUcx9JhdfUTdarzIeWg&cry=1&dbm_d=AKAmf-BQ46_c9NS1FvS3P3D_b1xiI8B1NzO0XlsPN3hv_3q-l44VDjEz0gaPRr4ikid-tuQspyM8rSHaUcWLekN5JjHvkGQxGjXmL8mJPmCbK2o_kq5PA2pMP4y6gLY7TAyaCMAHHr2h14WOg4QuUCTepJgf0FekZs2Ri-fwpiGorzfDcmWyUTY95VlY7aBysY3uYKLGrj6DP6C96R9fWX9SfnB3qFjHgGVcu1Fi1oP_UoSkpBgqdNVCpJYrws4iSQrYkcqZq-mXGgtvf1uV9J_Q4xJDOgTAAfqxEFvm7mBw0P8bCFDBZFMyTyX50Ip17xJmtmlR4GNQ4WNLyAIGW3yB_0c2ZOj6voukgFRvMbdbJbzUzLDAopAMZDRgphPTwPaiW628mLpjbKenI4tfYmFdodiMifrCXKFq-I5e-aCJVZxvUKBhMMKEvkdrmhtrvuHQZodQD_1fKzLduwq22-Js5eKJdUtqh0aqiq1_Il3kG550zGXcjV0AxfTbmhLnt_G6vvjaAg0dD-nbv2APiI2FbRZZFeVIK3zaurBEtT_g0xFiVTiAs9FgXXXWdpoepKKBFda3fqwqlB2Pi4GXppw346i9UU6j03POCyTCVBEb0LaucW25kS8jU1fZnu7Q6JtMC8NH_Xrrcfh-D9EvoYM_tfEjgUjayqNacPY-10KMsEtwnXyQNflQdcku0DJOrH1ca4_OKD281qHd8dMT1gbZUhH5GoMs8hIDu4IvasVUL5IXu2oYmpTTJ1SBg4XJHHNixAyu_beF1SwqGeVbW8_nbGc-QTYd5zIyOX8Qd0T1SFocI4-Zal8-UFy1EmL7YM8bP7NB8jycgcBhxXuwS9SRwcEZOjZG-kV2-qZKwPFWrd9sNpcB-pWOLanPNqTlAhtWmoDc495EZtH_gqv5w78CJb3oJ9ZXXfyWp1frRWOjD0SS48cWx_iHBuDARKlFWmYRUicsJVxZvTHfNmcITQ2LuKF49LyFoZ0Y4rTf5M57DH6rKC04kuNcDIjrQ4taTuZc5Lxs7QhGFPGTSqlideue_veyH_RU-cn1on3es-LT_dAPmQntoVqXyWKHbQz1gNDT72BO3ku7sBg95qln6_emSQp7fe6RV8PP0XyHkm2SocYwuapr5dmNboS18ao0zMxDJqb6VF3qPwrgAUl0M2BWvvjZaPmuMHbv-L8jCQQXKY1zk1bvMjN-Mye3c2I8856kXxxCv9Pk-BgsDAOHCKStffYiNfrBbwoJjazYB-c4PzjCmLKiS_btc4l8aO7e6NzVy1SjUVgZBGiJhW50Wmo9y_xXrI_TXTF1kPoNiBfvDB8qO1lFOEHvb0JYLHS15wY-zcSPrauIA7sz30cTgHQHbUCs8nKeR8EAOjV4Ndgfzqy08qDHuk98tqPh6r5IyWMnWckqMH0ZJ9ARbGX5DSw7zab1cfRFsaaZRk3b6iDfcxUxBAptwLQkq8RVPdbUAuyPhwJnETKn7CRwgFKL8ufJ1yBw5ajRklAG75BM6kUb8SPqG4tf5z5zrswHyo_nbPMoWKmkaZH6Bt9bnDZ2TvSgsJA3SnUqU8mxHYUQ3wSClZgce3uiE0miOSmQOh__9OF5q8GbjDWtsmpjTtmLJftaMVpg_muD2yiu9gW8wvsKVDyj-bfFHUgn16K2iY1r2xhNpCNfadiNPFWd47uNKL4EGSLNn5-9jeAU1njbSw4NuIud1L8wbHhlAUw9V8A8fluHjg39kmlA85-HlGyqNKgPnxKQrliRPCM58TG1DoQoJo9sy6kzqczPLXyGalfG1FTU6jSgkQp8q_MuK4tv7zqa-4UwIg-Rrn5R81rpVlWexe0-Kdl-yRt9bhDq-LoAbF0UD60QBnzn9hz6ya79lojtDirj5o9_8Tt9k_Pr1sy4Jtf-mnXnn7yq4cwA7p-pQ1RwBNU_gYD4iz6xnGTEyHEbtPsoYePpvjKadJlpkswxDws0M2bfTdl0VsZC5cHeF-Js6yZBlOwqLaaS75LbSpFthSVmK5cssiWjLH6g6KOMG3cvTCOPRoP_pqaInbEJYILsZxtzCRe928gDZxFy0Zejh1p-EtM2HsZeDScqMYgE3DVDZQB92Ukg-U66o15e4odOGIOz6bDAF1ySv0KgrDOU4SL9RmbjA6iyHEUnw9IgXhHblWaQeMHmhAO02rSUFiczY0kJLWTePZBkdJCyGz26n7EF3zgmUp1aDSEEJohuA5qAnc4ALF4QxbVbV414F4TXrk6PXMsT6xN2zOZU2VTFGxP3rSRRk1cvPONZzFGO01xo4qrFXEuR3sqXy8Dv2M3Nx0v864eaqa5-8Zm9ApbTFuESlZu-gN8AJK_dYDCYocSlM_dDh7P4UQe4h3Y4YBhO48PY8XEBTuqeCX2JqoukLz8MsP2mHYAsUy1gPhoX5vqzZeZ36N90a6wKA9mP1QotkFdAg6YkiyVCQjp_T0OskaB6DEMhtGROyW1lLC0LvZku2SW009CAIxEcX0v9N8ZvxKVjHdl6zz0zs3-4I3Q50pMygQiS-hkJiv6S_a_uLbrfxIuL8TaE2dFHqz0ehG1BBSYIEQSglFWrJy1fdak6DPYCcheFFCiwmXrS-mD0lblXG77vqUsvhJiQO0wiuah-rsQVI8oZS2vn2aGNn3djCEUErk-ccRIK97se1z5H_3hHHi6ZEgLlFpgWqSYLEnFQ4IfuNrVAf8gt0jR2m_rzB7L6w61YCHAj4SKnc6FHuzo0cPuYx5JYR5en_ZFhA1ZUcorWabaUm5oeUZ7ZROMHSJWPexrWk7tdDQGAh6zkDfBTo_PxTK990svSB0jeiY9hI5s9tnKwob6QmM9eGt621Wwv79sx8dn73EJODu2RgvCGspwH7k5aOujxDItLedt7GHM8S74ieizZxgKVdvr7GRa0lxdRPUNou6h_-I55JbGwG1DfCfJbrTBZY5rORrSYqPoSkyg0Y96zKy71ld25lbslCGpQZWnl5ts_KkFW5aXO657jz-YTBM-C7g7R_qaM5ZAV5hJz64UY1qu6m0baNaG9nAaWNmrYnGprsJEgU2lYFLaxQbgvdqn-xQYhG7Gbwl_DGwiZ0ESQ5r0GeHkCVB8vTALEBrhcC97DbKfM7uAEeePtbejJQKybS91DknCBQmmb72lkp1Al5gNM7g6koOtovgjaBpFelTa9frQjOMMaI3SiIS0_NoxuLNpaqm_QHxFuV_Y-ZwOgW_cU1V81STnpmTgqR0EuB4nEVmfhFKDXBzB04WsfwiCh34FTuUio_UOfAwuEIXiLAcDPvLs7dCXYDrUw3SIU5pQZIbzSqza6zMW2T9U&cid=CAASEuRolr_UbQu6BzSAcupnuUDjKQ&rfl=1%2Chttps%253A%252F%252Fultimosegundo.ig.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:41:46 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A081 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259119
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BF11
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1

43 B
1014 B

77ms
31ms

Image
image/gif

23.202.53.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiMgJeTATAB&v=APEucNW4ksZUyOIclzSjgmvpCahsOS10kozHg8QwtNS_GhUf4AL5ndN0whqSmRRKZeGRd74Hk9EjMyuIMv4O2ApBXT_fYNOx9PHAX8u6sA_O6xJTty9Vt3kw5MpdAzQ5ds1JZALqyxPK0dkxxQLlBvrhPh2b7gKVSMEhiHxz5xpCVELayC0Hzds
Protocol: HTTP/1.1
Server: 23.202.53.51 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 12:46:45 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 29 Nov 2021 12:46:45 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BF11
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaTLtb8k911S2gjdpEdOfAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1

43 B
894 B

56ms
56ms

Image
image/gif

23.202.53.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiMgJeTATAB&v=APEucNW4ksZUyOIclzSjgmvpCahsOS10kozHg8QwtNS_GhUf4AL5ndN0whqSmRRKZeGRd74Hk9EjMyuIMv4O2ApBXT_fYNOx9PHAX8u6sA_O6xJTty9Vt3kw5MpdAzQ5ds1JZALqyxPK0dkxxQLlBvrhPh2b7gKVSMEhiHxz5xpCVELayC0Hzds
Protocol: HTTP/1.1
Server: 23.202.53.51 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 12:46:45 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BF11
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

43 B
1000 B

14ms
14ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiMgJeTATAB&v=APEucNW4ksZUyOIclzSjgmvpCahsOS10kozHg8QwtNS_GhUf4AL5ndN0whqSmRRKZeGRd74Hk9EjMyuIMv4O2ApBXT_fYNOx9PHAX8u6sA_O6xJTty9Vt3kw5MpdAzQ5ds1JZALqyxPK0dkxxQLlBvrhPh2b7gKVSMEhiHxz5xpCVELayC0Hzds

Protocol

HTTP/1.1

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
X-Proxy-Origin: 176.9.22.54; 176.9.22.54; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: deaa113d-b798-424a-a06e-edfde9444bf8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BF11
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
X-Proxy-Origin: 176.9.22.54; 176.9.22.54; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: be9f423c-6f28-4c0a-9697-673cb2b7a2b4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 8AE0 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTpG-HdFUuCqxndJCnVeRjFEGPrhhN_LoWd_AfvjRxLldLqIkSxMWA77ARXj7zoylP0qEt_aPnL_eNH-JaYhCvd3LkPppPkR2chgyDGm0JfCm-n74ugDC9UzJ5plX469kJCT_VeJnDgUyA-Tw43rjLPpNanQ&cry=1&dbm_d=AKAmf-BT01BT7K4uXtSp75R4vdV7oGhbVaJCsWcfoca9-lHt1_5ftN_jgUJ6wX9COy0yLF6MdNmShrOJYfCOFRnW66zFaN9ib5SzJ-RkeMF8ZVZG0DN3ol6WQCRKNjpQrRXgM3earVqiG3odyYRDQBALpCNr0RGnxkSykmFtRTHuJyglEYUe2lukDPkjfMQy4L57Dhv6SxiyTUfFuZq_tGLhG-92KSf1Gs0WXTM1kIFLn3_iQnMw6wYg_sProomk60yjCE8XM51qoVLxVTZJauLG7gOCWotYrsakXwzqlLApCpUSBzAhvT6k5B9MtzQ9ixjiCbKTqTGko3QVaeSRRGS7Kvg7zstNSTuCr5QHHbYEROrhAVPAuL45iqGHJ8aDjCXw4eU2jJhCBOhVHhk2ePks0hGJ40HF3w1VpBTy_A-RMar_WjQ8Vii41dZEtt4FR8coLhMJ3WAlf5I8zsYy6Ai7s7deYo_mRRhjkUjfffwjUqYy1F477-h0TnewaFPnEwGHANIeUzvdMrGsQnSBRRCuTuPKfrEa1ANQGVVRNln9vlQiQJaC4vxPr6_Pp_M4nDrdafmqSWBZDRGpRQYC1oCWydUO8JVcD7j5kPxFi_O_ioVrlkTo9gmaGbo6Z6N6ip5GtHcNDUMFyFTIFqHVK4oyNQhJNwNvhcws0y8epxvEnvmsiW5coM4g5PdbTErvUa2sDGQmqviGOgI4MVRUW7e8MlHOWx6I1T_uiCHr6mTtPeCKMoZMlL850ciXi84YXyO9sq3MSxvwMwx-8xYU8y_ahP6yaJp9xvxkNouZqtPaqrInBA0gMDjTItubmlkspGTlekZObW-ep0rJkOYhNd98cX6FgjZeN6dm1PSokl5jxlwhnDr1nySoSqY0duEoBmNyKP7lvdZXoyQiPkm0Q65UwnNt8jLUOWJdsNrI-0i_Tmk3pm19DjI5OkZZdCxe5bQ_Cq4xiST6kiU5kmAmCqEfkF0My3ZGHqCWqobZu6gLopESH8firUrF670S4-V9KwOur4a8dpoUeUsfUjsUe-5HgLc0tyJ7-3c8OkFNxfAqJ1dqhzV_DwOz5d07k6SE_HW5fA5BWYOLH5wux0yIpVTWB-YVRpBLnj76g0ETDkVNfTFEgcipw8EtsZPq_istPJr3tFTSAnxXQJjA-z0dzvsmrASsEvhT5uCUOxRh82JQwZXFgP7y_JmMCQnk9wgYWP7180V8b6NkwTfbPPx1V4SSWhlgcV517bXmztEtEuA8EYUjVsKjVVvoJed82aCYEtLAWJYYkAi2ZVnFnsKJvUmofnuG7rkBws58rseiKLNc6WCWro_LlK4JBiepSvR_Y5j39p5-FZMUpkEg6tXg0vgkhAWJ8mI1W-hcY24ZG4TbYHJlyjYW6dC44mUO6DiBfQaWZSTMzwWJmnu_DrxlSihTwoLsXqEbNgg8PHjZGRVt41iLAoiZtB3wfn9nfaWp_1h2lh2s3KOvMgWFCnAXgKPqN_Gis3PISsEsqsyBOh2coes_NaQYveoIaR1ug6ORJ5LQNHZPtLHjzQxWK9Hhc9ykj_fpbGGFVHSx4K0KV7rDEk8mjIzqkW4CDKsSxl8v-ppa-1mvvZyRg354lGWiXFM0nmHVYTDMdTWd06nFe1er-ilBzatmOBgMTQLXE-mL0J2CautNsyf4nGx-n4Zw6MmfHv9ifF65wEyiBDdJu-fB2BDPUi6FMbizDsg0EgZi5aayPFMsQCnVi5O7VnlRghYGNQkdGD7D9LoA_XbkF15OOwkDt4_28b18aW3r4BBlnl04zY62rNvhC6VSpPg3zcA24OaVZp_19LiF9hPW1TW4G0Sa3UPPoJFzZP9efuqVcAehyCsUqJJjAwm5JzpVKG7shZDBoYL5OinEePzS-STZo6mTrSYBQfoI2_qnhzC5qgLRVS-YycpS3eLWMdPrFwWNB82bRCxbKV0-Im-FMWPuPNJ0J-gYJ0q30L-W-cRWRDuMjn9Vuj-fcLL1gzdybaHNKo-3r9J1jqKLQ9_3p94_igA6tO4GrxvAS7muOtvbGhSMzfH1-07qLWpJaKXhyaTo_x0PMgN8smT5CdHWpEpMPqO-NSEXiQBhzkQN3St-WxxLs8FKwpJB7ENMVDfEdCFdjZgMMMjbJUHDm5Y_eexVF0CEi6VO7vAj7sMa3S_tPdBykXPEYG-LbftAYv2ZhYlek8m-wH86oNoMbVd2auXyijRJmmeqJgKpr_SXki5u_cTl5cCEc1tZujhcne0E3MdoXggwuiR-LC5Ip57hId1Wtmokwhnk2s01VSHqyWr0m_bQlot9CdltayN-4LiUi8GzDZDVlMhAjAA6U_l7mafcRIY6PT03IEJRPXNZU74TkSCEel9IBZohaXIweRfFLv7taLZ3NEmKwMqNHRuWj8BkKk_Y7H84TP09Gnz6n5JQfwuZ1-LYJLr9RcF4qjeuZyMRF7_Yhfplwi9HaZiBuznOuFrG8zW8cvXNZu-e3Rh-AQJMV3s4ZwiNtFfaTQg6hD2HGybsQWKUUjbPRUGm75LUoQBaKbjMius5tRDLF_F5ho8dxNQIJNaKQVm0BXzzuk1szBXhjSdTIIx4rb3mFURQH24tbPX56tjnpbriuPAV2U1aIMzBpTUdlR6QO86Qansglf8FlFLHw4PYJfr6aC5eZ9PTdiw3RvHXKiMxsYS354ScoOwAWjMT_bH2VcmmNkHYDNdbNSNZfLahFnEj1wLzPIUw-ICUOJIzhw0IoFuaA39yHX7SSlkB7XEIK16nH3bP1I8P6BFCPKoBXeuDhc7UguRR-Pjr7yibAUR2ldW6Gs26knInty0_0hEcNC2INpMgWXKBeu2cQUhm248C2_51xU5GOUtViN2VHVQ2sEfVXp7iDlmHALb4N-QSUideSQzEfYJxcwHcEm7cyqix1rjtFYvcyEIW5fahCzqfVSxWaZ6LOXYOgtox83LjlE3YBbwK40GYe12L24p20OYeKB37ZIrErFZHcqJ45f6TaPaCGqCmIkR7uZtVJlQdKKuWjZKnVKLgm-Q6rBKAv0hc2gnEWfSEaNwSbke0lnuTpHn3x6dZG-5KVzBcDd37L6J5liIOxAhGRuj7Tw6RQhulM6_FXlj4c4VZXxIWj6Ho0fhRM8XlvJ51kSyTe2pcmVJV1LaP69im0Gw1cOgnqSgH_rT7CWDrywYeS-_SvbrSbFTNIBeuwvXSPZDWT415kQthqfim-FHh2929u4PAXfdp0fBHoyFkFJ9zVF3ojnnalsGg2ospH4p4Jk-Ad_HQzfRHT-uP3BZGtUXUpFAioqQPAIqpvzJrzaKAuP8&cid=CAASEuRoSydUHCycFQx74jhlXxAmQA&rfl=1%2Chttps%253A%252F%252Fultimosegundo.ig.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:41:46 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8AE0 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259119
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame BDB7 24 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DrN7-ng6k6E42RkNtAW5t7FX1QRhPGiE1yfl-WJbo3VJh3TYPgJoXpeChtIbNekjFIrs8W9ilYzDDErWMooN6RO03XN5zGPahMzONJn93xF6QzOCnLymc89ciZonjblbDyjHFQYNS--ZiMcKLh_laCSubYMw&cry=1&dbm_d=AKAmf-DyQVu0gDMg2u3U7fhAXEULru3KSWTQ6Y9OtmGPuO5L6bNOXeECwx3XvGZh_ht708POsY5LExk0Nw_1D86tlPNaMbRcRXZ2DsMk9goqJ2whu2Vxd64LNMcshUVErFV6CXCHHywrt5CBdC_ntA0hcuP0IWkKJ95RwejaZvP9WPd3dRU5hWA6KoIvVjRaqOZPfGV_psv961ZVPhwaPUaAqe3428A2Z7sHzWyiiKjnzS-Fq0Bubb3LGYA0fyTrcoeHPu7lSjCjtT1RqhAkOoEWkepTJ8IPanUpmBLgNs_Vzy7WKZjpM4ARcUHWcFDy3Eg4qn1FN15ww5r4jwqMvJTMKnXHqXySUSZnZ5CmC71wy2ZUv01DvOWlx8BLbtM23Y-Ao4jDT3Yv8qfMC_JrHTO4euctP7yg4dgIdXLz7Tp5eFvCbNsNGb8XIwGEvvQPTLJc8p3GeIYrkes7ScfO0MCnTq5wepOw9qvMES8BNyZekEtqthuifNENIv_JhucFuVteGmHJaCYseuw1W1jeEGxa_l0efufKfK-Rr5d6HJmGZLs5w8Jac9W-0BbRZa14ZZThp_cgnKPlS9G3ccOkA6aqhuj9u54L3PZFJVlj8VBdXEEB-DnTBpmSk5AebCCPa3C1Kltj3sMeF-H-DD-8V0MqJ8pMh88q0UTVZCqQoWS4K1AYb1NTDgR59L0H0g8Wl04CEqi1uGwzj4XH-o-kFjypt5V3fugjHBTOilJdWkbjciusY2Ei1yQhns4eEGGvkmrxrjNDfyDnJxFeUT-hK5EFT7lCXIhp4p05vX6Oz_dQXHuW9xYP6Zo3WAo7rxhVv-NuHtlMZzmtM3aiOi0bqRHPtoIy97JMt0lxYSt3rFgzylHiPyuZdVLgwx4a-Pl5lQ9dWUoC2XjYgX72F1agjOtlG9WJrjVoMVJswW6NFyWQhhq6MoVgf8R3zLDDsZkg0J55rBNNM2e318Xf0SKjYG4-uAQA0fwyQAV4yCGYqKfrArzc-yjF2pl9joAsR8TCFg0tnlldNLD1Rds1kiIGPoTotepVI9uw4h41bkArb_9_haJkzldQnJ9ak4dJBN--uCHxz1xUQxyBujnHQgeNvHFXCTt4C8T5IF3rS--HB0UVSwJUsyjJhJnNm0YxXYfq-pipS2wyAp3x4tPD5XD_GodNJ910dNiJ3z1kYU1bFDmMp6rew0xNmzawJRTdY00gGbWGksmF3WI0iI-OLvKJi_nFJ5G89JnpiTtwFea4Fl1hZxYxc_JUFLGG1NUIItMvKuhH3GfPl5A9NwLXLwDt1_4pMsRCyxiANrcLcxZG2UYgtmzBObK31EM_-j1uOOQToiv5kDAOgiQhcdKl_jrJEEFbPBVVKgsTOxTnqdq711h_vaONmUrPkNE1cM3gUCjeoDLEey9sTSf55lfaXil3_i8ekYSG2Xbup1z5HIFvAzYV_9-D3h9IyVmVLmktI_UBJipI8f9QB5IiKy4w5GrhCIdk9gMc1F5oFGc_Kc_bGb_6XKw4PA9y3jlnZFDattiY3rKCYUa5G7EfQUIe2Ng9--2OkNlAz2y1Uz92_ElYQIRf_5nfK9vPLmcRFZFpTFYE3-LqpKin8j84RUObTk6Tr9tQjzCIoBY2_8E9RMz30E2WtrJ53WjXZy5BhpFy19kGCEdwD4z38H1a_oBkaoG-XEH-yNEGatR4-xzhrGbDHb7VLM5-K4D-InrXsWPvVRRtRprlnv9SvRMlNa9BlPgw-uH-V6tz9hcCzTICa8ixszwKG0eVUBmYGrkrMrG4WKHl73lwFwEM64AxbF9EyEohAzcxpfrR1gqgbtSPvstR01p4MIV3Slfuy_cXz5n7cW8DzPcKkuK3PArYxo_6F4mi6uqtAepUOklJW6d7IpRVR0jHZD3t7-luP5Ai2I0FQEBHxvMBbrsFmoMY9waQ4oF-Pu55CXU3TJCSn0uLXS3uVECwDTLIT8q5lSG8WNJZo6caimDgtvyIE-XHFPftIzwk5wVykOnVOoh-2lkxNdAMXR8HyPVaCNjNt7GemSbUNx8abs3Ki1SqHgRkyyjM_hok8k90juJWgTrWMiknL8fhoWNoAfSjgIC9Vpel6JGzHoWf2yS3QHxE_EcdxEB2PMtNdGOJrKmSEQwnwSFByPBFKSzX5pYUBhByygn6xKOsOFF7Gy2TNyKCzvScOUPBavhrSp9u2OllB3JFRUp2d7GO-roR8b117UEL3pD0ag6sfkQbyO5D6m-PDd7cJW8Oky_aUf5a75XBLoD8mbOiL4YkR4euAIcMZ2zVowrgRlXRKpP9cfAJ0f8KliGD48xTFsOSAHtSYS8UNC9hcGvIZzbFbbV9ysbBt2IQ4YD0QllpaZc4jeQzt_911Phqi_Xi9-_pIqfSPNuzqodRbOZZxp7HkbdAMzqKEGHpY6Uj8jxhMzGVr7722_kcfwTrrmUEn22q-UbFtm5MH7FmRWEABsroyBAoZtwecLnCcpAQ44W2E5sokhNaeKdATPcksjOwKLrqXoH6CGpikn3Iq9L0bpYo2PQJ28O1an9e1160e6pdQsg5RBGbOzO45ZnAiAZJQIAiGVM4izxa_1ib81qMI906QvDA8acMW3REAfdveJZiR3Nhqo700MtScBDPuZYJ-DyIFOavY_aMVYGCauHDPWbos4RaQwWze1i6EEZbqNq-2OuCDBrKbFqz-Bm1Td6SxLtHVd9sGyn3buBIxRKgYiLg3Mjyz4_VbP8Yw24Xi9pzXqDXQUX4OrVzrCaCs3PAR3fwE5iutGg-7n3rT7S0D1_N-rcCMPLL3fHqpc35Cka6mgASiygTebgW3fL-d7cu0OgniLV30sQ4fWzUEVczPXgKnp4Dlj2N3NtwM5ohEagyhelLlhtwtEV9qd4jhT5-xdlUeej-KRAXwBmZQTJKzd2JbzLZh4EyFiXfYO8qiA0lfd-CzpyALRtvXYbEP7LZaJzTZoVJ1pgwAuPz-rJBbKjYgCEfJ-N5HZ8O3I1V8Cx0siggIHqZf1npG6pNEeG63coC6qc8URZD0aPz1n1OiSmioOHjDtsRNk6ziCk0FFQDtJLNEYVBKYOyw_VHP1m6NpNHufafRoTLXDtduS1XD57VZrZmRFEhGxHr6_yUuf40c2Wa3bPj3gfZz8Hc3PphQ5xU6VFTZ6RIlEpARU2O1RXemyepW865Qz-oIyfGQjOr33PJagElCnG3x4uJjnqED0scIb8ubfCievMe0YmgOCVbEVTMwsP7uScoGXfCVfAPtyMFk2uDX7-EFdCqlnTwOQdkG_USUPTGY4EUyDlrZUSwku0SW4fNIdSGT4E&cid=CAASEuRoQlQqn5h-9C-LYFMe2V0kTQ&rfl=1%2Chttps%253A%252F%252Fultimosegundo.ig.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:41:46 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BDB7 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259119
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D462
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1

43 B
1014 B

62ms
31ms

Image
image/gif

23.202.53.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiMgJeTATAB&v=APEucNVx7d0hvZ7Msdz-e96myxviWBc40h8x4w7BVvZ_oV57UbwgrAPUd6hozZMfMN9iKoJEQlgHv9g-0KdoPmefF2f54wmc0SqDKgaF5udkvyOHu0VWZtts82cw9Cl2-TXT46BsWMiQxBL9HIOOgqX2tTse1HoBAt8VrmgVdqGymAJRf3bTzCU
Protocol: HTTP/1.1
Server: 23.202.53.51 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 12:46:45 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 29 Nov 2021 12:46:45 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D462
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaTLtb8k911S2gjdpEdOfAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1

43 B
894 B

37ms
37ms

Image
image/gif

23.202.53.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiMgJeTATAB&v=APEucNVx7d0hvZ7Msdz-e96myxviWBc40h8x4w7BVvZ_oV57UbwgrAPUd6hozZMfMN9iKoJEQlgHv9g-0KdoPmefF2f54wmc0SqDKgaF5udkvyOHu0VWZtts82cw9Cl2-TXT46BsWMiQxBL9HIOOgqX2tTse1HoBAt8VrmgVdqGymAJRf3bTzCU
Protocol: HTTP/1.1
Server: 23.202.53.51 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 12:46:45 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D462
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

43 B
1000 B

19ms
16ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMwDENi0ZBiMgJeTATAB&v=APEucNVx7d0hvZ7Msdz-e96myxviWBc40h8x4w7BVvZ_oV57UbwgrAPUd6hozZMfMN9iKoJEQlgHv9g-0KdoPmefF2f54wmc0SqDKgaF5udkvyOHu0VWZtts82cw9Cl2-TXT46BsWMiQxBL9HIOOgqX2tTse1HoBAt8VrmgVdqGymAJRf3bTzCU

Protocol

HTTP/1.1

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
X-Proxy-Origin: 176.9.22.54; 176.9.22.54; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 142bbca6-b38f-4e57-a086-b268ac23dffc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D462
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
X-Proxy-Origin: 176.9.22.54; 176.9.22.54; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e845d174-64d5-418e-b1f5-1a05e575e590
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0C12
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1

43 B
1014 B

90ms
54ms

Image
image/gif

23.202.53.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYo8OzZTAB&v=APEucNVLYg8nXtfNbrnlqFbU24Qt3WO0iuyQEwHUJzDgY9jbwsPDx-bfQPOb_hEC3G4_KZZYTY0OSCS8yQw2I8U1RCPO17YvnIchJCOoqW3n92dRqdQRcOxp2QE2OAeUpFiLsILrsiNpsTKAS1ZCoVJDOqYS-nEX2zOMPJPMkjnExhitUy2L79w
Protocol: HTTP/1.1
Server: 23.202.53.51 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 12:46:45 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0C12
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaTLtb8k911S2gjdpEdOfAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1

43 B
894 B

32ms
32ms

Image
image/gif

23.202.53.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYo8OzZTAB&v=APEucNVLYg8nXtfNbrnlqFbU24Qt3WO0iuyQEwHUJzDgY9jbwsPDx-bfQPOb_hEC3G4_KZZYTY0OSCS8yQw2I8U1RCPO17YvnIchJCOoqW3n92dRqdQRcOxp2QE2OAeUpFiLsILrsiNpsTKAS1ZCoVJDOqYS-nEX2zOMPJPMkjnExhitUy2L79w
Protocol: HTTP/1.1
Server: 23.202.53.51 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-53-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 12:46:45 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB1D-CXuBNwbr6YE9YnERCk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0C12
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

43 B
1000 B

39ms
38ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYo8OzZTAB&v=APEucNVLYg8nXtfNbrnlqFbU24Qt3WO0iuyQEwHUJzDgY9jbwsPDx-bfQPOb_hEC3G4_KZZYTY0OSCS8yQw2I8U1RCPO17YvnIchJCOoqW3n92dRqdQRcOxp2QE2OAeUpFiLsILrsiNpsTKAS1ZCoVJDOqYS-nEX2zOMPJPMkjnExhitUy2L79w

Protocol

HTTP/1.1

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
X-Proxy-Origin: 176.9.22.54; 176.9.22.54; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5977a9a9-582f-40d4-9a1e-6cc78374431c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGNtkkRfSGNcDPoipWk2XN8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C12
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

170 B
188 B

29ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
X-Proxy-Origin: 176.9.22.54; 176.9.22.54; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4e40a1b3-fcb9-456a-b7b4-4db2f1e23bf9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk2Njc0MDI4NDI5ODkyNjgzMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 8805 106 KB
38 KB 65ms
12ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
Origin: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 12:44:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 8805 8 KB
3 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AofwlbJwkzO6bu1EQU3f612wNTbIs7-_5dnk1GZiymJ24T-kgLeP8hwbFhNoVNHcpAHKEI-J7tu2PxXv45YwnvvQeDzINcGg9Zbr7rfuzTkknicSxsrwDSNp0y6m3ySCtYdIYcOWFMCgWUSwN9jO2jKLMZsw&dbm_d=AKAmf-B3fyFIT5w_ta3DSiqBhY3PNeda7iFfcwreqCyCEVtSZVJx2H-gCmR7RwpKhkMJOuR2US1eFUJ30S4vehLs9aCCgNbApy7xMcE0siLfyYfREmahY3jC_UsfuPhgj2qBrsCdQSuMpWxh2N-AwHy5dy0ceZO3OZGAFm9O263xy9KyvsWgYOZGsrlVlwHHREvX-W9SrGf76_wAH7k8UEoHs5TOr4fO7XvKqNflMDzTU5GcKay0rma6AIeUeURrCL1mjdrYIp644sjHb3zhOkIrtM8kHFaBTJXfM4cQ1wZOLAGVeVMrDOEM4bhdeEowm9lQ_Vj8i-JjGsiTa60sDYcMHCThZCdvJQnCF1BbjrKBP9LiYJl8wsPeqtkkEpDABpcgYPavWgxKVP6_G4ANeLbWAoTYxHD9_5tVaL1i1uqM9cOVJYGctcnu6RSdF_lHplT0X2K4n7Y4vU5NrEOOXhkJi4I1SbqFek19omjrr2EYx-hPRlqGRDyAoz0yF8mWCQw-JwerC7ObB9SQiLkKyjTLeSikUp2EEUpcrOdfcyvYlALr8fw9JQd_cmIG7dL3gk7fREYf7N2lhLhRN7oxjkr8wiLvBk1n040XruIRdcrAPxj3rNUSaAEC81m399XlecGn5Clr-5B8a9y59r3rlNvUCszZQ_ml7_eGsPnzLhCLBE3MD1jWStluotbeKFwwSvtQaXP9CkgkNoxgMH8Uu96-rA6CdYusf9uwkQnsLAc860AAdibW1HUiOo8crYV6RH179cFkjIxDocQcusWf4K62A-AOXKJWrrMTX6JwF59fJSA243vB_M1TBKWWoooNHqRAD1IHZmqZsvHXOrCl150euu4LHdxWaYxJzPfstEaW8Bu1HLkxjxacPKYFQoCoG-3sw_-sNVefm26Wog4Ui5Z5fdcdTutKKKZvfrcMgcTYRsmHS_VHSTDV7X9CsEAb9-ZYTv4eFHVGtROrtdZoe19xYudTQEhcVWvThpdUYx5r9A572838EeCRK_BOQDHwxsvEL_c1zs4oM7IBKGqKro-wghar-51CGXxgiZMzDV52eUEicLaShCaaHIBiXIBVHJSYle8kKQ7mSQFYbnS6zSzy7YIXx_VOK75JstTyXW__mtRml6s6iTW9LvWN0Tl5Q42zEg6ucabCvN6kpb9U33XxJZZYToP7E-zRYKTqGfkTAGpSf1VkgCDERarOJ0L34W5__XtdLnCE4cvr36zhUS2EMbsnLo_1qCWzVcpE9POK-eSD6eACWnIzNDaYodXrfMJbGvsqa9xIvXKts49VnWJABNF7iTb_JM7LrmhEY1Sqm7CsB3HqXqwLCK-R11rwO6c3MspoSxKTwdplRe02uqkUgmlkvBH6rT091lnCYIZd3W_d1P3As0Cb8AKgQw7W8eI6ysehRaLIWzDSZJxxx8ohlzvjcoJ6HIm9xqM3Np9Y35s56KT0e2noubj8wn57_8nF-pQW8GwghZE3MnB6sVNj6lWxcbUfKYBqTtVGIKshElSvTUjx2i1fEJZWO1nbsZ8TcAZNSRBl6SCzPBKPjpLEoIve6_K3CBlcXKfi34_T9rfZ1bfI_XfJ437mQt37LR32KF3h-pLi7ar_M9TtcI8AGPYOCd87i5gKLv-3lwILFAS8BbTnFIljAkFrThuNpkYvC6VyO65wubqjSTgBbABJlGQYH2jMxgvAS4N0m6y73GB0m5P1vObpHu_knR_yi21eOPG942S6LbVmXh_-uG35zcmvynqWGMZWPBpkhbeP8E7UVEc5yRQcUSJtfepGndT__Q9X7Abu6FXT1conkp4wHik6oT4oHTEeWjeJ9bSzgv7s8mgfILzc2EYmWqAZM-0XyjOnE8aLgvQUklQrCQv_SkrRUEi5tvhPrlc30OjzZUY66PLHchTwIXqxieFkJhxFQKaEv6ztTbWPoHAVFt1oGa2qwhGQfNEcREcdz9Zkluf5WdzcWj7jY1XYFOTx2X69EVRN7mnQ80aWhWqq5ZgX1BKPNYjYJuFTUCegsPK_m1BWbNuNzmkBo-MhH6403JVuNECZEHngkcVohnGYfnrG6-LyWVRQAT8AsRjGtM0eeZgLQsNrLfg4f1wfvhbdgEOpLZdU7_UPvIB85QEq6BzXb0fuTyduh9jJ7sf9TVvNfC_dG1MixZTx3ovMGowFibyoozekNzgbyPPcIpIPUjQpC9BBLXofcfmjh5zKCy6wGj1UTCCOiZsep4U1TWEH1eXBNwMn1BNHPsSyuSgRHumgOf7dxWcYYq8xx1WPwxsht94PqyYRK3PsNunPIjBZLXMpRphD7M7Kd2tN2uzZEJVsQ8jSMtzgR3B0pSTvklz3nLrzZEuclSJTAarK51yC1ANLsImzFwA4u9QAvhuMGq2AYMbmjxhQd4WAULJkqniZYS9vdbejm_3M-SyQlL7x-xqePjrD3LYXldxA_UEJfBRYIcY-tr3DDksIZpXu2FEqIMt_t4AyundNd4wVppR12eFW80a9Gt5xG0mTno4vAuwxh_VTJ2_hTvUyqadEY65uUMLBPd1H3DzMwasdW8kwLFah4iAV6qvPsaCylFeD58ZLHjxXhqTVZyu7LJ3D8i7iPFBEnAwoUgVnmkkDxDbw_dH_h9tvZT7CvjSSz4JVg6CplkSH_McjR-4PTMTJjUdh9wBCGWjYQsll7RH6m1j3yUMPZ_1bK7BY_wMzF7PFLYMTi2wdo_3Y_mGE8g1HSSN6rVJ6NNkwG6j19g9Bjs-vRYaiecRzvdsUKWbWtYdAOvQXfRcZ8zYmFN2a8F6tbS5jf83tLoy4X3U5RX5lLqNEZHZRhRuDp9FXU4x21risdzMEn0llUOzz0kf9e0O1abkUBg38LO3rS7wBYvQWIxDZ1LIdiFyXXiSIOYdy6lqxGr7Mh8LFlH8eYbHlpDiZ8N4bDJPx0JV0-PR-AZ1CV1K3Cas-wnaLR9eOWm5u2PvWRGyChihAUs1RgprzicbLsjcSfYzVsXLw2emYqO4HsajorJ-VVW0xs1MO0ky7BpS8uowMjlSz7InOAHHNpwcD7FGV5xv5IHMyaHH_yRf28PNWWZTuankr-9Se46ljWRWwucfnIpVKtMsw1AiEh0mS2TWWhQbjIYDS23jPuzcEqWD4oFZzTya5perNgLQmMiCcwpBMciiWgyV8CQ18gM-GoIh8bEjzvR3o35FawohKlPUIXB-DnISVKvP_srlxL34zdeUoZBoUA3RxzQMzRRIdNqiovuf1OsGLIJWQHIDjnt3X_7SNzOcpjR7EkgSPq-8dSXDpRoF_vpJqhy0lwz-92HbhJP2QCNBcy3Vmmwl3_0nRaBX2G41mwkO7WDPCh5znOmLdL52x9XuZJcFXYkehwGOH7E0lAZeu9H3pKfhwvuQuixLFUS72jdUakObKCIFQxmKUYef4EvsClw&cid=CAASEuRovNOu0iRGVppjNDcsebbArA&rfl=1%2Chttps%253A%252F%252Fultimosegundo.ig.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:44:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 8805 24 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 12:41:46 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame D410 33 KB
16 KB 93ms
20ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=40774892;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CJQNotMukYdrmEp6O9u8PvISTkAan6bG0ZqiGzLqgD6Xtu6HuDRABIIul92xglYKAgLAHoAHTxpiYA8gBCakCR_FgF8Trsj6oAwGqBKACT9ACtLB3dEsebHS_i6fucxZvVKnFUe6J6hCLQFcrmP_qxX7skUHYB3z5HJWN2E14heOixJ64g6lbTUtxonVY5kUrR6sJCF4-pTpl4Y2ZvOQRdWPwnVV-Lbq_icNoaAo-trnn5_OIT70vsxmj_d2rikFFYWytbIx_bbrrvQDqlredIXJPQv6TSPPTdC-XrQHJnjvNp7UQXALKcUqZ2BWit7K-CjHl8MKAEQPOobtrs94JRSThrzHn1vim2eQoAOsKqsA7n9ZoU9c-ZdwdQyPAd514FARQ6olpQEgy7pSuznlVr916GRkodLsuYnpey8sZTNnEZeNo7-GfZEaqIx8t8SePLLX9qXwhNa8IOV9cwOe-QQJBa0nhnCAB9VNVSk3EwATAsITs9wPgBAOQBgGgBk2AB5W552eoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6_YlA3YEwuIFALYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAASEuRo_lJiRtTGIPh0yCx617biUw&sig=AOD64_2rXKk5iZBMXvlAfSDfPbINT6rSAQ&client=ca-pub-5366475136794115&dbm_c=AKAmf-AvPEPWhKxj5U7nGNbCOygYq5X7SnwKY6yyiST5tihPM6WE4_ZYlPDvxJrc0AjMevW-bMgL4Shg8P_3SpDDYCSleW6sp7TznIKbbwLiqg5OYExYvpPihYigMxcvlJ7UMbAs8DgoFMhlpTmMPd3FUbyqjAZUWQ&cry=1&dbm_d=AKAmf-AXhSAkuzkWzxbwqNbhEXHnd19dCRVY-iFoTjMtH9nRG4ZWsRKE1xEgumzfK5gNOKkKr4iU28y3xYJNNTzSszlDM2LuIKD7cUVn6f4Bp45Q7yG-u3oNbNOPBIlHHyADvN9wCVbGhe5P4-57biGkFFYZ6pbiyT4PpwwsWr7hIUZCKgMse4CL2DMrxHbPKvInhZ1nIhbbKY7hd0I7SnaI3kjDqzUN2g60_7ovrLzclWa-8bHo5jYrOHKetaTuGJjeQLK2oN5aRgr0OFmAR0gdAkBDxtWcYTuVYWh55iLxAwfJEts4dHy_whGgwg1uoz5zDY_4kXKJNB-Pdvmk-AgpX2cHQ5OBcv5WRTPz1KlvZ-CQ70KuJpZP6UEffvryVAGvP8weG0YLM71GKIERJ_nKuxkY_l_O3YeCs0fVdNsSR4Kvlh_HClqgsw8GuuX35A4zTA7TGaGRGoiM41AKHQeUxO-AwPalJoA-Go631Jdx2z7UX0xrxeYIrVNIL-qJQkMkSf0LDao-81opQ4ntiQu06xFeiRgyz63s7gGUOxp2o4Ta-UeE1kaHZbkR01dWEuG0sEH7p7FzrAXjTHAHrx-fZmqA_ktHYA&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 30 Nov 2021 16:28:56 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame A081 33 KB
16 KB 111ms
40ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=40774889;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CFhT8tMukYdfmEp6O9u8PvISTkAbj3bG0ZuXM2fXmDs3tu6HuDRABIIul92xglYKAgLAHoAHTxpiYA8gBCakCR_FgF8Trsj6oAwGqBKACT9BGfqG7zkBE9Y-CqzJ3JYW_SP8WWoC4pOIdl2YddJBNO4RMSLnq-OQLOFkhVZQTcBl1kNEEFeMCMGt4k2RdzKPjXdnWX60DkFEUEq6JOM_ai-uAazV6ZTBM4Xt26In3jPK36btVN2s4Pp4P68OfCiL2yHbqXN_zeaH0g9PQClcsvO2Nmt8vS0YLUBc2ee8QpzawQbBxgwuKUxbMbk5XWx8dUkNhqMayq4esPxg1Xd-ouHdZlEztSd49DfwCtttjGx39JLI0FYX8F9eDKd7wMPA7B8MGie776CvRo0xONn2SQhrF39hJ669XbCeB7J4sC_B8F9jQBjbeUT2H9z8DcTKpeMN6EkE-ks8kIavvcZ9xJUOxKVwC9QXUAFvy2_icwASTscaI-APgBAOQBgGgBk2AB5W552eoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6_YlA3YEwuIFAHYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAASEuRolr_UbQu6BzSAcupnuUDjKQ&sig=AOD64_1awi8Vf_7BZDCM87V9JH8u0hAkfw&client=ca-pub-5366475136794115&dbm_c=AKAmf-CVmOq8TH6pbaRYAn_Meyr6esLJvTv1QE2_9J-6O7YU1sbBpKpocCM_u9DR-iw39Kh1CBsGxrqholcTbrJCZObs_CqWXZf5jLuMDASF9by9UMK6oFybt1kCqhCFJob_K96FEJij9gL_J0E1tBp4Zx-TFezWmQ&cry=1&dbm_d=AKAmf-BAtmrpL2xE5NYuFrxqlGmt4MKdSk1aNkOf3wr39rK6JAFIk6cDyyV3ZhCdDVO9c73FVEfM__ThYq1gXaT0G1DyQpDZak5mpGJrwkQA_kSN7jK8F_ENxjwDYKxOe7NkjLYnlrNe8x5VB68OVdbTNV5-OhK33m4xhd7eOJNrTZrP3xVJvG7ZA2UeR0_fePOW1JVnalPgz6IItGLc3BnCfKaFsfncpR5ZxYiVeeVOHkDD9Iw_MNNC7EK-1JknawIZ0tA0fAUUdnYmn0H2ttMn6_Yja0gqmQGDqU3KDjBL-cnODlVuY71I_hkzS_yvi6hNoPfXzB1DtiGTKXEeZ_OrwOhvCdn2rbaS-yCW_LdwLoh0x9xwxuWD25i7judqoZ_yiDnq5oeiHl1107Wfo8f4iRaQOHzfjoCVq8B2ib1duKdtPuuYwzMq0Fr87ZGQBQUd9dQsX8ubxoRnQrqbR7mrdGtGC7vVFMVEpuTffWTqmKPw377WwKyPr9NiWE0-BqPvVH9dCucpt9PcvFy8oAqEFyyKQQZXhy9ZvzNarQaE6Do_YvbOUQhSF6nyeKlUblZKzyhIBUA3r-5_WqpkivKmm50sC0WzzA&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 30 Nov 2021 16:28:56 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 8AE0 33 KB
16 KB 115ms
45ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=40774881;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C4N7ZtMukYdjmEp6O9u8PvISTkAbj3bG0Zo3N2fXmDs3tu6HuDRABIIul92xglYKAgLAHoAHTxpiYA8gBCakCR_FgF8Trsj6oAwGqBKACT9CQrUvwOklOw27_I5FXIJ9mXJtr5jUoFa0wZ9VANI0TgUTy8tVE98cCpeb_qivfpJ6xsku6tAT4Kl6xfKavAfOUb9b2UNnEou8ryxSv8U9zDCoUzWAgO4emOy2gK9MGnbU-zQNTEi4Sq1lzaCv_BuYWbKhxn0U5irv3waLnQabanQP4KDg0NzW_Rj_Lp6BtdXXuA6CB6Au1SenNOeQhukRJKZI937RXRp8FONsNApa_H6JqmOrNkQyUNpfVX-cjzf5Ni0G1MJw5nGjbCb-diHZSGfvQZZdzCdjjXNF89TG2sNuMTS8S-Na_einntO9q520nhM-RYvJOxnhOO35TNGVtHpZML-tADI_4jAjBz13904jXa31s3cG7kxHWL_U7wASTscaI-APgBAOQBgGgBk2AB5W552eoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6_YlA3YEwuIFAHYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAASEuRoSydUHCycFQx74jhlXxAmQA&sig=AOD64_3bvoyW8FausqB9jbFtsMQFagPlCw&client=ca-pub-5366475136794115&dbm_c=AKAmf-CoGHnDZDEMDUn7T1aM5aAvJQcVCdRgcpikVwKbL6cwlyR6aB3jFk0kCdsmYyBkILrW0T2AY1S1njN2Ljaa-aY4q4Qd19yHbZFgG8g1yfhvrklV56sTLRmv4Y1J8cL0MSVovVOrosCEC86LicIxMGZuXCIJJw&cry=1&dbm_d=AKAmf-DY8Msx8jyHV88QRPai2HgKycvrAYY7ACs9YFZM_i-EFQzpegewshBNyDsdolRjm2LFo4exCKJYfzLsAkHrVfb59V5iWbWriR9SSQC8QBM39jnk54-A-TDLFsXYQG0dMqHC2B9potAOhJ1BrHx3YKQGhmWgNwrdKSNP5QKrztDjFVZFgivvwMymvW-prrGbr5XzcO3j88pj5ZFwAmNt5AAsjTJyGORRO0HcoP7sOGpdJSd1R0cZH6vJDerHFVa_sPrtn3LGAzKQEstDUPko-W4XWzAAM3h-AaPzD0UOajDU9ueW4ix-1o_IKFhjOzqT7AeBWcd6v1kmgGH3nxWLJtwW5dnALOYINaL2kjrg5tUENER9wxW2mHd2wWpNFIkFPylOAqQ2WLXaoxA6aDba9wPSyTe7EKdn1Rq_fO-45ecEQ6wxQmAJ_VhZiKzoTZwKNjWH1wj1gm5l3WHI20YNYx0si71X1iJpISOyVuqmfFbYtDgJuc3w2X9dc2T2n3gcnakm3xKOwsRD7A6hfBGPnbhRPJ5gnXO9eWtZjPu28IYG8bb__MPAC67GkVpQt1_rgGNPdlSyvemJlCgDz_PQirlZF1KVsA&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 30 Nov 2021 16:28:56 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame BDB7 33 KB
16 KB 120ms
51ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=40774892;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CTMPttMukYdnmEp6O9u8PvISTkAan6bG0ZqiGzLqgD6Xtu6HuDRABIIul92xglYKAgLAHoAHTxpiYA8gBCakCR_FgF8Trsj6oAwGqBKACT9CuPgCXYeXvxDbDIe-NaQx7nv7B2fJzcmTmwC2mSjCfG9Fpi4GZVmsC44kWYrirF-BH-1yIucWSaL6pibrIT2SowRC6kavQQZyR9B891bAiinH-PsRjJVRz-ZFaBftLD9_nVcjvxy0af8sGWhCGO0krgStind2_iZbLX3I1XNm-yG4jA7V5BcFKG4OQZ8Us8Czl69MQk5HDrJzsLBgzcIRVBvvWpbBf47nGOPPAvt5yNH1nBxtiDmF5Vwe7eAHKzUPOFFeZ_IPiPEDuzvRs6XZGAiOX4ptfjD1fC2Y2IUM9kYohLPXTAsu0kYd9hX8K4n0FYmYiBt-fyzwL_VjOLANdiccoHCQCrM6032kSQSy-MCTCJY-Vl75PfW9qv6s8wATAsITs9wPgBAOQBgGgBk2AB5W552eoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6_YlA3YEwuIFALYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAASEuRoQlQqn5h-9C-LYFMe2V0kTQ&sig=AOD64_2paOuQk1dmOO7MV71AY4t7dn_yxQ&client=ca-pub-5366475136794115&dbm_c=AKAmf-Af_MA-_2gB75u0X6OV7JNuY5voeYM719zSuZ1KBsrXst7rQd_LRpfSSqG4dFVWOuxLHibGGokFENgECxJK4KIVfFXt-x1FAVchTZWqMFKqEovjHV2xpJez-5WWDkYyGjUOXisW7vYDTUwUQ5Uld45kCZEu2Q&cry=1&dbm_d=AKAmf-AOT4n1YqWXDfTWuueMqgJnJD-bC6BwTH3ji98Du_C677NHcwz5OJUjSVQMRSLzpDRAuo95UaIHkQRr9c7lF9VwkMbweqWKP5cJj48bC8v0LV6gzN8BgF-Sjw1tcXaC2_ytq1C0_Li53upfrMuw9ZRddWEUTXQ1RYg_FpDIXUJgoQ4YCa-4-ilznHzoZ-NUWHmTJM6NQatlRhzbg01735tMPPP24UJOn10za1kKqgKmbh-ghmb4CdZMRORQPZvoKmufZNCQGUk0VN9e8YE8RprZ5Qhb7Bei_lDoq3paAHZTaWsye0pK9UiZFMMLu2z4q44xH27hPwgfO5Jxf9cZts3lLUxHqTqlP-jFLZ-jD9S5OLUzrV60i_nYbYFxqxDLeJzKfHGzCXMGxv2NxEuacgkPyCUP9fRpIr9k_C6Y2P1nvFxi0M3QIHrQcOgZS5F0QBQZw3vsDpNpUmWgGi-aqTvBdvOKYObtJoOmoq0IJr-saMzisUfzQt9s0vPK0iw9h7If1B85yoGOVSLIoTi42lUNFzfJ4GNl9NeEXBiCM8CW_TKOnCELeAUTidZcVojbTxeBAuy9EQX06GxXCpHUgkn2sRVu4g&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 30 Nov 2021 16:28:56 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C1E9 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 259119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B0EC 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 259119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 50A1 22 KB
8 KB 10ms
10ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 259119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8805 41 KB
15 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 08F3 1 KB
749 B 19ms
13ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 Nov 2021 13:26:12 GMT
expires: Mon, 29 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 84033
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8805 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed3203d8498983b519c204b98570b6922114b38344423c53e3c372cddd0d85c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E95B 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 259119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B1F8 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 259119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sfht0if3y.js Show response
cdn.krxd.net/controltag/ Frame 8805 11 KB
4 KB 34ms
6ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 86
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 3744
x-served-by: config-service-a004-ash-prod.krxd.net, cache-bwi5141-BWI, cache-fra19172-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1638190005.149658,VS0,VE0
etag: "6b7f7c5dd851aeb3a658ac72e276f359fcdeb737"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 99

GET
H3 200 index.html Show response
s0.2mdn.net/4528516/1458787418024569/ Frame 9CA3 7 KB
3 KB 23ms
7ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4528516/1458787418024569/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cdf6cc66d09d6323e084e7a39b1c909869ea9c0d5e54beccb854109483de7f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2671
date: Sun, 28 Nov 2021 23:00:21 GMT
expires: Mon, 29 Nov 2021 23:00:21 GMT
last-modified: Wed, 24 Nov 2021 16:16:49 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 49584
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8805 0
571 B 85ms
50ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvn4Dd-sySZwn4l89qJ_MDLY6SbIfs5YY8S3MYRkWVno8n-zMPn44PMjvC7b-xpIp0CSONS9g3usb4V4hWZq_w9rXamUjk-Iykrl9PkDs3MIodlStS6MJGjopf1LdkHr3flKGMaYaKDsZlNrK6WQqJBEG7B_zjAoxnqRisJO2i0nVzDFweyuTQ3V1UiaqW2e3h49TJHaQLI8tV2ZH7toUjLrywVVvI2iEmomhddUmWIzouY_bqgqtE11C37iFhhsax4LZhsZOS-IjURdruYMLnO93HINWGraJieQiWFUxNONsfbrmfHHhqfLKkkykdpBAnKwcSheuOVbsdfSi55ox2AEBkA2kCvGTuabUofMJ8ACS6rz7RYwehKS357I5gmqHzGZKz47V8qpLoIHuWOg9cUJw4-y2M5g6KHv6cU7nMDHVa2mribmCTe-BC6e2EmdnYC_M0yqgTGWUhYY81RUf56DLR7ezGc88EIEcSpwvgmD8f9ueCdTtnoLmVB30bUYmVZTT5hlwlKdCxtGp6-6KbUgRvs5gy0WzZnbLAqENuk9NF8aP9UUJvFZLfR00hjebr7gauMySkCh1p6i57XBTJw2uT8xSBrdIOI1iZWopBPs1I2_wGR1N80czwIodYjR1q5cxC1dsF41aL9Zz2FutQ6_V4UIdJf60vtDby0IEsFECGCbkEnrlDaFPEJNvJG0ipnNcz6Q9cIF68jce5QR32dEGoSY1DZX5J-eK29GXFu3vq1e7NlnlMTBBu4KUn6M0m97Rmf0yk_319SpGHolc3nALwg94BhKwSFj96P1DKI0M4rngszqS0IWot23ww34zNYR40WAaPNn5SkB8on12YC8faExsh11jvwfClBteETZPBudzOw6E2CCXSLnKAYZ-Nqbz44MT2FYAPGFZdVtI9aDq6s9r8GWk4GkwfneU17qWn4v6UXCgpxieasy7HAHK5V83Ei6IqHFOBCR5g5Qjub_3i8RohnlCjnOP2QGp3ncJfoPNn5RSNkohxGahwvdsIk8YtbvDtM7KOqhfTh0QYHMf12OyPPJmbtikW-okD-lWDqClxmiHuc3Z0o0-rDUoWD8u5tfgqo-ZEGJhb2H_AI5-W3ogqRmPjsVaFeKfRRRX9p9dfjgZNqQm5Rz40JePh5IgwKdunuW4C25HHJwkk5NMpSuCB6ldhmpdHxDsEMoq8GXsjDHAXhD7F8Jn3UjF-4-OBUUMHwRqdl49DMbHzoj506QRv2izC4LLAz_rcEAjnaHOl-0YHhE6OHk5p0FQfzjYwM2YIp9z_QYx7V3p8ooJooyXll9dQ&sai=AMfl-YTz0YX_BdktxWa5QwOooUEZYLqG99IfbwTTye3L26IZbAV0oWfpRP6DQWUwmuVJRi-vIVFeNBSp6YG5Jg8StjLoCZc207YJ-qjnDwa03yI23GdA-Shgju1WmyH98B2bL5xTt5z3jnH1krn-0O_kaAkbQLBdkQ&sig=Cg0ArKJSzJLQcJOvzn6nEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=154&cbvp=1&cstd=151&cisv=r20211111.49131&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 29 Nov 2021 12:46:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame D410 12 KB
4 KB 19ms
19ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=40774892;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CJQNotMukYdrmEp6O9u8PvISTkAan6bG0ZqiGzLqgD6Xtu6HuDRABIIul92xglYKAgLAHoAHTxpiYA8gBCakCR_FgF8Trsj6oAwGqBKACT9ACtLB3dEsebHS_i6fucxZvVKnFUe6J6hCLQFcrmP_qxX7skUHYB3z5HJWN2E14heOixJ64g6lbTUtxonVY5kUrR6sJCF4-pTpl4Y2ZvOQRdWPwnVV-Lbq_icNoaAo-trnn5_OIT70vsxmj_d2rikFFYWytbIx_bbrrvQDqlredIXJPQv6TSPPTdC-XrQHJnjvNp7UQXALKcUqZ2BWit7K-CjHl8MKAEQPOobtrs94JRSThrzHn1vim2eQoAOsKqsA7n9ZoU9c-ZdwdQyPAd514FARQ6olpQEgy7pSuznlVr916GRkodLsuYnpey8sZTNnEZeNo7-GfZEaqIx8t8SePLLX9qXwhNa8IOV9cwOe-QQJBa0nhnCAB9VNVSk3EwATAsITs9wPgBAOQBgGgBk2AB5W552eoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6_YlA3YEwuIFALYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAASEuRo_lJiRtTGIPh0yCx617biUw&sig=AOD64_2rXKk5iZBMXvlAfSDfPbINT6rSAQ&client=ca-pub-5366475136794115&dbm_c=AKAmf-AvPEPWhKxj5U7nGNbCOygYq5X7SnwKY6yyiST5tihPM6WE4_ZYlPDvxJrc0AjMevW-bMgL4Shg8P_3SpDDYCSleW6sp7TznIKbbwLiqg5OYExYvpPihYigMxcvlJ7UMbAs8DgoFMhlpTmMPd3FUbyqjAZUWQ&cry=1&dbm_d=AKAmf-AXhSAkuzkWzxbwqNbhEXHnd19dCRVY-iFoTjMtH9nRG4ZWsRKE1xEgumzfK5gNOKkKr4iU28y3xYJNNTzSszlDM2LuIKD7cUVn6f4Bp45Q7yG-u3oNbNOPBIlHHyADvN9wCVbGhe5P4-57biGkFFYZ6pbiyT4PpwwsWr7hIUZCKgMse4CL2DMrxHbPKvInhZ1nIhbbKY7hd0I7SnaI3kjDqzUN2g60_7ovrLzclWa-8bHo5jYrOHKetaTuGJjeQLK2oN5aRgr0OFmAR0gdAkBDxtWcYTuVYWh55iLxAwfJEts4dHy_whGgwg1uoz5zDY_4kXKJNB-Pdvmk-AgpX2cHQ5OBcv5WRTPz1KlvZ-CQ70KuJpZP6UEffvryVAGvP8weG0YLM71GKIERJ_nKuxkY_l_O3YeCs0fVdNsSR4Kvlh_HClqgsw8GuuX35A4zTA7TGaGRGoiM41AKHQeUxO-AwPalJoA-Go631Jdx2z7UX0xrxeYIrVNIL-qJQkMkSf0LDao-81opQ4ntiQu06xFeiRgyz63s7gGUOxp2o4Ta-UeE1kaHZbkR01dWEuG0sEH7p7FzrAXjTHAHrx-fZmqA_ktHYA&adurl=;js=1;adfxid=1x;1565;set=en-US|en-US|1600X1200|0|350|300|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fultimosegundo.ig.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8b59e9de69384439725d3b593b5c7eaab27e59d16879cf12e8af4bd434d8546b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3858
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame A081 12 KB
4 KB 20ms
19ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=40774889;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CFhT8tMukYdfmEp6O9u8PvISTkAbj3bG0ZuXM2fXmDs3tu6HuDRABIIul92xglYKAgLAHoAHTxpiYA8gBCakCR_FgF8Trsj6oAwGqBKACT9BGfqG7zkBE9Y-CqzJ3JYW_SP8WWoC4pOIdl2YddJBNO4RMSLnq-OQLOFkhVZQTcBl1kNEEFeMCMGt4k2RdzKPjXdnWX60DkFEUEq6JOM_ai-uAazV6ZTBM4Xt26In3jPK36btVN2s4Pp4P68OfCiL2yHbqXN_zeaH0g9PQClcsvO2Nmt8vS0YLUBc2ee8QpzawQbBxgwuKUxbMbk5XWx8dUkNhqMayq4esPxg1Xd-ouHdZlEztSd49DfwCtttjGx39JLI0FYX8F9eDKd7wMPA7B8MGie776CvRo0xONn2SQhrF39hJ669XbCeB7J4sC_B8F9jQBjbeUT2H9z8DcTKpeMN6EkE-ks8kIavvcZ9xJUOxKVwC9QXUAFvy2_icwASTscaI-APgBAOQBgGgBk2AB5W552eoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6_YlA3YEwuIFAHYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAASEuRolr_UbQu6BzSAcupnuUDjKQ&sig=AOD64_1awi8Vf_7BZDCM87V9JH8u0hAkfw&client=ca-pub-5366475136794115&dbm_c=AKAmf-CVmOq8TH6pbaRYAn_Meyr6esLJvTv1QE2_9J-6O7YU1sbBpKpocCM_u9DR-iw39Kh1CBsGxrqholcTbrJCZObs_CqWXZf5jLuMDASF9by9UMK6oFybt1kCqhCFJob_K96FEJij9gL_J0E1tBp4Zx-TFezWmQ&cry=1&dbm_d=AKAmf-BAtmrpL2xE5NYuFrxqlGmt4MKdSk1aNkOf3wr39rK6JAFIk6cDyyV3ZhCdDVO9c73FVEfM__ThYq1gXaT0G1DyQpDZak5mpGJrwkQA_kSN7jK8F_ENxjwDYKxOe7NkjLYnlrNe8x5VB68OVdbTNV5-OhK33m4xhd7eOJNrTZrP3xVJvG7ZA2UeR0_fePOW1JVnalPgz6IItGLc3BnCfKaFsfncpR5ZxYiVeeVOHkDD9Iw_MNNC7EK-1JknawIZ0tA0fAUUdnYmn0H2ttMn6_Yja0gqmQGDqU3KDjBL-cnODlVuY71I_hkzS_yvi6hNoPfXzB1DtiGTKXEeZ_OrwOhvCdn2rbaS-yCW_LdwLoh0x9xwxuWD25i7judqoZ_yiDnq5oeiHl1107Wfo8f4iRaQOHzfjoCVq8B2ib1duKdtPuuYwzMq0Fr87ZGQBQUd9dQsX8ubxoRnQrqbR7mrdGtGC7vVFMVEpuTffWTqmKPw377WwKyPr9NiWE0-BqPvVH9dCucpt9PcvFy8oAqEFyyKQQZXhy9ZvzNarQaE6Do_YvbOUQhSF6nyeKlUblZKzyhIBUA3r-5_WqpkivKmm50sC0WzzA&adurl=;js=1;adfxid=2x;5180;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fultimosegundo.ig.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

12c0cf9f6de304a51f19366fe047fb42bb246c48f96fb0bcbe0cc6543e596e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3876
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 8AE0 12 KB
4 KB 20ms
20ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=40774881;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C4N7ZtMukYdjmEp6O9u8PvISTkAbj3bG0Zo3N2fXmDs3tu6HuDRABIIul92xglYKAgLAHoAHTxpiYA8gBCakCR_FgF8Trsj6oAwGqBKACT9CQrUvwOklOw27_I5FXIJ9mXJtr5jUoFa0wZ9VANI0TgUTy8tVE98cCpeb_qivfpJ6xsku6tAT4Kl6xfKavAfOUb9b2UNnEou8ryxSv8U9zDCoUzWAgO4emOy2gK9MGnbU-zQNTEi4Sq1lzaCv_BuYWbKhxn0U5irv3waLnQabanQP4KDg0NzW_Rj_Lp6BtdXXuA6CB6Au1SenNOeQhukRJKZI937RXRp8FONsNApa_H6JqmOrNkQyUNpfVX-cjzf5Ni0G1MJw5nGjbCb-diHZSGfvQZZdzCdjjXNF89TG2sNuMTS8S-Na_einntO9q520nhM-RYvJOxnhOO35TNGVtHpZML-tADI_4jAjBz13904jXa31s3cG7kxHWL_U7wASTscaI-APgBAOQBgGgBk2AB5W552eoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6_YlA3YEwuIFAHYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAASEuRoSydUHCycFQx74jhlXxAmQA&sig=AOD64_3bvoyW8FausqB9jbFtsMQFagPlCw&client=ca-pub-5366475136794115&dbm_c=AKAmf-CoGHnDZDEMDUn7T1aM5aAvJQcVCdRgcpikVwKbL6cwlyR6aB3jFk0kCdsmYyBkILrW0T2AY1S1njN2Ljaa-aY4q4Qd19yHbZFgG8g1yfhvrklV56sTLRmv4Y1J8cL0MSVovVOrosCEC86LicIxMGZuXCIJJw&cry=1&dbm_d=AKAmf-DY8Msx8jyHV88QRPai2HgKycvrAYY7ACs9YFZM_i-EFQzpegewshBNyDsdolRjm2LFo4exCKJYfzLsAkHrVfb59V5iWbWriR9SSQC8QBM39jnk54-A-TDLFsXYQG0dMqHC2B9potAOhJ1BrHx3YKQGhmWgNwrdKSNP5QKrztDjFVZFgivvwMymvW-prrGbr5XzcO3j88pj5ZFwAmNt5AAsjTJyGORRO0HcoP7sOGpdJSd1R0cZH6vJDerHFVa_sPrtn3LGAzKQEstDUPko-W4XWzAAM3h-AaPzD0UOajDU9ueW4ix-1o_IKFhjOzqT7AeBWcd6v1kmgGH3nxWLJtwW5dnALOYINaL2kjrg5tUENER9wxW2mHd2wWpNFIkFPylOAqQ2WLXaoxA6aDba9wPSyTe7EKdn1Rq_fO-45ecEQ6wxQmAJ_VhZiKzoTZwKNjWH1wj1gm5l3WHI20YNYx0si71X1iJpISOyVuqmfFbYtDgJuc3w2X9dc2T2n3gcnakm3xKOwsRD7A6hfBGPnbhRPJ5gnXO9eWtZjPu28IYG8bb__MPAC67GkVpQt1_rgGNPdlSyvemJlCgDz_PQirlZF1KVsA&adurl=;js=1;adfxid=3x;1071;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fultimosegundo.ig.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0e12d15a2134515189ce9ba51e11767aa354063bc227ac0576e7eb08ae5eae89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3865
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame BDB7 12 KB
4 KB 20ms
19ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=40774892;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CTMPttMukYdnmEp6O9u8PvISTkAan6bG0ZqiGzLqgD6Xtu6HuDRABIIul92xglYKAgLAHoAHTxpiYA8gBCakCR_FgF8Trsj6oAwGqBKACT9CuPgCXYeXvxDbDIe-NaQx7nv7B2fJzcmTmwC2mSjCfG9Fpi4GZVmsC44kWYrirF-BH-1yIucWSaL6pibrIT2SowRC6kavQQZyR9B891bAiinH-PsRjJVRz-ZFaBftLD9_nVcjvxy0af8sGWhCGO0krgStind2_iZbLX3I1XNm-yG4jA7V5BcFKG4OQZ8Us8Czl69MQk5HDrJzsLBgzcIRVBvvWpbBf47nGOPPAvt5yNH1nBxtiDmF5Vwe7eAHKzUPOFFeZ_IPiPEDuzvRs6XZGAiOX4ptfjD1fC2Y2IUM9kYohLPXTAsu0kYd9hX8K4n0FYmYiBt-fyzwL_VjOLANdiccoHCQCrM6032kSQSy-MCTCJY-Vl75PfW9qv6s8wATAsITs9wPgBAOQBgGgBk2AB5W552eoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6_YlA3YEwuIFALYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAASEuRoQlQqn5h-9C-LYFMe2V0kTQ&sig=AOD64_2paOuQk1dmOO7MV71AY4t7dn_yxQ&client=ca-pub-5366475136794115&dbm_c=AKAmf-Af_MA-_2gB75u0X6OV7JNuY5voeYM719zSuZ1KBsrXst7rQd_LRpfSSqG4dFVWOuxLHibGGokFENgECxJK4KIVfFXt-x1FAVchTZWqMFKqEovjHV2xpJez-5WWDkYyGjUOXisW7vYDTUwUQ5Uld45kCZEu2Q&cry=1&dbm_d=AKAmf-AOT4n1YqWXDfTWuueMqgJnJD-bC6BwTH3ji98Du_C677NHcwz5OJUjSVQMRSLzpDRAuo95UaIHkQRr9c7lF9VwkMbweqWKP5cJj48bC8v0LV6gzN8BgF-Sjw1tcXaC2_ytq1C0_Li53upfrMuw9ZRddWEUTXQ1RYg_FpDIXUJgoQ4YCa-4-ilznHzoZ-NUWHmTJM6NQatlRhzbg01735tMPPP24UJOn10za1kKqgKmbh-ghmb4CdZMRORQPZvoKmufZNCQGUk0VN9e8YE8RprZ5Qhb7Bei_lDoq3paAHZTaWsye0pK9UiZFMMLu2z4q44xH27hPwgfO5Jxf9cZts3lLUxHqTqlP-jFLZ-jD9S5OLUzrV60i_nYbYFxqxDLeJzKfHGzCXMGxv2NxEuacgkPyCUP9fRpIr9k_C6Y2P1nvFxi0M3QIHrQcOgZS5F0QBQZw3vsDpNpUmWgGi-aqTvBdvOKYObtJoOmoq0IJr-saMzisUfzQt9s0vPK0iw9h7If1B85yoGOVSLIoTi42lUNFzfJ4GNl9NeEXBiCM8CW_TKOnCELeAUTidZcVojbTxeBAuy9EQX06GxXCpHUgkn2sRVu4g&adurl=;js=1;adfxid=4x;7440;set=en-US|en-US|1600X1200|0|350|300|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fultimosegundo.ig.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4d874be1cdfd3198f90ff2a6ee4e949b877259980ebb6dbeed554164f89e0b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3870
expires: -1

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame C1E9 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame B0EC 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 50A1 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 9CA3 236 KB
63 KB 62ms
18ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1458787418024569/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Mon, 29 Nov 2021 13:01:45 GMT

GET
H3 200 javascript.js Show response
s0.2mdn.net/4528516/1458787418024569/ Frame 9CA3 40 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4528516/1458787418024569/javascript.js?1636632531314

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1458787418024569/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f1175d5b4fc2986cd4aed612a8f339da50cf8b28245e6059e35bb7ce1b7e914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1458787418024569/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 23:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9655
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 16:16:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 23:00:20 GMT

GET /
google2waycm.netmng.com/cm/ Frame 08F3 0
0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 08F3 0
191 B 296ms
98ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEEOVSfGO4TZ1hJiRjzlEIms&google_cver=1&google_push=AYg5qPKqikKZNOt0G8auxezTwF3Ixl8WFokrnR5CsS4PdAwRB2e2jlG6jE272pWdElJtwR78YzTaj28SJ5zMn_Mw1fvfUB64vMQ
Requested by: Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08F3
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESED7lW_3ZSr6TLI_64jtaUKc&google_cver=1&google_push=AYg5qPLnImApJuVYKYFdiZekoxHqmDfFQuVd6JzBBOSOZzJoddxwMxmJNJdYqLogI6WZ23TYlHB9Ie0-_Ug...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLnImApJuVYKYFdiZekoxHqmDfFQuVd6JzBBOSOZzJoddxwMxmJNJdYqLogI6WZ23TYlHB9Ie0-_Ug-lX6UYpgKr0c_c9M&google_hm=ePnXt6LrRB-D6q2VHqtbczY

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLnImApJuVYKYFdiZekoxHqmDfFQuVd6JzBBOSOZzJoddxwMxmJNJdYqLogI6WZ23TYlHB9Ie0-_Ug-lX6UYpgKr0c_c9M&google_hm=ePnXt6LrRB-D6q2VHqtbczY

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLnImApJuVYKYFdiZekoxHqmDfFQuVd6JzBBOSOZzJoddxwMxmJNJdYqLogI6WZ23TYlHB9Ie0-_Ug-lX6UYpgKr0c_c9M&google_hm=ePnXt6LrRB-D6q2VHqtbczY
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 08F3 43 B
65 B 16ms
15ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEGo4J5XlxobgzG4W0JLWMto&google_cver=1&google_push=AYg5qPKto2tyTUbT7fToxN96ET7oumDUNrW2C5QFuUETVMNXH_9AfeHyh5lrDst2GzQIL-dyB0clYtzajeC06gJUk7e6XYiBBdA

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 12:46:45 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 08F3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf6...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08F3
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECQd7G-dH1MZvanxCM36tds&google_cver=1&google_push=AYg5qPKm8t4tjC6turIFAlTFSDMhxw18ZkchBWvtPMOa46vTxaAcExwvZWgLAN9ysKgxbI5-gHYQRiQ00bn3VeHR5...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECQd7G-dH1MZvanxCM36tds&google_cver=1&google_push=AYg5qPKm8t4tjC6turIFAlTFSDMhxw18ZkchBWvtPMOa46vTxaAcExwvZWgLAN9ysKgxbI5-gHYQRiQ00bn3VeHR5...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKm8t4tjC6turIFAlTFSDMhxw18ZkchBWvtPMOa46vTxaAcExwvZWgLAN9ysKgxbI5-gHYQRiQ00bn3VeHR5QBgLvcMTs8&google_hm=2a03716d09da62beea0c8051

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKm8t4tjC6turIFAlTFSDMhxw18ZkchBWvtPMOa46vTxaAcExwvZWgLAN9ysKgxbI5-gHYQRiQ00bn3VeHR5QBgLvcMTs8&google_hm=2a03716d09da62beea0c8051

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 29 Nov 2021 12:46:45 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKm8t4tjC6turIFAlTFSDMhxw18ZkchBWvtPMOa46vTxaAcExwvZWgLAN9ysKgxbI5-gHYQRiQ00bn3VeHR5QBgLvcMTs8&google_hm=2a03716d09da62beea0c8051
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08F3
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDOBEsls_YKahe2t5xOHgsc&google_cver=1&google_push=AYg5qPJvAmmh6IKYpQ4Q_BYk-CQgrnqLyEji1VJN3Lxahu0eokULt84x...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDOBEsls_YKahe2t5xOHgsc&google_cver=1&google_push=AYg5qPJvAmmh6IKYpQ4Q_BYk-CQgrnqLyEji1VJN3Lxahu0eokULt84x...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDOBEsls_YKahe2t5xOHgsc&google_cver=1&google_push=AYg5qPJvAmmh6IKYpQ4Q_BYk-CQgrnqLyEji1VJN3Lxahu0eokULt8...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDOBEsls_YKahe2t5xOHgsc&google_cver=1&google_push=AYg5qPJvAmmh6IKYpQ4Q_BYk-CQgrnqLyEji1VJN3Lxahu0eokULt8...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2OGRlMTlkMy01MTEyLTExZWMtOTk4Mi0wNmEyMGNkOWY3NTY%3D&google_push=AYg5qPJvAmmh6IKYpQ4Q_BYk-CQgrnqLyEji1VJN3Lxahu0eokULt84xiC0K_doims...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2OGRlMTlkMy01MTEyLTExZWMtOTk4Mi0wNmEyMGNkOWY3NTY%3D&google_push=AYg5qPJvAmmh6IKYpQ4Q_BYk-CQgrnqLyEji1VJN3Lxahu0eokULt84xiC0K_doims0vsj5QjT0wT4hp6z_BfBhYTy70NDdvM_Ov

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2OGRlMTlkMy01MTEyLTExZWMtOTk4Mi0wNmEyMGNkOWY3NTY%3D&google_push=AYg5qPJvAmmh6IKYpQ4Q_BYk-CQgrnqLyEji1VJN3Lxahu0eokULt84xiC0K_doims0vsj5QjT0wT4hp6z_BfBhYTy70NDdvM_Ov
date: Mon, 29 Nov 2021 12:46:45 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 08F3 0
12 B 32ms
30ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IMC6ys-J9eg6LpqEAhuKf9KL7ZbO3wJJW1N-EmGRvi2pB2kPdlC31B1e41Zxpf1z-jipz0wA

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 8805 259 KB
83 KB 9ms
7ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
age: 10283351
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 2323854
content-length: 84509
x-served-by: cache-fra19172-FRA
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1638190005.196974,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 69A4 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 Nov 2021 13:26:12 GMT
expires: Mon, 29 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 84033
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D410 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26f23c42cb0b8ccf01747102693b7049c3ed3e4b0ebc34d3dc7bf4cc7a1ffada

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 22C2 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 Nov 2021 13:26:12 GMT
expires: Mon, 29 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 84033
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A081 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39557a7f33ff6f1f964462ce178d8fce00ac5ff51203849598375035c271128a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5829 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 Nov 2021 13:26:12 GMT
expires: Mon, 29 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 84033
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8AE0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08736a1058fabb07f01ad941d8efc2d62d312c05d853bc82cafd942aa8489a0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame E95B 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6263 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 Nov 2021 13:26:12 GMT
expires: Mon, 29 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 84033
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame BDB7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad2eafcafc70de6f521a79b473ad6fa18750622751a0542f1fb4ee8995bee008

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame D410 90 KB
39 KB 22ms
21ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 30 Nov 2021 16:29:14 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame A081 90 KB
39 KB 26ms
26ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 30 Nov 2021 16:29:14 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 8AE0 90 KB
39 KB 35ms
35ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 30 Nov 2021 16:29:14 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame B1F8 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame BDB7 90 KB
39 KB 39ms
39ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 30 Nov 2021 16:29:14 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 8805 0
338 B 110ms
32ms Image
text/plain 52.18.40.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=261921512&adid=457763442&creativeid=162115007&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by: Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.40.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-40-211.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
cache-control: private, no-cache, no-store
x-request-time: D=59 t=1638190005
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 digits_x.png
s0.2mdn.net/4528516/1458787418024569/ Frame 9CA3 9 KB
9 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1458787418024569/digits_x.png?1636632531305

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f6d66d3b77eb846070778c27c9445f0336cf44fdf1f16b9c5cfb01abdc1c0f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1458787418024569/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 23:00:22 GMT
x-content-type-options: nosniff
age: 49583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9527
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 16:16:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 23:00:22 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8805 0
23 B 57ms
43ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvn4Dd-sySZwn4l89qJ_MDLY6SbIfs5YY8S3MYRkWVno8n-zMPn44PMjvC7b-xpIp0CSONS9g3usb4V4hWZq_w9rXamUjk-Iykrl9PkDs3MIodlStS6MJGjopf1LdkHr3flKGMaYaKDsZlNrK6WQqJBEG7B_zjAoxnqRisJO2i0nVzDFweyuTQ3V1UiaqW2e3h49TJHaQLI8tV2ZH7toUjLrywVVvI2iEmomhddUmWIzouY_bqgqtE11C37iFhhsax4LZhsZOS-IjURdruYMLnO93HINWGraJieQiWFUxNONsfbrmfHHhqfLKkkykdpBAnKwcSheuOVbsdfSi55ox2AEBkA2kCvGTuabUofMJ8ACS6rz7RYwehKS357I5gmqHzGZKz47V8qpLoIHuWOg9cUJw4-y2M5g6KHv6cU7nMDHVa2mribmCTe-BC6e2EmdnYC_M0yqgTGWUhYY81RUf56DLR7ezGc88EIEcSpwvgmD8f9ueCdTtnoLmVB30bUYmVZTT5hlwlKdCxtGp6-6KbUgRvs5gy0WzZnbLAqENuk9NF8aP9UUJvFZLfR00hjebr7gauMySkCh1p6i57XBTJw2uT8xSBrdIOI1iZWopBPs1I2_wGR1N80czwIodYjR1q5cxC1dsF41aL9Zz2FutQ6_V4UIdJf60vtDby0IEsFECGCbkEnrlDaFPEJNvJG0ipnNcz6Q9cIF68jce5QR32dEGoSY1DZX5J-eK29GXFu3vq1e7NlnlMTBBu4KUn6M0m97Rmf0yk_319SpGHolc3nALwg94BhKwSFj96P1DKI0M4rngszqS0IWot23ww34zNYR40WAaPNn5SkB8on12YC8faExsh11jvwfClBteETZPBudzOw6E2CCXSLnKAYZ-Nqbz44MT2FYAPGFZdVtI9aDq6s9r8GWk4GkwfneU17qWn4v6UXCgpxieasy7HAHK5V83Ei6IqHFOBCR5g5Qjub_3i8RohnlCjnOP2QGp3ncJfoPNn5RSNkohxGahwvdsIk8YtbvDtM7KOqhfTh0QYHMf12OyPPJmbtikW-okD-lWDqClxmiHuc3Z0o0-rDUoWD8u5tfgqo-ZEGJhb2H_AI5-W3ogqRmPjsVaFeKfRRRX9p9dfjgZNqQm5Rz40JePh5IgwKdunuW4C25HHJwkk5NMpSuCB6ldhmpdHxDsEMoq8GXsjDHAXhD7F8Jn3UjF-4-OBUUMHwRqdl49DMbHzoj506QRv2izC4LLAz_rcEAjnaHOl-0YHhE6OHk5p0FQfzjYwM2YIp9z_QYx7V3p8ooJooyXll9dQ&sai=AMfl-YTz0YX_BdktxWa5QwOooUEZYLqG99IfbwTTye3L26IZbAV0oWfpRP6DQWUwmuVJRi-vIVFeNBSp6YG5Jg8StjLoCZc207YJ-qjnDwa03yI23GdA-Shgju1WmyH98B2bL5xTt5z3jnH1krn-0O_kaAkbQLBdkQ&sig=Cg0ArKJSzJLQcJOvzn6nEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=410&vt=11&dtpt=256&dett=3&cstd=151&cisv=r20211111.49131&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 12:46:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 8ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b69967c0d0795c59adbf5770fb6891760d3b8e2d0934aa54a165ae44de87447b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: Z9vEYl_N8SSxpCpJAub2PIMzfFITjGTm
content-encoding: gzip
etag: "32f01c4091f73eabe019005d909e2e44"
age: 7666
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6020
x-amz-id-2: 1ZPHGniPHrQWVoyhNHWSYVh1hNcNNefIPK045J05BmNUCFyU0kptJ4qxn5TVnC+xgAWhYZDzmPc=
x-served-by: cache-fra19157-FRA
last-modified: Wed, 03 Nov 2021 10:38:29 GMT
server: AmazonS3
x-timer: S1638190005.391939,VS0,VE0
date: Mon, 29 Nov 2021 12:46:45 GMT
vary: Accept-Encoding
x-amz-request-id: 3ZV83BBJ84QMJSSM
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 94
x-cache-hits: 40391

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
940 B 8ms
6ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 241155907faff3ddf6df02126069a4fc7f05f77454acef7e1cbd49d8395ea556

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: SaZoTsX4ny11TP1YZbP8i3tjs4BdrMLw
content-encoding: gzip
etag: "978cfe7fd9cd031786ca00806b338a40"
age: 7671
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 714
x-amz-id-2: 1IOsR6ivqBumVITXs9Z552smwDUqR3uOZPKxq4goQ2Uz1JcvWpqC3vXTTCCWqFPnkt5y5VppR+A=
x-served-by: cache-fra19157-FRA
last-modified: Wed, 03 Nov 2021 10:38:29 GMT
server: AmazonS3
x-timer: S1638190005.392179,VS0,VE0
date: Mon, 29 Nov 2021 12:46:45 GMT
vary: Accept-Encoding
x-amz-request-id: KV2MERDMTQMGSY8P
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 94
x-cache-hits: 40692

GET
H2 200 tfa-eid.20211128-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20211128-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ig-internetgroup-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08c8b21fa63d60565144598cdab68984b80f2cdfecc4014a51f3a4cd4c143275

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 4UuiSOXl1S4CTlrF8o8Wp7Kzi17MuYVS
content-encoding: gzip
etag: "bc2149f266ed0178daa60c9fbac76961"
age: 1
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5062
x-amz-id-2: rKATtT/i3ly99A6S1uRkti0DhJCdDrLI0pdinZ/L39U0W51E3qnFE/XzINi0nU9Kp9UOe/mEZo8=
x-served-by: cache-fra19157-FRA
last-modified: Sun, 28 Nov 2021 10:21:49 GMT
server: AmazonS3
x-timer: S1638190005.392408,VS0,VE0
date: Mon, 29 Nov 2021 12:46:45 GMT
vary: Accept-Encoding
x-amz-request-id: MMDHKMYSQE15W74S
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 94
x-cache-hits: 2

GET
H2 200 sha256.20211128-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20211128-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ig-internetgroup-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77975c195fcffe3d4b63ce1d1d899d11cbbe5817789a972e9d673d172196f405

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: j8YKW2B6fSayO.ccudydNOMB2JwSsUwQ
content-encoding: gzip
etag: "2e9869c847afb0255f9cc33ae7365903"
age: 30
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2589
x-amz-id-2: Hi9DsWdNZHNsAu3sBcB6x5yNogzVImkDmMUS37gEUk11HREqCiGcSNQ+zL/Vic8fNPApUrm9iCM=
x-served-by: cache-fra19157-FRA
last-modified: Sun, 28 Nov 2021 10:22:43 GMT
server: AmazonS3
x-timer: S1638190005.392471,VS0,VE0
date: Mon, 29 Nov 2021 12:46:45 GMT
vary: Accept-Encoding
x-amz-request-id: D9B2ZV3XA86Y79WE
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 94
x-cache-hits: 120

GET
H2 200 tb Show response
15.taboola.com/ 36 KB
10 KB 29ms
28ms XHR
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=ig-internetgroup-network&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Foglobo.globo.com%2Fpolitica%2Ffora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&encoded=1&uid=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&variant=0|1556119245&callback=TRC.videoTagCallbacks.videoCallback1&cb=1638190005393&tagid=&cntry=DE&platform=1&sesid=49a587536fc3eafe2e9d1d4637116a4f&itemid=/politica/fora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&viewid=1638190004598&geolat=&geoing=&deviceifa=&appid=&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ri=f4b95610e7c4689c893be80f0b5a5d0d&appname=&cdb=&gdprApplies=true&rid=&sii=-1149685461741652698&oee=true&tpubid=1213520&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BY&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: de4b6efbdf52e8eaeb718d190e8d3e486cae538b5e01b9a3b49fcbf284ee2685

Request headers

Referer: https://ultimosegundo.ig.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
access-control-allow-origin: https://ultimosegundo.ig.com.br
machineid: 1447
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-fra19157-FRA
pragma: no-cache
server: nginx
x-timer: S1638190005.396362,VS0,VE22
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20211128-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 6ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20211128-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ig-internetgroup-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 491a1930b3803b2f1119633f96c7742fd1c65cf19da4faf488bf0f0fb3bef92c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: AhnXEx_3VYIa_6z3A6Kanj.c0rvX4x42
content-encoding: gzip
etag: "2cbcaba2901ff301d0ae16038d599fb2"
age: 33
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1262
x-amz-id-2: r1U1D3BuAHSfY4/ymNdkk5j8tmgSJ8NCIk8x2NqnjnAr5B44bk2xRccRy8ZgXYCtTgnBhFNplX0=
x-served-by: cache-fra19157-FRA
last-modified: Sun, 28 Nov 2021 10:23:45 GMT
server: AmazonS3
x-timer: S1638190005.400485,VS0,VE0
date: Mon, 29 Nov 2021 12:46:45 GMT
vary: Accept-Encoding
x-amz-request-id: 5GPJFKSRFWSHAKD2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 94
x-cache-hits: 97

GET
H2 200 userx.20211128-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
5 KB 6ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20211128-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ig-internetgroup-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 310b28ac061650c615b0a70e171769f70c625e04a4e89bbe0d8bc892c12031ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: ld_34cCw.SBEL_MxC3dbIiunV39npDIn
content-encoding: gzip
etag: "3975f9fa5c9a4811ab218a3ceab46050"
age: 76
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5340
x-amz-id-2: uRKC2rJ5tUb6B5In9NUvI7xrza13DCSFoldMALb8wPUA8xVSA9awVnfEB0HcjqR8W3yiRvmm6ss=
x-served-by: cache-fra19157-FRA
last-modified: Sun, 28 Nov 2021 10:21:36 GMT
server: AmazonS3
x-timer: S1638190005.407895,VS0,VE0
date: Mon, 29 Nov 2021 12:46:45 GMT
vary: Accept-Encoding
x-amz-request-id: MMDTJXH7W3272KHY
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 94
x-cache-hits: 89

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 6ms
6ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 34
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: yeOJJ+tNNdajw4hK3I7/tYpBRq+/TJEGfi4sEZRXOp9UQ3u6dQQzKs083dQVHcAwy/qqwRKPz0M=
x-served-by: cache-fra19157-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1638190005.415603,VS0,VE0
date: Mon, 29 Nov 2021 12:46:45 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 1PW18NSMPYAQGD13
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 94
x-cache-hits: 62

GET
H2 200 explore-more.20211128-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 15 KB
5 KB 6ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20211128-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ig-internetgroup-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24fe7e4c353937e55ac1ee80c4f95679b9beaac602601dfbd1e32b30ae7699f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: yZ0ILboCTOVlpnRb5MUT0NrP6zRqGzXy
content-encoding: gzip
etag: "c218c3ded6ddb42821307897bd74d494"
age: 17
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 4436
x-amz-id-2: +R66UzkOJxinZIyqY1gE1Chx4rcMoNpIQFQvm9sSbmGWCXz2/tUNskPC57/xhxpT3yBdDUWG6fQ=
x-served-by: cache-fra19157-FRA
last-modified: Sun, 28 Nov 2021 10:23:52 GMT
server: AmazonS3
x-timer: S1638190005.423418,VS0,VE0
date: Mon, 29 Nov 2021 12:46:45 GMT
vary: Accept-Encoding
x-amz-request-id: 5GPRY3Q1F3V5P2C5
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 94
x-cache-hits: 29

GET
H2 200 62559a4e-0330-44b6-bac5-1c5ae5517816.png
cdn.taboola.com/static/62/ 7 KB
8 KB 7ms
7ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/62/62559a4e-0330-44b6-bac5-1c5ae5517816.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47ec43a976a02f308644a37ac16e7270e3ef6e9e6e1ab01b25c6b16f9c92a931

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: YBSBCC7MC9o6ruFEfAaHApFLpKntHqiJ
via: 1.1 varnish
etag: "1c49222c1f6f62112ac0d1b547a10f81"
age: 2885
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7459
x-amz-id-2: ogo+j//v71B/1WDlZW4EU8Vp4aFy+hxzK3UWjIYenhTUVOpKPiTAhW4//j5oxgwTV5XYmyI0qVI=
x-served-by: cache-fra19157-FRA
last-modified: Thu, 28 May 2020 21:43:24 GMT
server: AmazonS3
x-timer: S1638190005.443206,VS0,VE1
date: Mon, 29 Nov 2021 12:46:45 GMT
x-amz-request-id: D57ZXBFGJ5FKFQ8N
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 94
x-cache-hits: 1

GET
H2 204 social
am-trc-events.taboola.com/ig-internetgroup-network/log/3/ 0
231 B 42ms
12ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ig-internetgroup-network/log/3/social?route=AM:AM:V&lti=deflated&ri=7bfa388f6bd8d86bb0c29e12b7cd9957&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ui=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&pi=/politica/fora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&wi=-1149685461741652698&pt=text&vi=1638190004598&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Deltan%20Dallagnol%C2%A0faz%20promo%C3%A7%C3%A3o%20%27black%20friday%27%20de%20curso%20e%20vira%20alvo%20de%20piadas%22%2C%22sec%22%3A%22ultimosegundo%22%2C%22aut%22%3A%5B%22iG%22%5D%2C%22img%22%3A%22https%3A%2F%2Fi0.statig.com.br%2Fbancodeimagens%2F3m%2Ftb%2Fay%2F3mtbaywu69fb1shicx0jkwrox.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=12%3A46%3A45.532&id=5735&llvl=2&cv=20211128-3-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 social
am-trc-events.taboola.com/ig-internetgroup-network/log/3/ 0
230 B 42ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ig-internetgroup-network/log/3/social?route=AM:AM:V&lti=deflated&ri=7bfa388f6bd8d86bb0c29e12b7cd9957&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ui=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&pi=/politica/fora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&wi=-1149685461741652698&pt=text&vi=1638190004598&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Deltan%20Dallagnol%C2%A0faz%20promo%C3%A7%C3%A3o%20%27black%20friday%27%20de%20curso%20e%20vira%20alvo%20de%20piadas%22%2C%22sec%22%3A%22ultimosegundo%22%2C%22aut%22%3A%5B%22iG%22%5D%2C%22img%22%3A%22https%3A%2F%2Fi0.statig.com.br%2Fbancodeimagens%2F3m%2Ftb%2Fay%2F3mtbaywu69fb1shicx0jkwrox.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=12%3A46%3A45.533&id=1811&llvl=2&cv=20211128-3-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 social
am-trc-events.taboola.com/ig-internetgroup-network/log/3/ 0
230 B 42ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ig-internetgroup-network/log/3/social?route=AM:AM:V&lti=deflated&ri=7bfa388f6bd8d86bb0c29e12b7cd9957&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ui=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&pi=/politica/fora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&wi=-1149685461741652698&pt=text&vi=1638190004598&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22ln%22%3A%22above-fold%22%2C%22lx%22%3A561%2C%22ly%22%3A520%2C%22m%22%3A%22stp%22%2C%22v%22%3A3%7D%5D%7D&tim=12%3A46%3A45.533&id=5124&llvl=2&cv=20211128-3-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
trc.taboola.com/ig-internetgroup-network/log/3/ 0
269 B 14ms
14ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ig-internetgroup-network/log/3/abtests?route=AM:AM:V&lti=deflated&ri=7bfa388f6bd8d86bb0c29e12b7cd9957&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ui=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&pi=/politica/fora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&wi=-1149685461741652698&pt=text&vi=1638190004598&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1638190005542%7D&tim=12%3A46%3A45.542&id=4889&llvl=2&cv=20211128-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638190006.547649,VS0,VE8
x-served-by: cache-fra19157-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/ig-internetgroup-network/log/3/ 0
59 B 15ms
14ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ig-internetgroup-network/log/3/abtests?route=AM:AM:V&lti=deflated&ri=7bfa388f6bd8d86bb0c29e12b7cd9957&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ui=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&pi=/politica/fora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&wi=-1149685461741652698&pt=text&vi=1638190004598&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1638190005550%7D&tim=12%3A46%3A45.550&id=8272&llvl=2&cv=20211128-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638190006.554340,VS0,VE9
x-served-by: cache-fra19157-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 af5fc09f-edef-481c-bfa7-696005c6deb3 Show response
consumer.krxd.net/consent/get/ Frame 8805 221 B
417 B 58ms
35ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1aa608fe40501cfd597b29d216e7d2f031214e7715aabc6fe344714a2b4c9eca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a008-dub-prod.krxd.net, cache-fra19144-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1638190006.580433,VS0,VE30
content-length: 178
x-cache-hits: 0, 0

GET
H3 200 digits_xx.png
s0.2mdn.net/4528516/1458787418024569/ Frame 9CA3 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1458787418024569/digits_xx.png?1636632531305

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9fac0b5797fb9910e9d53bcc4918ac62d3a27ed5afb680d9a5a031fad329239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1458787418024569/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 23:00:22 GMT
x-content-type-options: nosniff
age: 49583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2778
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 16:16:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 23:00:22 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame D410 35 B
502 B 16ms
16ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=40774892&csi=AIOLtplBvkorQ6aZz5sPlPh5mCn_xNYjJFnDOZ8uyIfrygPkIxxfkzYFEy90sAjpJohVgCwtPYXLdOBMJzuX696vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/csimpr/ Frame 8AE0 35 B
502 B 17ms
17ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=40774881&csi=zIHoz0qiV0G4fmK8qhoJcyuHWMSGNGzVJFnDOZ8uyIfrygPkIxxfkyV21LhgHIITd5S03xaKX3U80eATZkfYlt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/csimpr/ Frame A081 35 B
493 B 20ms
19ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=40774889&csi=xaMeayMOGP5ETzRcdomO7SpsiXws6ZMcJFnDOZ8uyIfrygPkIxxfkyYfvHPc0q0LaQIjtSsN7XsgmDk8YQbcBd6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/csimpr/ Frame BDB7 35 B
502 B 17ms
17ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=40774892&csi=4TAMzSvPyVHCAs21fWf-URbpkDjtWV4iJFnDOZ8uyIfrygPkIxxfk9BvOvr_AZQ1rnDJ0e-lIPn9Q1VdA5m3Zt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 69A4
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI7qrWVJUL1DWDdP-VIoe7s&google_cver=1&google_push=AYg5qPIHUMGXcyEG3ZCICizW0eCtW6AWrEiJ3WAKC8tPlEKY7qD9Dt7s9nXlg-PL6_RGSKyvftPabVAxtP40bvKbrYE4e0q0Hcsxxw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcyNTM3MDkwMDA1Nzc2MjcwNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI7qrWVJUL1DWDdP-VIoe7s&google_cver=1

43 B
407 B

46ms
21ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI7qrWVJUL1DWDdP-VIoe7s&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI7qrWVJUL1DWDdP-VIoe7s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 69A4 35 B
362 B 13ms
11ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEAelrYS0SW722i95V_LVu8&google_cver=1&google_push=AYg5qPKKPgn-pT8V82as9X2CnolRIELUOoc_f7z9M9bwHeTuu967bVTjKN4BiG2yDWSu6mxhvLR6dYiu23HpjKd8khXIJcuXdHy2

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 69A4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEB4wO1KXusC2qyvTaYg8ZDI&google_cver=1&google_push=AYg5qPK_HBpJ1_PnlAoKspRvrbob1fEbhhlYp7H5Yr5SQayuIi6ByaQjjv2aAMutLoLL_UrbsZ9rpmL3Sqzqh9EC...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4XlhpMuySACr5-Bmt8vVTQ&google_push=AYg5qPK_HBpJ1_PnlAoKspRvrbob1fEbhhlYp7H5Yr5SQayuIi6ByaQjjv2aAMutLoLL_UrbsZ9rpmL3Sqzqh9EC8QH_Hs-Q...

170 B
188 B

32ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4XlhpMuySACr5-Bmt8vVTQ&google_push=AYg5qPK_HBpJ1_PnlAoKspRvrbob1fEbhhlYp7H5Yr5SQayuIi6ByaQjjv2aAMutLoLL_UrbsZ9rpmL3Sqzqh9EC8QH_Hs-QcVlqSA

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4XlhpMuySACr5-Bmt8vVTQ&google_push=AYg5qPK_HBpJ1_PnlAoKspRvrbob1fEbhhlYp7H5Yr5SQayuIi6ByaQjjv2aAMutLoLL_UrbsZ9rpmL3Sqzqh9EC8QH_Hs-QcVlqSA
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 29 Nov 2021 12:46:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 69A4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN1MBwf5HIhpdzZ3LJnSOeA&google_cver=1&google_push=AYg5qPKpr4NmTd3UgvkyHa0P9PHXvvUOGFZnp7ge3KI80SI-9arUYLcZkwdwgEf2Wvh_ufw62KeBKv0qptmTirAKuHA3UXs...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKpr4NmTd3UgvkyHa0P9PHXvvUOGFZnp7ge3KI80SI-9arUYLcZkwdwgEf2Wvh_ufw62KeBKv0qptmTirAKuHA3UXsj5vaZ7Q&google_hm=NDM1MjM5NzA0OTE3OTQ4...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKpr4NmTd3UgvkyHa0P9PHXvvUOGFZnp7ge3KI80SI-9arUYLcZkwdwgEf2Wvh_ufw62KeBKv0qptmTirAKuHA3UXsj5vaZ7Q&google_hm=NDM1MjM5NzA0OTE3OTQ4NDU2

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 29 Nov 2021 12:46:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKpr4NmTd3UgvkyHa0P9PHXvvUOGFZnp7ge3KI80SI-9arUYLcZkwdwgEf2Wvh_ufw62KeBKv0qptmTirAKuHA3UXsj5vaZ7Q&google_hm=NDM1MjM5NzA0OTE3OTQ4NDU2
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 69A4
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lvKirKQ8T4ikONkTtQ5ozA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lvKirKQ8T4ikONkTtQ5ozA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKLjtlEhAwyDfRrt6VD03lxHua6ePPfbXvrCxTAGi0Q-zO9AybdE55JF3pKpv57EhEDXc4yW-yTYLBthNmLSJz_XxBbUlmy

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lvKirKQ8T4ikONkTtQ5ozA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKLjtlEhAwyDfRrt6VD03lxHua6ePPfbXvrCxTAGi0Q-zO9AybdE55JF3pKpv57EhEDXc4yW-yTYLBthNmLSJz_XxBbUlmy
date: Mon, 29 Nov 2021 12:46:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 69A4
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECQd7G-dH1MZvanxCM36tds&google_cver=1&google_push=AYg5qPJGOz48UZPZuKFiH82Z454bdVMkJcyZs9IL7oSisEBXW0Bct-Z76MwgmT48ZrABTccKxzHmW3dRuOUF9sikD...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJGOz48UZPZuKFiH82Z454bdVMkJcyZs9IL7oSisEBXW0Bct-Z76MwgmT48ZrABTccKxzHmW3dRuOUF9sikDo7UpvWKHKtfjA&google_hm=2a03716d09da62beea0c...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJGOz48UZPZuKFiH82Z454bdVMkJcyZs9IL7oSisEBXW0Bct-Z76MwgmT48ZrABTccKxzHmW3dRuOUF9sikDo7UpvWKHKtfjA&google_hm=2a03716d09da62beea0c8051

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 29 Nov 2021 12:46:45 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJGOz48UZPZuKFiH82Z454bdVMkJcyZs9IL7oSisEBXW0Bct-Z76MwgmT48ZrABTccKxzHmW3dRuOUF9sikDo7UpvWKHKtfjA&google_hm=2a03716d09da62beea0c8051
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET

pixel
cm.g.doubleclick.net/ Frame 69A4
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESENVpm9UMPRNcL5fBY27e5gs&google_cver=1&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RC...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENVpm9UMPRNcL5fBY27e5gs&google_cver=1&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wc...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 69A4 0
12 B 16ms
15ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ISfq1bCa_z3wpsuYREzk_0ebrImIi1eXQypvXwUeGGRWY-ynR3z7fdaG2l29GEOgR9o9kX

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22C2
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEARQmAmWpxiaSYyW8DoWELw&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEARQmAmWpxiaSYyW8DoWELw&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cFJpd2hjbXkxTVJHM3I1&google_gid=CAESEARQmAmWpxiaSYyW8DoWELw&google_cver=1&google_push=AYg5qPIO4DU9KdDwEnCMKbPJwnu_EtZrKUdFoxRtfW7rSLd...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cFJpd2hjbXkxTVJHM3I1&google_gid=CAESEARQmAmWpxiaSYyW8DoWELw&google_cver=1&google_push=AYg5qPIO4DU9KdDwEnCMKbPJwnu_EtZrKUdFoxRtfW7rSLd3ql3mL_l6VLT0eHqUdAKsOSJrlmm1SUFlQwXolG8lVAgUvtCOSJeo

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-0b2a0a0a5201c51fd@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cFJpd2hjbXkxTVJHM3I1&google_gid=CAESEARQmAmWpxiaSYyW8DoWELw&google_cver=1&google_push=AYg5qPIO4DU9KdDwEnCMKbPJwnu_EtZrKUdFoxRtfW7rSLd3ql3mL_l6VLT0eHqUdAKsOSJrlmm1SUFlQwXolG8lVAgUvtCOSJeo
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22C2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAGkHUs0Jk53fm3p-5FitnY&google_push=AYg5qPK3EDqjGbEhqIKVuC3zWbrt3YqAp42bZdLbAcJ8Ey_o4GW0i41fRm...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAGkHUs0Jk53fm3p-5FitnY&google_push=AYg5qPK3EDqjGbEhqIKVuC3zWbrt3YqAp42bZdLbAcJ8Ey_o4GW0i41fRmeyH3_Lx9aC7B5egR4GmSz20IcggUrCY8Zq0Hoqnzc

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1638190006.678153,VS0,VE94
x-served-by: cache-fra19145-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAGkHUs0Jk53fm3p-5FitnY&google_push=AYg5qPK3EDqjGbEhqIKVuC3zWbrt3YqAp42bZdLbAcJ8Ey_o4GW0i41fRmeyH3_Lx9aC7B5egR4GmSz20IcggUrCY8Zq0Hoqnzc
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22C2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEABm-S6ADN7IQx75jdFC_5Y&google_cver=1&google_push=AYg5qPIZrUxFxPPMqgGEjcw5gzX7fAnpBs2tSn-pMolhh_R7kwPc_TMrvXz4aXKlEsfycuyrXI-14QwNttZ_nx...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNTk3MjQ5NjEyNjM3NjA3Nw%3D%3D&google_push=AYg5qPIZrUxFxPPMqgGEjcw5gzX7fAnpBs2tSn-pMolhh_R7kwPc_TMrvXz4aXKlEsfycuyrXI-14QwNttZ_nxph2N...

170 B
188 B

33ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNTk3MjQ5NjEyNjM3NjA3Nw%3D%3D&google_push=AYg5qPIZrUxFxPPMqgGEjcw5gzX7fAnpBs2tSn-pMolhh_R7kwPc_TMrvXz4aXKlEsfycuyrXI-14QwNttZ_nxph2NrDWE24QrrB

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNTk3MjQ5NjEyNjM3NjA3Nw%3D%3D&google_push=AYg5qPIZrUxFxPPMqgGEjcw5gzX7fAnpBs2tSn-pMolhh_R7kwPc_TMrvXz4aXKlEsfycuyrXI-14QwNttZ_nxph2NrDWE24QrrB
Date: Mon, 29 Nov 2021 12:46:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET

pixel
cm.g.doubleclick.net/ Frame 22C2
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEOsMZgSN5xQ7siin1fBPa9c&google_cver=1&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdM...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22C2
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKwv3kePeEYOBOGw2y0QLu5f46YO8QWR_hmqmnkG_uPqVE7MjlzK3uGPer7JUqVXquRLIZrw_PrjUsR6H4A6WKFa6azfJsb&google_hm=

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKwv3kePeEYOBOGw2y0QLu5f46YO8QWR_hmqmnkG_uPqVE7MjlzK3uGPer7JUqVXquRLIZrw_PrjUsR6H4A6WKFa6azfJsb&google_hm=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKwv3kePeEYOBOGw2y0QLu5f46YO8QWR_hmqmnkG_uPqVE7MjlzK3uGPer7JUqVXquRLIZrw_PrjUsR6H4A6WKFa6azfJsb&google_hm=
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22C2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKZgGiRLLr0aoUBGUOwhDNk&google_cver=1&google_push=AYg5qPLhifqv4FsBj-zeTdLXCJfHmRFIpR56Cn7GWDosR3Cl_ZN1EReSYzoQUuf01JnHXedVbK...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uckpLWEgxRTJ1RjJCcm9MdGJpWGtldThoMXl0cHlVM35B&google_push=AYg5qPLhifqv4FsBj-zeTdLXCJfHmRFIpR56Cn7GWDosR3Cl_ZN1EReSY...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uckpLWEgxRTJ1RjJCcm9MdGJpWGtldThoMXl0cHlVM35B&google_push=AYg5qPLhifqv4FsBj-zeTdLXCJfHmRFIpR56Cn7GWDosR3Cl_ZN1EReSYzoQUuf01JnHXedVbK8yFue7dR-_ES9OwuOl6aMVCSFSDg

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uckpLWEgxRTJ1RjJCcm9MdGJpWGtldThoMXl0cHlVM35B&google_push=AYg5qPLhifqv4FsBj-zeTdLXCJfHmRFIpR56Cn7GWDosR3Cl_ZN1EReSYzoQUuf01JnHXedVbK8yFue7dR-_ES9OwuOl6aMVCSFSDg
date: Mon, 29 Nov 2021 12:46:45 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 22C2 43 B
65 B 15ms
14ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEPQWChNlCa9dC9CEoo0RJQQ&google_cver=1&google_push=AYg5qPL5DKOlT2UbRS-7pHeCkbvsluGB26b2wADNXtcxIlcwIumoxqpQ7Fffszn86rWJ0zQtw2XJKwwW_OG5cAjvvV47stM877q9

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 12:46:45 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 22C2 0
12 B 15ms
14ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ItcV7dmR0KACzhXO1cSlgWu3tFY9NNdIONdq2vGoFoYynzNd6GuKUKnYu2S09P9PfwM6U0txc

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.5.4/ 98 KB
29 KB 7ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af826959e3b915ae25f936e25e0384e389fbaa98574273c18e54abf57883c723

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront), 1.1 varnish
age: 787407
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 28757
x-served-by: cache-fra19157-FRA
last-modified: Sat, 20 Nov 2021 10:02:27 GMT
server: AmazonS3
x-timer: S1638190006.652676,VS0,VE0
etag: "818ebe9395490135acd5fbeb0c9df2e9"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: piqiVnUDiaNQAr5dQlincjau1MqZrtkyzdR54dAy9NLZu6GfblXuyQ==
x-cache-hits: 128231

GET
H2 204 abtests
trc.taboola.com/ig-internetgroup-network/log/3/ 0
65 B 15ms
14ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ig-internetgroup-network/log/3/abtests?route=AM:AM:V&lti=deflated&ri=7bfa388f6bd8d86bb0c29e12b7cd9957&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ui=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&pi=/politica/fora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&wi=-1149685461741652698&pt=text&vi=1638190004598&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22location%5C%22%3A%5C%22https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~895188357275631660~~Bu2m8fMrvAOJDp%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.81%5C%22%2C%5C%22event%5C%22%3A%5C%22enable_custom%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A0%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20%7C%20Card%201%5C%22%2C%5C%22innerText%5C%22%3A%5C%22Mit%20diesem%20Trick%20zahlt%20man%20kein%20Sterbegeld%20mehr%5C%5CnPro%20Verbraucher%5C%5Cn%7C%5C%5CnPatrocinado%5C%22%2C%5C%22config%5C%22%3A%7B%7D%7D%22%2C%22eventTime%22%3A1638190005652%7D&tim=12%3A46%3A45.652&id=6853&llvl=2&cv=20211128-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638190006.660951,VS0,VE9
x-served-by: cache-fra19157-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/ig-internetgroup-network/log/3/ 0
256 B 15ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ig-internetgroup-network/log/3/abtests?route=AM:AM:V&lti=deflated&ri=7bfa388f6bd8d86bb0c29e12b7cd9957&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ui=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&pi=/politica/fora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&wi=-1149685461741652698&pt=text&vi=1638190004598&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22location%5C%22%3A%5C%22https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~895188357275631660~~Bu2m8fMrvAOJDp%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.81%5C%22%2C%5C%22event%5C%22%3A%5C%22enable_global%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A0%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20%7C%20Card%201%5C%22%2C%5C%22innerText%5C%22%3A%5C%22Mit%20diesem%20Trick%20zahlt%20man%20kein%20Sterbegeld%20mehr%5C%5CnPro%20Verbraucher%5C%5Cn%7C%5C%5CnPatrocinado%5C%22%2C%5C%22config%5C%22%3A%7B%7D%7D%22%2C%22eventTime%22%3A1638190005652%7D&tim=12%3A46%3A45.652&id=3897&llvl=2&cv=20211128-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638190006.661067,VS0,VE9
x-served-by: cache-fra19157-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/ig-internetgroup-network/log/3/ 0
56 B 16ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ig-internetgroup-network/log/3/abtests?route=AM:AM:V&lti=deflated&ri=7bfa388f6bd8d86bb0c29e12b7cd9957&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ui=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&pi=/politica/fora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&wi=-1149685461741652698&pt=text&vi=1638190004598&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22location%5C%22%3A%5C%22https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~-5040916269683481311~~Rbm9jXcYM1ZW%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.81%5C%22%2C%5C%22event%5C%22%3A%5C%22has_cta_text%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A2%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20%7C%20Card%202%5C%22%2C%5C%22innerText%5C%22%3A%5C%222020%20war%20das%20Jahr%20von%20Bitcoin.%20Was%20k%C3%B6nnen%20wir%20f%C3%BCr%202021%20erwarten%3F%5C%5CneToro%5C%5Cn%7C%5C%5CnPatrocinado%5C%22%2C%5C%22config%5C%22%3A%7B%7D%7D%22%2C%22eventTime%22%3A1638190005652%7D&tim=12%3A46%3A45.652&id=354&llvl=2&cv=20211128-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638190006.661545,VS0,VE9
x-served-by: cache-fra19157-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/ig-internetgroup-network/log/3/ 0
55 B 16ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ig-internetgroup-network/log/3/abtests?route=AM:AM:V&lti=deflated&ri=7bfa388f6bd8d86bb0c29e12b7cd9957&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ui=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&pi=/politica/fora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&wi=-1149685461741652698&pt=text&vi=1638190004598&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22location%5C%22%3A%5C%22https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~-5040916269683481311~~Rbm9jXcYM1ZW%5C%22%2C%5C%22text%5C%22%3A%5C%22Mehr%20erfahren%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.81%5C%22%2C%5C%22event%5C%22%3A%5C%22cta_render_candidate%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A2%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20%7C%20Card%202%5C%22%2C%5C%22innerText%5C%22%3A%5C%222020%20war%20das%20Jahr%20von%20Bitcoin.%20Was%20k%C3%B6nnen%20wir%20f%C3%BCr%202021%20erwarten%3F%5C%5CneToro%5C%5Cn%7C%5C%5CnPatrocinado%5C%22%2C%5C%22config%5C%22%3A%7B%5C%22borderColor%5C%22%3A%5C%22black%5C%22%2C%5C%22isInheritTitleColor%5C%22%3A%5C%22true%5C%22%7D%7D%22%2C%22eventTime%22%3A1638190005652%7D&tim=12%3A46%3A45.652&id=6239&llvl=2&cv=20211128-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638190006.661803,VS0,VE9
x-served-by: cache-fra19157-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/ig-internetgroup-network/log/3/ 0
68 B 15ms
14ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ig-internetgroup-network/log/3/abtests?route=AM:AM:V&lti=deflated&ri=7bfa388f6bd8d86bb0c29e12b7cd9957&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ui=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&pi=/politica/fora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&wi=-1149685461741652698&pt=text&vi=1638190004598&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22location%5C%22%3A%5C%22https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~-5793842360459461696~~5iaVuSod53nm%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.81%5C%22%2C%5C%22event%5C%22%3A%5C%22has_cta_text%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A8%2C%5C%22index%5C%22%3A3%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20%7C%20Card%203%5C%22%2C%5C%22innerText%5C%22%3A%5C%22Wenn%20du%20%C3%BCber%2040%20bist%20-%20dieses%20Spiel%20ist%20ein%20Muss!%5C%5CnRAID%3A%20Shadow%20Legends%5C%5Cn%7C%5C%5CnPatrocinado%5C%22%2C%5C%22config%5C%22%3A%7B%7D%7D%22%2C%22eventTime%22%3A1638190005653%7D&tim=12%3A46%3A45.653&id=6030&llvl=2&cv=20211128-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638190006.661964,VS0,VE9
x-served-by: cache-fra19157-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/ig-internetgroup-network/log/3/ 0
55 B 15ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ig-internetgroup-network/log/3/abtests?route=AM:AM:V&lti=deflated&ri=7bfa388f6bd8d86bb0c29e12b7cd9957&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ui=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&pi=/politica/fora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&wi=-1149685461741652698&pt=text&vi=1638190004598&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22location%5C%22%3A%5C%22https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~-5793842360459461696~~5iaVuSod53nm%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.81%5C%22%2C%5C%22event%5C%22%3A%5C%22filterd_item_in_reco_reel_story_widget%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A8%2C%5C%22index%5C%22%3A3%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20%7C%20Card%203%5C%22%2C%5C%22innerText%5C%22%3A%5C%22Wenn%20du%20%C3%BCber%2040%20bist%20-%20dieses%20Spiel%20ist%20ein%20Muss!%5C%5CnRAID%3A%20Shadow%20Legends%5C%5Cn%7C%5C%5CnPatrocinado%5C%22%2C%5C%22config%5C%22%3A%7B%7D%7D%22%2C%22eventTime%22%3A1638190005653%7D&tim=12%3A46%3A45.653&id=2674&llvl=2&cv=20211128-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638190006.662225,VS0,VE9
x-served-by: cache-fra19157-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/ig-internetgroup-network/log/3/ 0
58 B 16ms
14ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ig-internetgroup-network/log/3/abtests?route=AM:AM:V&lti=deflated&ri=7bfa388f6bd8d86bb0c29e12b7cd9957&sd=v2_49a587536fc3eafe2e9d1d4637116a4f_eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134_1638190004_1638190004_CNawjgYQ0IhKGPby7t3WLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiQmMHcuKuioghwAA&ui=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&pi=/politica/fora-da-lava-jato-deltan-faz-promocao-black-friday-para-curso-online-vira-alvo-nas-redes-25296574&wi=-1149685461741652698&pt=text&vi=1638190004598&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22location%5C%22%3A%5C%22https%3A%2F%2Fultimosegundo.ig.com.br%2Fpolitica%2F2021-11-28%2Fdeltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~-5040916269683481311~~Rbm9jXcYM1ZW%5C%22%2C%5C%22text%5C%22%3A%5C%22Mehr%20erfahren%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.81%5C%22%2C%5C%22event%5C%22%3A%5C%22rendered%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A2%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20%7C%20Card%202%5C%22%2C%5C%22innerText%5C%22%3A%5C%222020%20war%20das%20Jahr%20von%20Bitcoin.%20Was%20k%C3%B6nnen%20wir%20f%C3%BCr%202021%20erwarten%3F%5C%5CneToro%5C%5Cn%7C%5C%5CnPatrocinado%5C%22%2C%5C%22config%5C%22%3A%7B%5C%22borderColor%5C%22%3A%5C%22black%5C%22%2C%5C%22isInheritTitleColor%5C%22%3A%5C%22true%5C%22%7D%7D%22%2C%22eventTime%22%3A1638190005656%7D&tim=12%3A46%3A45.656&id=9449&llvl=2&cv=20211128-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638190006.677924,VS0,VE8
x-served-by: cache-fra19157-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET /
google2waycm.netmng.com/cm/ Frame 5829 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5829
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAGkHUs0Jk53fm3p-5FitnY&google_push=AYg5qPI1nScLVEmpyoPKZAczLgbtmHH9OjWFH1d3_g1KFbrwhaPU8X3sHS...

170 B
188 B

42ms
42ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAGkHUs0Jk53fm3p-5FitnY&google_push=AYg5qPI1nScLVEmpyoPKZAczLgbtmHH9OjWFH1d3_g1KFbrwhaPU8X3sHSFm4xOpvZeYrjUfSnDNCrPjhawOisqf8xqNIAYuEyHa

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1638190006.719863,VS0,VE100
x-served-by: cache-fra19145-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAGkHUs0Jk53fm3p-5FitnY&google_push=AYg5qPI1nScLVEmpyoPKZAczLgbtmHH9OjWFH1d3_g1KFbrwhaPU8X3sHSFm4xOpvZeYrjUfSnDNCrPjhawOisqf8xqNIAYuEyHa
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 5829 70 B
265 B 109ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFudiPqiAzFCQ-5EAJlizes&google_cver=1&google_push=AYg5qPIDd6t91YSHEUxBCtHr1gX_DDV9XxTINQfQmf2yuKKGF_ihlT6Tubr9mHjWaKIrUTPcF32DZ5kzaXZ-WUXbH3YymqlJq59y
Requested by: Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5829
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESED7lW_3ZSr6TLI_64jtaUKc&google_cver=1&google_push=AYg5qPLq2siM0K1V76kC0oRxOQGgy_zRDncSyWGtBhb1Wy1ODqT-YnV0hCRrkk0X9fGuazWE8mqAz2NB4d6...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLq2siM0K1V76kC0oRxOQGgy_zRDncSyWGtBhb1Wy1ODqT-YnV0hCRrkk0X9fGuazWE8mqAz2NB4d6awAfQs5oNLEDKlCIn&google_hm=ePnXt6LrRB-D6q2VHqtbczY

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLq2siM0K1V76kC0oRxOQGgy_zRDncSyWGtBhb1Wy1ODqT-YnV0hCRrkk0X9fGuazWE8mqAz2NB4d6awAfQs5oNLEDKlCIn&google_hm=ePnXt6LrRB-D6q2VHqtbczY

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLq2siM0K1V76kC0oRxOQGgy_zRDncSyWGtBhb1Wy1ODqT-YnV0hCRrkk0X9fGuazWE8mqAz2NB4d6awAfQs5oNLEDKlCIn&google_hm=ePnXt6LrRB-D6q2VHqtbczY
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5829
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECQd7G-dH1MZvanxCM36tds&google_cver=1&google_push=AYg5qPKUCRpJbxi8oNq_fmiP_Jg9X1MSt5mEyAAb5Crvwd7U2K7sxTXz5eVUU03Msu-EpRo1fY5Udkiwr-qRGvIsx...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKUCRpJbxi8oNq_fmiP_Jg9X1MSt5mEyAAb5Crvwd7U2K7sxTXz5eVUU03Msu-EpRo1fY5Udkiwr-qRGvIsx8YqGee57EaH&google_hm=2a03716d09da62beea0c8051

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKUCRpJbxi8oNq_fmiP_Jg9X1MSt5mEyAAb5Crvwd7U2K7sxTXz5eVUU03Msu-EpRo1fY5Udkiwr-qRGvIsx8YqGee57EaH&google_hm=2a03716d09da62beea0c8051

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 29 Nov 2021 12:46:45 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKUCRpJbxi8oNq_fmiP_Jg9X1MSt5mEyAAb5Crvwd7U2K7sxTXz5eVUU03Msu-EpRo1fY5Udkiwr-qRGvIsx8YqGee57EaH&google_hm=2a03716d09da62beea0c8051
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5829
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDOBEsls_YKahe2t5xOHgsc&google_cver=1&google_push=AYg5qPLeeWz8KB4ARLP6lnFcYwVteH0qO03mD_pclgV6S3glFUq1ejTf...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDOBEsls_YKahe2t5xOHgsc&google_cver=1&google_push=AYg5qPLeeWz8KB4ARLP6lnFcYwVteH0qO03mD_pclgV6S3glFUq1ej...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2OGRlMTlkMy01MTEyLTExZWMtOTk4Mi0wNmEyMGNkOWY3NTY%3D&google_push=AYg5qPLeeWz8KB4ARLP6lnFcYwVteH0qO03mD_pclgV6S3glFUq1ejTfxpnw-Yv11v...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2OGRlMTlkMy01MTEyLTExZWMtOTk4Mi0wNmEyMGNkOWY3NTY%3D&google_push=AYg5qPLeeWz8KB4ARLP6lnFcYwVteH0qO03mD_pclgV6S3glFUq1ejTfxpnw-Yv11vcXyudWlaYnF8dKFmtVXXFDWD_p3Bs0xCa5lw

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2OGRlMTlkMy01MTEyLTExZWMtOTk4Mi0wNmEyMGNkOWY3NTY%3D&google_push=AYg5qPLeeWz8KB4ARLP6lnFcYwVteH0qO03mD_pclgV6S3glFUq1ejTfxpnw-Yv11vcXyudWlaYnF8dKFmtVXXFDWD_p3Bs0xCa5lw
date: Mon, 29 Nov 2021 12:46:45 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 5829 43 B
65 B 16ms
14ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEPQWChNlCa9dC9CEoo0RJQQ&google_cver=1&google_push=AYg5qPIA7q6N2PWdiTtLUlQTXIU7mNgv6BhO3wePhIZzr8YDZiissk6HH7LDYYR1U2UhUqcA03VX41O1mA2hV8hN26hQnKwBiUWuQA

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 12:46:45 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5829 0
12 B 31ms
29ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTS2l_jPjvt3mn37fSxX6-CUol7DyYPyPdPowov8nJTznthyxkJIX2mhyi64ZXWsAPjS98wbg

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6263
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENFndOwMKFf4trJyQR2jPY4&google_cver=1&google_push=AYg5qPJ9U920m_xXjw9n9ReriPONPIVtGQ36AAzqmPtzma8Kp6EBk69eCDwZ96HZ8yahSKoqjRELsBrTzJEAoogGiIBv...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENFndOwMKFf4trJyQR2jPY4&google_cver=1&google_push=AYg5qPJ9U920m_xXjw9n9ReriPONPIVtGQ36AAzqmPtzma8Kp6EBk69eCDwZ96HZ8yahSKoqjRELsBrTzJEAoo...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ9U920m_xXjw9n9ReriPONPIVtGQ36AAzqmPtzma8Kp6EBk69eCDwZ96HZ8yahSKoqjRELsBrTzJEAoogGiIBv2wK9dK1T7A&google_hm=NIWHjFokQYG4sgsCTzOtkA==

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ9U920m_xXjw9n9ReriPONPIVtGQ36AAzqmPtzma8Kp6EBk69eCDwZ96HZ8yahSKoqjRELsBrTzJEAoogGiIBv2wK9dK1T7A&google_hm=NIWHjFokQYG4sgsCTzOtkA==

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ9U920m_xXjw9n9ReriPONPIVtGQ36AAzqmPtzma8Kp6EBk69eCDwZ96HZ8yahSKoqjRELsBrTzJEAoogGiIBv2wK9dK1T7A&google_hm=NIWHjFokQYG4sgsCTzOtkA==
Date: Mon, 29 Nov 2021 12:46:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 6263 43 B
65 B 16ms
14ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEGo4J5XlxobgzG4W0JLWMto&google_cver=1&google_push=AYg5qPKme9NxyrC0LMHrq0KbxLZB-h2bCw_iXP0LwU8wtMLiuPWLHoLaCBsg0nwt6uA4ZanSfK11hEio_jLRLi4SZiRF8mIlBZ72Og

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 12:46:45 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 6263
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEOsMZgSN5xQ7siin1fBPa9c&google_cver=1&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQ...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 6263
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESENVpm9UMPRNcL5fBY27e5gs&google_cver=1&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENVpm9UMPRNcL5fBY27e5gs&google_cver=1&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lO...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6263
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJa9Swv_yBvDhawXqeSUByEiMys_Ey04Tmunbv_GsC3opwE_gd9CfUcRm6p4M5pHVJgxwFkCDFjuE5NO5r27Y-u_08yjR5e&google_hm=

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJa9Swv_yBvDhawXqeSUByEiMys_Ey04Tmunbv_GsC3opwE_gd9CfUcRm6p4M5pHVJgxwFkCDFjuE5NO5r27Y-u_08yjR5e&google_hm=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJa9Swv_yBvDhawXqeSUByEiMys_Ey04Tmunbv_GsC3opwE_gd9CfUcRm6p4M5pHVJgxwFkCDFjuE5NO5r27Y-u_08yjR5e&google_hm=
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6263
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKZgGiRLLr0aoUBGUOwhDNk&google_cver=1&google_push=AYg5qPIXyMsEAWyN3i5VrJTlkMTXaPYMVINL6nO2m6fS8xZ6ZaT6YYGQWReXfnltIf1pNWLjKT...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uckpLWEgxRTJ1RjJCcm9MdGJpWGtldThoMXl0cHlVM35B&google_push=AYg5qPIXyMsEAWyN3i5VrJTlkMTXaPYMVINL6nO2m6fS8xZ6ZaT6YYGQW...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uckpLWEgxRTJ1RjJCcm9MdGJpWGtldThoMXl0cHlVM35B&google_push=AYg5qPIXyMsEAWyN3i5VrJTlkMTXaPYMVINL6nO2m6fS8xZ6ZaT6YYGQWReXfnltIf1pNWLjKTdHd1Qr2nks7WSkKRgkrwQtP0_lNBA

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uckpLWEgxRTJ1RjJCcm9MdGJpWGtldThoMXl0cHlVM35B&google_push=AYg5qPIXyMsEAWyN3i5VrJTlkMTXaPYMVINL6nO2m6fS8xZ6ZaT6YYGQWReXfnltIf1pNWLjKTdHd1Qr2nks7WSkKRgkrwQtP0_lNBA
date: Mon, 29 Nov 2021 12:46:45 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 6263 43 B
65 B 15ms
14ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEPQWChNlCa9dC9CEoo0RJQQ&google_cver=1&google_push=AYg5qPI2sNFqXvsIzzJd5oBqxjbIpQMj1kPiqTJEOEEWrHsX8-0vkhijknWyxab9dAKeRx31Vyi6eY-SJjxJ-pBe6kTjXkz34Jpe9po

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 12:46:45 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6263 0
12 B 31ms
30ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KcR1HDZyetp9c918Zy3STWgwm0aeLfx9dS9jRid9ANLPzZtgIFxvPKEPznhTKxBTRHQSmc44c

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 nele.png
s0.2mdn.net/4528516/1458787418024569/ Frame 9CA3 39 KB
39 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1458787418024569/nele.png?1636632531305

Requested by

Host: cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
URL: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5c133a1fde3f99f80f7ce95147bfa0e150bde8c01ce5e07276e897d83a0d297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1458787418024569/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 23:00:22 GMT
x-content-type-options: nosniff
age: 49583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40256
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 16:16:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 23:00:22 GMT

GET
H2 200 10604295.js Show response
s1.adform.net/Banners/Elements/Files/133175/10604295/ Frame D262 21 KB
7 KB 21ms
16ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/133175/10604295/10604295.js?ADFassetID=10604295&bv=514

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fd81d8edd46322a7e2192221ced4d0914929de4549a8ec673069b002eb2c34f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 16:31:09 GMT
server: nginx
etag: W/"61a10bcd-53a7"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 10604299.js Show response
s1.adform.net/Banners/Elements/Files/133175/10604299/ Frame E229 21 KB
7 KB 22ms
19ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/133175/10604299/10604299.js?ADFassetID=10604299&bv=514

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

89facceaa87231ab6878db6a1f5b7346b0b5c7b886ff5d7de19bd46202b9da0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 16:31:11 GMT
server: nginx
etag: W/"61a10bcf-53a5"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 10604296.js Show response
s1.adform.net/Banners/Elements/Files/133175/10604296/ Frame A0E4 21 KB
7 KB 22ms
20ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/133175/10604296/10604296.js?ADFassetID=10604296&bv=514

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f80d43df7d04805b82c3e7d7a1a682607c39f09dbb95fd9e8ccceb45c6fcade9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 16:31:16 GMT
server: nginx
etag: W/"61a10bd4-53a7"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 10604295.js Show response
s1.adform.net/Banners/Elements/Files/133175/10604295/ Frame 0DEF 21 KB
7 KB 21ms
20ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/133175/10604295/10604295.js?ADFassetID=10604295&bv=514

Requested by

Host: ultimosegundo.ig.com.br
URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fd81d8edd46322a7e2192221ced4d0914929de4549a8ec673069b002eb2c34f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 16:31:09 GMT
server: nginx
etag: W/"61a10bcd-53a7"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame 8805 81 B
239 B 32ms
32ms Script
text/javascript 52.18.40.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.40.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-40-211.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3805120c54e56c53a2538f6db7951211560ebe6edd7f96ba6748b6bf0b63f482

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=28 t=1638190005
x-served-by: beacon-n002-dub-prod.krxd.net
content-type: text/javascript

GET
H3 200 visual.png
s0.2mdn.net/4528516/1458787418024569/ Frame 9CA3 20 KB
20 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1458787418024569/visual.png?1636632531305

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d827fb943d8a11015605086f0cd12190eaaaec7d42fdce5955edfb16bfc4bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1458787418024569/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 23:00:22 GMT
x-content-type-options: nosniff
age: 49583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20340
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 16:16:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 23:00:22 GMT

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame D262 30 KB
13 KB 16ms
16ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:29 GMT
server: nginx
etag: W/"609e6e91-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 336x280.jpg
s1.adform.net/Banners/Elements/Files/133175/10604295/bvpath_514/assets/ Frame D262 63 KB
63 KB 17ms
16ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/133175/10604295/bvpath_514/assets/336x280.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d8ee9e5c6172799b23c85276c45925ecac96175ae40fac90694ce5b65ed2e49c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
last-modified: Fri, 26 Nov 2021 16:31:15 GMT
server: nginx
etag: "61a10bd3-fb1f"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 64287

GET
H2 200 336x280.png
s1.adform.net/Banners/Elements/Files/133175/10604295/bvpath_514/assets/ Frame D262 3 KB
4 KB 20ms
19ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/133175/10604295/bvpath_514/assets/336x280.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2b491ee638aa0636d43b4078f5fe81b47a9d5e014bb9a568d38658ebf203d4f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
last-modified: Fri, 26 Nov 2021 16:31:08 GMT
server: nginx
etag: "61a10bcc-dea"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3562

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame E229 30 KB
13 KB 19ms
19ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:29 GMT
server: nginx
etag: W/"609e6e91-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 300x600.jpg
s1.adform.net/Banners/Elements/Files/133175/10604299/bvpath_514/assets/ Frame E229 99 KB
99 KB 20ms
20ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/133175/10604299/bvpath_514/assets/300x600.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5ae962ea488c2f954d15cf08816d5abac08f52b68b2148ce0490cec915b9f128

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
last-modified: Fri, 26 Nov 2021 16:31:15 GMT
server: nginx
etag: "61a10bd3-18bf2"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 101362

GET
H2 200 300x600.png
s1.adform.net/Banners/Elements/Files/133175/10604299/bvpath_514/assets/ Frame E229 5 KB
5 KB 25ms
25ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/133175/10604299/bvpath_514/assets/300x600.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a5740190ccff6ae3479381051dadb4c3cbbff210d839dfd119bfc10752607315

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
last-modified: Fri, 26 Nov 2021 16:31:17 GMT
server: nginx
etag: "61a10bd5-130e"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4878

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame A0E4 30 KB
13 KB 25ms
25ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:29 GMT
server: nginx
etag: W/"609e6e91-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 300x250.jpg
s1.adform.net/Banners/Elements/Files/133175/10604296/bvpath_514/assets/ Frame A0E4 53 KB
54 KB 26ms
25ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/133175/10604296/bvpath_514/assets/300x250.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1c5a674b146c5944490af733bc7691aaee22238092a81bc66823867cbb0ead8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
last-modified: Fri, 26 Nov 2021 16:31:11 GMT
server: nginx
etag: "61a10bcf-d4d6"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 54486

GET
H2 200 300x250.png
s1.adform.net/Banners/Elements/Files/133175/10604296/bvpath_514/assets/ Frame A0E4 3 KB
3 KB 29ms
28ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/133175/10604296/bvpath_514/assets/300x250.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ae0838b56d0b5007c4e2bd436c0106f1712ddbe4f7020b17adf3cc144740bbbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
last-modified: Fri, 26 Nov 2021 16:31:16 GMT
server: nginx
etag: "61a10bd4-bfb"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3067

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 0DEF 30 KB
13 KB 29ms
28ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:29 GMT
server: nginx
etag: W/"609e6e91-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 336x280.jpg
s1.adform.net/Banners/Elements/Files/133175/10604295/bvpath_514/assets/ Frame 0DEF 63 KB
63 KB 29ms
28ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/133175/10604295/bvpath_514/assets/336x280.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d8ee9e5c6172799b23c85276c45925ecac96175ae40fac90694ce5b65ed2e49c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
last-modified: Fri, 26 Nov 2021 16:31:15 GMT
server: nginx
etag: "61a10bd3-fb1f"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 64287

GET
H2 200 336x280.png
s1.adform.net/Banners/Elements/Files/133175/10604295/bvpath_514/assets/ Frame 0DEF 3 KB
4 KB 32ms
31ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/133175/10604295/bvpath_514/assets/336x280.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2b491ee638aa0636d43b4078f5fe81b47a9d5e014bb9a568d38658ebf203d4f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:45 GMT
last-modified: Fri, 26 Nov 2021 16:31:08 GMT
server: nginx
etag: "61a10bcc-dea"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3562

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0EC 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO5sbtMukYf7oNtfr3wPBs6HoAQAAAAA4AeAEAg&bg=!z8ylzIjNAAZQLpa_UC47ACkAdvg8WhaCIXFyfAZxHvuxFbx99-_LI2gh0Yq5Ty_ooBxaD36kdf3yLwIAAAJrUgAAACtoAQeZAugmvXqU9EDx-kNVjebFQIc0Nk72Rb9qpBA2z61gddvPbHsBqyG-NIIHfN7eMkE3TjVgafQ4fHpH_ij-6pQ8uyPvmNyqYhkJtSZbkbUUVMMbGEO5Ky-mCwaGrH5vtAiAL0eU0PlQPM2MUta9l4iix27c7PQmkKF9nOEG7oPmecnxY7ARirXzBYsyt-SJS_RKqpI2mT6uuiFAQ-JtEwRbyXJk-sEA-FE56jtDxJfCP70H6vcMFfYAajv93nNtUswJ9yXLLjgIHqH5IajFMxRrk5r9O6jPf5zkFSGv5gb47kh75i6eHHWK2bnmJM3gwbEnFw059veYNo8tFCcYQxaVX9pTXQWlfqWk5C9Y_KHiRtUFjy8W1D3_QPPSjvDTdBG-ozfIsVE_FvTmmoKlOMoauJUAk9L_mp1cpn4CxMXFhUNF4xf6tcdziXmHN8_VPXWi191APJSUHrScSIO3yIoKUKPUB8V38VjgShofoqA2GCJll_ZLVsLsmP43VhpRy9TuqKWpbzaCV9-ilNC8E-SKd5jAgQ7Oxi6zMqUZUzTztqx3y_7uahBwTaNFbgkE62kQtELqvPbgIU-YNajP67KuCCaV1DmDsPr4ERcQMo10vBbHEkpWMFOK_OD5wVlBQyVROPYUvfpp1WWvqjuJ-3DxoNN9P44KWaqv6wSRTFIHfTyrEAPz2NXvYhxxrE8NXOilCJaz6V7EGKMWAj5-pxq3l3zHk3Cm1ZrQ5FchfkqkicutQA0CeERvKhMXf2hcbh9nhNcNUjuez5Rh9429heOrY6rS_TEP7Xcj5um6za89QJZpUAz-aVihTgEEe22G1gm315B3vmsPKGy0J2pN47DcCHlddllSzWEkWd5Bg8D4qY8nXczLwON5TZ9BnP1EgHLMfFnZY6cg3U_IBlsgm0xEe8Uglu9ufQUSoBEz2Yxl7k5zMib5I72xe8-p5XdAHPGpAJN4rIxPtGQD8MQY8_2iiAuolQLwWwOUIAw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50A1 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0lVjtMukYfTxNquBjuwPpfOioAgAAAAAOAHgBAI&bg=!4eKl4qbNAAZQLpa_UC47ACkAdvg8WktC88odbSIXtKlPAvvSJ4W1QLytp6sV_8nfmVCeBN3ICT8njQIAAAJhUgAAACZoAQeZAtRaRgNf-_plNtOjo43hccOWNpKKgYNA3UvPydjFIuyVUi_uTwykGQDxj9KqeQtZUtb2xcx0aPGa4ckaRiLdaEGlwgMVsYmCzKykrsVdGMwnlkkfL19NSKc7fJ_Xdn6N5NlElUe8gq5BtvHRjGVavZqeYcD_pvoY4K4ReQtRBlPtqbHCNy1EvCA5sqJP6JNJCrcWfe6gpWg5enwzjCshy4FCk2qPz8KWSpRxDejBunAju7oFRgPrqBPQUiTyOvuIIaVN-rYZYmsLLRpUQuwjyppqEIZrJwrD3P1t_Qov64m52ai6GkaWW--b_p3ztOvQ5NmQ4XM-5vZn4StaPL4s40FfmAB8UltKcxSWMuNbl0oRtkxYNPDNTnxLIVxsteuEbC8Y0RDLo8qbzw-xlL9TwYTdNH94IsxljidDzBUG2Lgog0_aGBq9zPRyhL5tSXh8QZUPv_z4KP_VvZP3zNsJdxuH4o1okzWufYbRBrwg54jkjYJzYGtI-qx3rPVTPK4Yjy2n2sl5R9YwUSQZjlE_HQWwRaM1b0hOlWf1HAEAvDtoshWckLgOarZ8kBrgIH7FkxCB6Q97g7JVWyQ4GHeH10AbtQeIGvLpUDs89gPR-kNpCmjy2vENeak8476INPgl2wBA39GmgeDYBRYeOyBgwowrlzAN64FRBzKXoZsZGPWdyyw9h3xRvjo2Ccze2jD41jegbo7W5GJAReKASkv0MYDWmGPYnpMvdzLnWi9a9eG84CIOmEYlKxZsl12naOIjrjuGneKPaFbbbxIZ0gCAPGpyPHyAw4I8wftioyYJS88YoR9rxVohAo-F0zb-kkBV_Smy0Cc0yPH1CZklD2RtCyEzoA1GIRvMbk4p90GtSImiO146mq968HZ33RzBUBRCcEc0V_bg7vKb2u54QIj7STjGgRh_EwxCLKvXmWktEWU6kfyYJQDhbNrKzsS50zjaZjNio0I5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1E9 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv1gftMukYYfuNoqtgQfykof4CQAAAAA4AeAEAg&bg=!cHOlczfNAAZQLpa_UC47ACkAdvg8WgoEDN7-XBagtoL9pJkjS5oBZ_GVLF367XFnKYZYLrA3RFLzwQIAAAKdUgAAACVoAQeZAtibqTVATLvMU9oE_mEUGN4kc-oMJ-33FRaAkjy3yEoAxk2aPNwM7bJhEmcp96IGfQ-35784YL3x0HmaiWfanGDC-PSQghxAk2r80Pobw8s1Qlh8A0p8ptXdI7mWHxm1_pAaT6xy13t-YafvQXMW1HRuCkPGKJn1bMd-mkX3qBz_m4MOSO-7Hww6Mpr_UDCwUWnrmepCPqFjZ2ZR2qZpcjkElkQWdgsZXQtWwkOe8GG6C4bXf6GLaw5OgxkIjx80eWFO0CB37XR7TJtIRWGY2SnmK5uIiP7hztEleMbJULVsZqBx8XSAZnoPZwwf1WKJVwSSdWAqmnUaIL3qZN6gbshEqbSPYknoHbpDtPvW2HXx2CwAOrDADghfOUKq6eRTV7NYpnxL7n2hb9C5KvwBcN-aLQnK1aY-OUkSpslJpCwL6yCKxA4RQ1XSk09qgq1ruV2neLNe_VZD0PSXQiPvHCJXiIsBaQG6QeYxSjaezxdryylrAVOpwfL1qh4FQnwXfjzktPxFbm0LctIhwaMD5yAmrVLOivKv79UrGZhk5jOHh49ytkYZOyIOoZHvZoOVMHyEI4w0_9-ivR2N_yPnY-uMnB4hNTui3NVN_O6duKGLcx5-MZpRJOCUG473trKXNik0OnAcwDIOinLrmvskpvbiQGsh90ImzbaQhsazZ-Hhsx-ZKdlXUWl7EPppBGyO7M_YPq6uKWW5Grn-S6ABX-oem8Eg0TktmlQHD7CklHhni7sSg6ZgeHGyBidylrqM7qBnjpr9_2Zn8OEvoSb5W6OPO_lsy-Hp73eTX55BOYKeLpkdpNfhlehf-J4lYrc9wPok9q_G24p_0EOCu5Tb_eA0bhlYyqa_-RIP2gDfhfpgrDZ-XfVhqgkV5WMjCLDGR2NHBZr0mkEN9o7gZCZzSA1HL9XBaBm_2DZB6Vr8rHjCH5XQMV88GklukFaz_kFk9D8Q4hs2RXPrCg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8805 42 B
64 B 61ms
47ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8lP0dzNOXHV7KuaJkR5v1hEAO-Py-lUr5ondqTwkZIRP8y_CsqXeSSi_HP-77_PIDKXlSHodKU_TIozhaUfoE_9eC2wDAmsxLHPBFW820Wz39Qpaerw&sai=AMfl-YTgIbH0N9iNVsVqDaKMiMuoMUmE4Hz-SwN-sElypXKb1QAOUVl1XBAvxmNcTUv110fVcXTWjYPXLBNcwNhJYBZCgUd6euDY1RNRgfPmsuuNwqeFLvXtAyiZgSeI&sig=Cg0ArKJSzLGjGBHMOY9gEAE&cid=CAASEuRovNOu0iRGVppjNDcsebbArA&id=lidar2&mcvt=1002&p=181,315,271,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2075314916&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638190004826&rpt=218&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E95B 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKMDbtMukYceQN6HW7_UPqJiq-AgAAAAAOAHgBAI&bg=!PD-lP3vNAAZQLpa_UC47ACkAdvg8WhzZBLD1zMOadseZ4qwprCvkhnyebHh9IQSP7QmAY5Np0oPQXgIAAAHtUgAAACBoAQcKAFV4l03FnxinR2zXugiM6g8Julj8cA9r4UWkkoz1-VwTXuf-sZ6CSK-ADr0ksQuuGdlqWtSOgr-S9-KwNCt7Y6Azqwa0Wr0AgT92Ift18hjjalEA2x9dmQLWEuDWG4QRyvbabPfn6aCXOguwzJBisfU0ZIJ9RGjwfr7_OkvzeAbJr6_d89d_xCnz1l4lUiHbK8U1jwyGOObbyHdThEL8Zp03Zg0zVPu6fXCQHPr3K2n8s5Fom2V1qypbLdjAFMPJrIZcZRC5Iz3K42topmqxFQ4ycEL9EX9yOjfKssMwSXOG3LvTGjAKfloNvxAL400az56vZfaQlcN-4K-n_o7BltbGs045cp17aCZZZ4RvqDSPEuwNXnAs0gUCrpdCD5OM6tHWyYnh77x3qISmz2GRzH37aJtywY9XivCiOggvMmqXu2VwaTwFPDp-q6Y10c3btFKQeF5JH_qwHiXySMXa2_EDWLF1PQOjlg-649XSziSZ1GKCkg-RH-_oB-mLSVenjcA2v6qPVx8AS5TiPgV0drBR5tsWsYH0AB2WwwS90vVCjuAoWrUGm3iPmTKzdAFVVHlMkwusTMBpgvKhHh3p-XoeJumOYvtan3qZwBS76NO7qICXgPuA5fvGKlpFpNCfutXGDBOH2jfKVn-Heotnz2v_0x-XFTDW0H4rOGQC4c4p9bZnI-ChNBMMRLcW5EMD6iP7R0hu-dS6lPsvCq-QVdlaeAXTWjzLfeYwi8RoDgDZzcQk27M3mtGUYtKWYk7BbPjmTFNvK7mBohG3_voBsQBRtFYaBXpoix-BT0ewRneoc9_HQLbThwMZwB6NLtA6tIuPQwO37zg5Rr_FipHNSMCihpd1SUquGoII-Moxkq-BojHlrsS7j3qfVCzipIio1Lw2R4Uo7XM48wQcCb24CS-9sQ9FNuXYWvbAf016zW77loxUxkgacassgbaIK4mHbrTaJ-4A2VIQDvgdHkGoOeYcOZQlSSAjRpDl9SX5bx2IL2vl-RnR6kl3dkFAohrUvsus-ECdmiVx0dQwkyS3GA_yHH1Qg3nm5acrA1-bFyRaNw1FmoZS8o-whGvq7Mpv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 5770 928 B
546 B 21ms
20ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66352515&crid=5585205&dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&cmcv=&pix=undefined&cb=1638190006070&uv=3074&tms=1638190006070&abt=adh5c-1_vA!scec9_vB!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=AB4A4E405198699714430730278&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Mon, 29 Nov 2021 12:46:46 GMT
via: 1.1 varnish
x-served-by: cache-fra19157-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1638190006.075647,VS0,VE11
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 04D5 1 KB
1 KB 26ms
15ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/

Response headers

server: nginx
date: Mon, 29 Nov 2021 12:46:46 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 9405

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 23ms
12ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66352515&crid=5585205&dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&cmcv=&pix=31589837&cb=1638190006070&uv=3074&tms=1638190006070&abt=adh5c-1_vA!scec9_vB!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1638190000765!ts:1638190006070&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:46 GMT
content-length: 0
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B1F8 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLbM_tMukYbmUN6Pb7_UP59a_gA4AAAAAOAHgBAI&bg=!1tWl1ZHNAAZQLpa_UC47ACkAdvg8WrksoOoS7SPFCM4y1y_2wI9v24v2lWaLjrqtja30RXtEnKTteQIAAAHdUgAAABVoAQcKAIDabkKphWEL-U6gL_N8ZTpKN1EF3vUT1DHKp_M-0XTE9fxD2s7ak8_Wpww2mL5Bs7xcVChha_mBtXfkZWGpgnwyQSDPQrzKi3mZA8TYL3U5GIHz_FzZfBqY4SNybwAD7aJt8b3QldNETunA0KHYSBwWdDeKhRADJd2lPBpV5d7W7pkC3TETsCXF1LKc14R6_56YTfQwsjFm4vNT1jV-PDIQIlH8co3TCGaNgPFJawfZUtfxJV3oN_gg1JXL1LWDlysn8BHyoyBcFpyGXaCu42o7H21_7XqD-6Eq_0OCDIrfGZdl7dOaNZKO7MZQaOkmCDJOZQmXZ2723r-2UmOJe49bQvecxCrCLje0dONi2CsjS3qNMXJ-3jFAh_FDbe1ZRGMvtOyD4k_W-ej_pD3ZPxk8WMb1D3g6r0_ux3dVQx3RlH8nxeskgOAbtTJpTVjnhWoGcFpacO7tqHSc3C9I2kmMYL97LuNdNNjUI59DO-QcDsSctsbPu3RPAQHAwQfKd_LTfCtLltvUK1FcYasyoQrGRiRseHZJF7nvkEB3pyGsGpTpkgvVupfhLi-S67PtZcpTFrhQOjNebMWs7bF2g2gY57sX1VjXTVoivn09Zf4rLKA03YZ_9KiLd1uvQdzufgWImZvoMAvhbSTwlzqx41aSNcmgv2usIuMBvtW6LJZcIKy-0_-bINNdP3R_TH7J_El2zq4qc-vtQcdDAUZ8MvGsrHU5esafmT-dO33ou5h4FAIUOynHef_0I1ScQd97mfXVCvy5EUNL8mqwjm_STzLNrgNn68P_oqZrsIqG-mMdWEH1qlv9p0EMy-AFGNrlCp2Q29Kpu-ihNuj0AspXY8u5o5gig-dRZFlnz0oNGvF3oDM5dDWPuCUTCgdkoyyvwpha_U1zyIPFWZfvWL1RS8kOnIzTDrz-xFBZBiECX1SodDGEHDabxX7KdX7sfnNSHZHUvoP_AmI0di16rT8xb5xiNt6CnAQO92JpgvM8BQizYBpupHXWFPrGB-ht0tZMOj57TIL43nXHkvSK3EBAFXM4mYGQkEio528Hblyqnl5LOyY9FYmwWX9CtirXTycFnKMA1C7vOWpR1IwrPZ-uUQoucnZiGHifue4TboBChrRASqGMBEbKV56A89JLSERIXMs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5770 70 B
264 B 32ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66352515&crid=5585205&dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&cmcv=&pix=undefined&cb=1638190006070&uv=3074&tms=1638190006070&abt=adh5c-1_vA!scec9_vB!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=AB4A4E405198699714430730278&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 5770 43 B
183 B 293ms
94ms Image
image/gif 2600:1f18:612b:4232:542e:84b1:1361:c28e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66352515&crid=5585205&dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&cmcv=&pix=undefined&cb=1638190006070&uv=3074&tms=1638190006070&abt=adh5c-1_vA!scec9_vB!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=AB4A4E405198699714430730278&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:542e:84b1:1361:c28e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:46 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 5770
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6991eda4-5112-11ec-b368-130dfa940506&orig=video&us_privacy=1---gdpr=1&

0
230 B

12ms
12ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6991eda4-5112-11ec-b368-130dfa940506&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66352515&crid=5585205&dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&cmcv=&pix=undefined&cb=1638190006070&uv=3074&tms=1638190006070&abt=adh5c-1_vA!scec9_vB!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=AB4A4E405198699714430730278&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15987

Redirect headers

Date: Mon, 29 Nov 2021 12:46:46 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6991eda4-5112-11ec-b368-130dfa940506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 42
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 5770 43 B
220 B 11ms
11ms Image
image/gif 18.195.106.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66352515&crid=5585205&dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&cmcv=&pix=undefined&cb=1638190006070&uv=3074&tms=1638190006070&abt=adh5c-1_vA!scec9_vB!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=AB4A4E405198699714430730278&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.106.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 12:46:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 5770
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-AjW0E7tE2uFEZIhAyWpFX4IVTiFyMW_ROYxmW_U-~A

0
230 B

23ms
12ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-AjW0E7tE2uFEZIhAyWpFX4IVTiFyMW_ROYxmW_U-~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66352515&crid=5585205&dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&cmcv=&pix=undefined&cb=1638190006070&uv=3074&tms=1638190006070&abt=adh5c-1_vA!scec9_vB!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=AB4A4E405198699714430730278&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 10929

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-AjW0E7tE2uFEZIhAyWpFX4IVTiFyMW_ROYxmW_U-~A
date: Mon, 29 Nov 2021 12:46:46 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 04D5 70 B
264 B 32ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 04D5 43 B
182 B 292ms
95ms Image
image/gif 2600:1f18:612b:4232:542e:84b1:1361:c28e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:542e:84b1:1361:c28e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:46 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 04D5
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6992b00a-5112-11ec-a4ef-125b01370506&orig=video&us_privacy=1---gdpr=1&

0
230 B

12ms
12ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6992b00a-5112-11ec-a4ef-125b01370506&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15307

Redirect headers

Date: Mon, 29 Nov 2021 12:46:46 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6992b00a-5112-11ec-a4ef-125b01370506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 56
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 04D5 43 B
220 B 18ms
8ms Image
image/gif 18.195.106.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.106.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 12:46:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A081 42 B
64 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvS8bnUCk3eM6rQXWeUXa_HhlMH9WpD4d6UXl1HTW3XBPcTaF5Hq8HVPJubmlvUx0rYKGIZCGT1RiSSe_h36urexxcLdBUVSFpvJcV1UdPBjwnpFg57-A&sai=AMfl-YSXZsMB37f4ie4Roli-MNYBgq_5EspFqst-iqsmY794SjX76kOJM4YM92PU7bnipjphsJVknquVr4zWLXcMDdhRFM8yVnMLRNFXk3wIQYrYFYDxHZbT6AOvdvBI&sig=Cg0ArKJSzK6g655DwonKEAE&cid=CAASEuRolr_UbQu6BzSAcupnuUDjKQ&id=lidar2&mcvt=1000&p=880,1127,1134,1427&mtos=450,1000,1000,1000,1000&tos=450,550,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3366393260&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638190004790&rpt=434&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk Show response
trc.taboola.com/ig-internetgroup-network/log/3/ 0
89 B 31ms
31ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ig-internetgroup-network/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ultimosegundo.ig.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Mon, 29 Nov 2021 12:46:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638190007.553919,VS0,VE10
x-served-by: cache-fra19157-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://ultimosegundo.ig.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame BAEA 21 KB
9 KB 109ms
109ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62-ig.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:46 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 001B 21 KB
9 KB 109ms
109ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62-ig.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:46 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 9A77 21 KB
9 KB 207ms
206ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62-ig.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:46 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 4E5F 21 KB
9 KB 202ms
202ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62-ig.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:46 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame AF04 21 KB
9 KB 203ms
203ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62-ig.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:46 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
740 B 6ms
6ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 18465
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
x-served-by: cache-fra19157-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1638190007.777388,VS0,VE0
date: Mon, 29 Nov 2021 12:46:46 GMT
x-amz-request-id: E8X2YXVA73E9K5Z9
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 45
x-cache-hits: 21363

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 84ms
29ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: i0.statig.com.br
URL: https://i0.statig.com.br/publicidade/prebid/prebid_4.28.0_roac.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:46 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 30 Nov 2021 12:46:46 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6D52 11 KB
5 KB 58ms
20ms Document
text/html 2a02:2638:1::13

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ultimosegundo.ig.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 -, , ASN (),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2133
date: Mon, 29 Nov 2021 12:46:46 GMT
content-length: 4683

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 95ms
45ms XHR
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:47 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 30 Nov 2021 12:46:47 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6D52
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ig.com.br&sn=ChromeSyncframe&so=0&topUrl=ultimosegundo.ig.com.br&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=EsQf_XxMZ0pFKzRQeFFZaU84eTI4MUllRkkrQ3BVaDZjTmt6NmVkWVd3dWhwMWlWd2VUejF6eDZ3UGx3WHRqWGgvNUMxSlF4SDZpd0Y1ZUQwZFhYVlhBajl5ckZLS3VlU2MwV3NUbHI1TkYwNUZGV1owWkE4T3V5dVNPQ1...

427 B
619 B

52ms
18ms

Fetch
application/json

178.250.0.157

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EsQf_XxMZ0pFKzRQeFFZaU84eTI4MUllRkkrQ3BVaDZjTmt6NmVkWVd3dWhwMWlWd2VUejF6eDZ3UGx3WHRqWGgvNUMxSlF4SDZpd0Y1ZUQwZFhYVlhBajl5ckZLS3VlU2MwV3NUbHI1TkYwNUZGV1owWkE4T3V5dVNPQ1lmRTczSUVZTGExaTNDcERPcDYvQVJtMnJxRk9OYldGWXBpTTNRc3BRRXlIb3hqZ0lTallCejJzV05aREFtNERsWGNhaEcvdFFQRjV2alk4VktzVUpNQkEya1RFMzNpbHdhMG43WDFQZGprSGlBU2JVeVlLVXZLeG03L3dSMDZ1S2pIM3BLdGpBZC9peUthdnhhTFdUeFFkbmRDN3h6dz09fA&cppv=2

Protocol

Server

178.250.0.157 -, , ASN (),

Reverse DNS

Software

Resource Hash

749b2e7e0880ee2421d6d3152e372a3f20bd8ae3c0cc94f1423493a3ed68dd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 29 Nov 2021 12:46:46 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4040
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 29 Nov 2021 12:46:47 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=EsQf_XxMZ0pFKzRQeFFZaU84eTI4MUllRkkrQ3BVaDZjTmt6NmVkWVd3dWhwMWlWd2VUejF6eDZ3UGx3WHRqWGgvNUMxSlF4SDZpd0Y1ZUQwZFhYVlhBajl5ckZLS3VlU2MwV3NUbHI1TkYwNUZGV1owWkE4T3V5dVNPQ1lmRTczSUVZTGExaTNDcERPcDYvQVJtMnJxRk9OYldGWXBpTTNRc3BRRXlIb3hqZ0lTallCejJzV05aREFtNERsWGNhaEcvdFFQRjV2alk4VktzVUpNQkEya1RFMzNpbHdhMG43WDFQZGprSGlBU2JVeVlLVXZLeG03L3dSMDZ1S2pIM3BLdGpBZC9peUthdnhhTFdUeFFkbmRDN3h6dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1904
content-length: 541
expires: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame A081 35 B
502 B 17ms
16ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=7077274059530533352@@40774889,634298908645355492,100|1001|0|0|0|0|0|0|0||39|1|||||1|0|0|ZRXuFLbMmppcPlakbYq96UjQEJww9nIbeOwlcpDAeKIaCgB3P281zom3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 7ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 263
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by: cache-fra19157-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1638190007.390337,VS0,VE0
date: Mon, 29 Nov 2021 12:46:47 GMT
vary: Accept-Encoding
x-amz-request-id: X0T5G34XC8D2QGE8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 45
x-cache-hits: 2038

GET
H2 200 / Show response
pips.taboola.com/ 64 B
245 B 40ms
6ms XHR
text/plain 2a04:4e42:400::300

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 -, , ASN (),
Reverse DNS
Software: Varnish /
Resource Hash: bf8d10e274a3ac1f4514103df4921fb1dc19e35192a4dae10bfa990adc952f89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:47 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19128-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://ultimosegundo.ig.com.br
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 1338ms
218ms XHR
text/plain 141.226.224.32

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=eb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134&uad=0ef5b8f161165aa183b1cf477117888e8b63acf6ca1a0294e928e032f5e76d3f
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ultimosegundo.ig.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 29 Nov 2021 12:46:48 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A4EE
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

70ms
13ms

Document
text/html

92.123.9.160

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7J2cCFgOQsB3JtvVwtgSQsB3JtvVwtgUAAAAGBvQHG0EhLUgr0mC1WA5ny-VuMRptBrvNYLIbDmEjKKQFaUUarBbL4Wy53C02q9FiN5tNBoMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8IHETT6fC57vV6n9lv8dt1Zr_Fb9f43X7B3-w0PT0Ov8xvebhFDrfYYXu4pQ7T3y1ymU0Pu1vmsL4Fl7_b73H43RKzw-N1yyxPk8P5FjwsD7fGdfn83Xq72Wl3uWVPy8OtMNv-brnD85a8TC7PW7KaLGer3WgOAAAAAA8AVTk1ED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAiGSRoAUBwM57pbX3ajw_V52f0BAPCgAAIAIIBBAlCQG1QC8KE1dgIAAAAAAAAAwPL___8fM0BfNygDIKJ91gPw4APwQFRwWsQIAAAAADbBwuZoUidUFlUAAATpVgBXAAABfWu7vJphAAAAAmML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NiMjMLC2IBQBA7RcQAGDtFxAAgE3dAADeAuCCLgBWpxCr1WyxWE5Gq9kBAAAA3P3____rgdBy4RruVpvZzONZOWwuy8o5coxMs81usZgtTDPveSZo1QdaKC_1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p9AzgY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhghTFt9oZBwt3KLBZuYWLWa2tcQ1m7hFk4lrZRxtHL7JxC16fUzH5cq12IymeDAfl3Nfu3BRMIBwL4KLdKL0uZV208tyd5l-lr_r8Ja7TL-_5WsRSzQni3Qiu-xLy4VruFttZjOPZ-WwuSwr58gxMs02u8VitjDN_C2LbzQyjhZu0WAzc4sWM9ta4ppN3KLJxLUyjjYO32TiFr0-puNy5VpsRvvGbDNcLAeDwWjfmG2Gi-VgMBjtO3SG7-pzNgpLopdHqDh_o8-uzHxQuAwW709iWky7s4Pn9zs6beqXsqgzCi_fo9eg8Bw8pqPtJnJcX9bT7zP6HgyKWCI4XaQT0ct4uoglkqdFOpGZJs7VbDFY-Tam2XC5MS43E5dxMDNMXAvXyDCyiCVK00U60Qv-Zqfp6XH4ZX7Lwy1yuMUO28MtdZj-bpHLbHrY3TKH9S24_N1-j8PvlpgdHq9bZnmaHM634GF5uDWuy-fv1tvNTrvLLXtaHm6F2fZ3yx2et-RlcnnektVkOVvtRhP1HxdiN5sr55LJXDVaJQAAAAAAAACAJcyZNwEAAAA4DWa3WgxWywWQIITSBQYBAAAAAADYhV_4S4mvqzEpbvwYI31upd30stxdpp_l7zq85S7T72_5mnmzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYJQc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Nov 2021 12:46:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Mon, 29 Nov 2021 12:46:47 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A4EE 32 KB
10 KB 43ms
43ms Script
text/html 92.123.9.160

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 23f53eb8e6f5ab2c67d8e63b25b9abe03408efa0529f8abed515259d7966f2f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 12:46:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=47759
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Tue, 30 Nov 2021 02:02:46 GMT

GET sync.php
pixel.rubiconproject.com/exchange/ Frame A4EE 0
0

GET

tap.php
pixel.rubiconproject.com/ Frame A4EE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e17961a4-cbb2-4800-abe7-e066b7cbd54d&expires=28

0
0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame A4EE 70 B
264 B 33ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame A4EE
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWKO14VR-1M-8YYU&sigv=1&esig=2~b2421d76a3dfea325a9ec78b3ee9987797f79a05&gdpr=1&us_privacy=1---

0
616 B

33ms
10ms

Image
text/plain

2a00:1288:80:800::7001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWKO14VR-1M-8YYU&sigv=1&esig=2~b2421d76a3dfea325a9ec78b3ee9987797f79a05&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Protocol

Server

2a00:1288:80:800::7001 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:46:47 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWKO14VR-1M-8YYU&sigv=1&esig=2~b2421d76a3dfea325a9ec78b3ee9987797f79a05&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4EE
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDM1ZDM2N2I5YjQ0OGY2MTM2MDdmODdmMjJjZjljZmNmMzZhNGE2Yw&gdpr=1&us_privacy=1---

170 B
196 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDM1ZDM2N2I5YjQ0OGY2MTM2MDdmODdmMjJjZjljZmNmMzZhNGE2Yw&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDM1ZDM2N2I5YjQ0OGY2MTM2MDdmODdmMjJjZjljZmNmMzZhNGE2Yw&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET

tap.php
pixel.rubiconproject.com/ Frame A4EE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESED4E934mXVIdynyuR2iGmg8&google_cver=1

0
0

GET
H2 200 btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame A4EE 85 B
259 B 100ms
99ms Image
image/png 151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:48 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1638190008.910629,VS0,VE92
x-served-by: cache-fra19145-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
content-length: 85
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4EE
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dLTzE0VlItMU0tOFlZVQ==&gdpr=1&us_privacy=1---

170 B
196 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dLTzE0VlItMU0tOFlZVQ==&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dLTzE0VlItMU0tOFlZVQ==&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET

tap.php
pixel.rubiconproject.com/ Frame A4EE
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/_eDpISzvhHG_0Z7x0exWzsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=435239704917948456

0
0

GET
H3 200 CongstarFont.woff2
s0.2mdn.net/ads/richmedia/studio/45844501/ Frame 9CA3 102 KB
102 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/45844501/CongstarFont.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4528516/1458787418024569/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:43:31 GMT
x-content-type-options: nosniff
age: 197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104232
x-xss-protection: 0
last-modified: Thu, 06 Oct 2016 14:32:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 12:58:31 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame D410 35 B
493 B 19ms
19ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8167366137303455109@@40774892,1319004019568536448,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|xiGcYojOqCdcPlakbYq96SCK8kwHh1vV29PS-g1xR2sgcZ6gaqwXDYm3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 8AE0 35 B
493 B 18ms
17ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=2365416622411392581@@40774881,2558271597121494965,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|POHNcC3NRzNcPlakbYq96Wj2cXi3mQrI4ZAbmUOyKUtfPAMobxOyXYm3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame A081 35 B
502 B 16ms
16ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=7077274059530533352@@40774889,634298908645355492,100|4498|0|0|0|0|0|0|0||176|1|||||1|0|0|ZRXuFLbMmppcPlakbYq96UjQEJww9nIbeOwlcpDAeKIaCgB3P281zom3nyX34Xgm0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame BDB7 35 B
502 B 16ms
16ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5080884287350299236@@40774892,1431311411309231147,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|xiGcYojOqCdcPlakbYq96Z1_9iwFn-cCTm1Ceo5DzEYqq0ZjqYi-H4m3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 12:46:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 9CA3 57 KB
57 KB 7ms
6ms Font
font/woff 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4528516/1458787418024569/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:32:58 GMT
x-content-type-options: nosniff
age: 832
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 12:47:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: localhost
URL: http://localhost/

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESENj4U8xBOiQNP5We0zhab6g&google_cver=1&google_push=AYg5qPLVVTG8wR767MAK2OTzIewkt6yfg7zwk5VBerSIb_m5zp0mjmKnhUyTwZsCvCVNaUTDGSESo13sihsLo1pyC1K5hKjyfj8

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESENj4U8xBOiQNP5We0zhab6g&google_cver=1&google_push=AYg5qPI2g6aVOUaz7YW2XPhpRUDTgp5iHkQwLZmRKZfkWfbYzsnfd5GlnDsBoK2V_F2gV3OWcRJS-F10X6zWXQFD8Z5AnHatmaId

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e17961a4-cbb2-4800-abe7-e066b7cbd54d&expires=28

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESED4E934mXVIdynyuR2iGmg8&google_cver=1

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=435239704917948456

Verdicts & Comments Add Verdict or Comment

278 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ultimosegundo.ig.com.br/politica/2021-11-28	1969-12-31 23:59:59	Name: cross-site-cookie Value: bar
ultimosegundo.ig.com.br/politica/2021-11-28	1969-12-31 23:59:59	Name: SameSite Value: None
ultimosegundo.ig.com.br/politica/2021-11-28	1969-12-31 23:59:59	Name: Value: Secure
.ultimosegundo.ig.com.br/politica/2021-11-28	1970-01-19 23:04:36	Name: Bet365 Value: true
.navdmp.com/	1970-01-20 07:49:06	Name: ac3 Value: 1
.navdmp.com/	1970-01-20 16:19:57	Name: nid Value: fc8b14e84f009079350bb821609\|1\|359
.ig.com.br/	1970-01-20 07:48:46	Name: nvg53725 Value: fc8b14e849981c682ae44447809\|0_334
.quantserve.com/	1970-01-20 08:33:24	Name: mc Value: 61a4cbb2-692e4-10b8e-ebe69
.ig.com.br/	1970-01-20 08:27:38	Name: __qca Value: P0-741559820-1638190002405
.mathtag.com/	1970-01-20 08:29:05	Name: uuid Value: e17961a4-cbb2-4800-abe7-e066b7cbd54d
.doubleclick.net/	1970-01-20 08:24:46	Name: IDE Value: AHWqTUkoTRqPjSzj_klJZW1e3ZStxL5v8njrRAh-h5zfcZfAlY4YGHbKLhEqgcNZg3E
.webspectator.com/	1970-02-17 10:47:19	Name: ___ws_gid Value: F3F8B8AE990D91F6
.ig.com.br/	1970-01-19 23:03:11	Name: ___ws_ses Value: F3F8B8AE990D91F6.1
.ig.com.br/	1969-12-31 23:59:59	Name: ___ws-sr Value:
.ig.com.br/	1970-01-20 03:22:22	Name: ___ws_vis Value: F3F8B8AE990D91F6.1638190002703
.ig.com.br/	1970-01-19 23:03:11	Name: ___ws_ses_sec Value: 4298:1638190002703
.ig.com.br/	1970-01-20 03:22:22	Name: ___ws_vis_sec Value: 4298:1638190002703
ultimosegundo.ig.com.br/	1970-01-19 23:03:10	Name: ws-refr Value: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html
ultimosegundo.ig.com.br/	1970-01-19 23:03:11	Name: ___ws_d_st Value: {}
.scorecardresearch.com/	1970-01-20 16:19:58	Name: UID Value: 1SXWPBM2KWVV6FVQFG3U06g1638190004
.ig.com.br/	1970-01-20 16:34:22	Name: _ga Value: GA1.3.95513423.1638190004
.ig.com.br/	1970-01-19 23:04:36	Name: _gid Value: GA1.3.451281687.1638190004
.ig.com.br/	1970-01-19 23:03:10	Name: _gat Value: 1
.pn.vg/	1970-01-19 23:03:11	Name: __cf_bm Value: BznAVMbVK0DN64AMbcY.W42r8gtXjzujlJkK4BVTBm0-1638190003-0-AbGtJ7zon8ByAwsiK/LeTQQ81Pl5S44AdTPtgBxebUrw7ZLLT5wCJXdB65DJpo1xRL5TjNmr+1AVgFMeaQCemB8=
ultimosegundo.ig.com.br/	1970-01-19 23:03:11	Name: _tb_sess_r Value:
.clevernt.com/	1969-12-31 23:59:59	Name: hstpv4user Value: eyJJRCI6IjY1NDI2OTg4d2FuNjFhNGNiYjNkOTk2NyIsIkNUUiI6IkRFIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMjk1MzM4NTUyNiIsIkxhc3RVcGRhdGUiOjE2MzgxOTAwMDN9
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptGfrzPAh1r4L5PW3iSKqdZLqKjo/FKQattD3GB2TGFkanCXKRK1XEokALhlcJ9R8vVZqNCxkmzGqrEKJWU66THvScWV7/AA==
ultimosegundo.ig.com.br/	1969-12-31 23:59:59	Name: ortcsession-w5tlOg-s Value: 3d4e9a7245d602a7
ultimosegundo.ig.com.br/	1970-01-19 23:03:11	Name: ortcsession-w5tlOg Value: 3d4e9a7245d602a7
.rubiconproject.com/	1970-01-20 07:48:46	Name: khaos Value: KWKO14VR-1M-8YYU
.rubiconproject.com/	1970-01-20 07:48:46	Name: audit Value: 1\|hLZGFuTafB0dBFz/H6iPryYsttz9VT367yYnFuSDAiObi+2Td/xv7aIYNpPl2jodmoZW3sTwIB06yU7SjYWebt9ePo0ZCIOkIvmEBe9plWmnug5I3YEiqg==
ultimosegundo.ig.com.br/	1970-01-19 23:46:22	Name: clever-last-tracker-48973 Value: 1
.ig.com.br/	1970-01-20 08:24:46	Name: __gads Value: ID=aeeb2e9eedfe4ded:T=1638190004:S=ALNI_MZxUWJmqAJA1LgYeyC5SCxM2Bcg_w
.adform.net/	1970-01-19 23:46:22	Name: C Value: 1
.adnxs.com/	1970-01-20 01:12:46	Name: uuid2 Value: 5966740284298926830
.adnxs.com/	1970-01-20 01:12:46	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilgm9P3K!]tbPl1M>e)ZlrFUfJ+tGXxpSCZ/If>l4-<Cf@@nMZqo`WdcQOyz>TGy1bpRzqF1`b_MD*!9PZ
.casalemedia.com/	1970-01-20 01:12:46	Name: CMPS Value: 5203
.casalemedia.com/	1970-01-19 23:04:36	Name: CMST Value: YaTLtWGky7UA
.adform.net/	1970-01-20 00:29:34	Name: uid Value: 5080884287350299236
.adform.net/	1970-01-19 23:13:14	Name: TPC Value: 1638190005175
.casalemedia.com/	1970-01-20 07:48:46	Name: CMRUM3 Value: 2d61a4cbb52760CAESEB1D-CXuBNwbr6YE9YnERCk
.advertising.com/	1970-01-20 07:50:12	Name: APID Value: UP68de19d3-5112-11ec-9982-06a20cd9f756
.lijit.com/	1970-01-20 07:48:46	Name: ljt_reader Value: 2a03716d09da62beea0c8051
.casalemedia.com/	1970-01-20 07:48:46	Name: CMID Value: YaTLtb8k911S2gjdpEdOfAAA
.casalemedia.com/	1970-01-20 01:12:46	Name: CMPRO Value: 1101
ultimosegundo.ig.com.br/	1970-01-20 07:48:46	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Deb74d84a-403f-41f6-b56b-42b5e84ca72b-tuct89e5134
.yahoo.com/	1970-01-20 07:49:07	Name: A3 Value: d=AQABBLXLpGECEKV9gr588o4djbew9D7GBqMFEgEBAQEdpmGuYQAAAAAA_eMAAA&S=AQAAAn8DChJW52znerWk-JqeH-I
.krxd.net/	1970-01-20 03:22:22	Name: _kuid_ Value: OgsE24Jz
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP68de19d3-5112-11ec-9982-06a20cd9f756
.yahoo.com/	1970-01-19 23:04:36	Name: APIDTS Value: 1638190005
.quantserve.com/	1970-01-20 01:12:46	Name: d Value: EFcBCQHrJIEA
.mathtag.com/	1970-01-19 23:46:22	Name: mt_mop Value: 4:1638190005
.pubmatic.com/	1970-01-19 23:04:36	Name: KTPCACOOKIE Value: YES
.w55c.net/	1970-01-20 08:31:58	Name: wfivefivec Value: pRiwhcmy1MRG3r5
.adfarm1.adition.com/	1970-01-20 01:12:46	Name: UserID1 Value: 7035972496126376077
.turn.com/	1970-01-20 03:22:22	Name: uid Value: 2725370900057762704
.ctnsnet.com/	1970-01-20 07:48:46	Name: cid Value: 78f9d7b7a2eb441f83eaad951eab5b73
.360yield.com/	1970-01-20 01:12:46	Name: tuuid_lu Value: 1638190005
.360yield.com/	1970-01-20 01:12:46	Name: tuuid Value: f710d2f5-aa50-42cc-85b0-834f60bcf96f
.w55c.net/	1970-01-19 23:46:22	Name: matchgoogle Value: 5
.bidswitch.net/	1970-01-20 07:48:46	Name: tuuid Value: 3485878c-5a24-4181-b8b2-0b024f33ad90
.bidswitch.net/	1970-01-20 07:48:46	Name: c Value: 1638190005
.bidswitch.net/	1970-01-20 07:48:46	Name: tuuid_lu Value: 1638190005
.pubmatic.com/	1970-01-20 01:12:46	Name: KADUSERCOOKIE Value: 96F2A2AC-A43C-4F88-A438-D913B50E68CC
.bidswitch.net/	1970-01-19 23:03:10	Name: google_push Value: AYg5qPJ9U920m_xXjw9n9ReriPONPIVtGQ36AAzqmPtzma8Kp6EBk69eCDwZ96HZ8yahSKoqjRELsBrTzJEAoogGiIBv2wK9dK1T7A
.everesttech.net/	1970-01-20 07:48:46	Name: everest_g_v2 Value: g_surferid~YaTLtQAIMGUDdABR
.analytics.yahoo.com/	1970-01-20 07:50:12	Name: IDSYNC Value: "18wq~21t0:18yx~21t0:195y~21t0"
.taboola.com/	1970-01-20 07:48:46	Name: t_gid Value: 91c8792c-3c40-403b-8bb7-e9ad346e937b-tuct89e5136
.spotxchange.com/	1970-01-20 07:48:50	Name: audience Value: 6992b00a-5112-11ec-a4ef-125b01370506

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://cdn.pn.vg/push/ilabspush.min.js Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaTLtb8k911S2gjdpEdOfAAABE0AAAAB&google_push=AYg5qPKpMQHNTd14qhR1bGgfkMRq4Xmvs9_u7etXU1JPC_lonjIRMXOGm-3jx1uqaZ7eWZFs_YMG2dMWatGKyzYBf68gBxaf1BY&google_gid=CAESEFmiSY-V9N3DAqlLPKg-cCU&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLfDqKP_Q7Uy1j0s2yv-4J2cht-9BuAkMqOVhhTrX7G1jIa7_EgXOa-NPF4qHMrc_NYjG0Eh6xvNhwFPHpUkTdzvyr4-FPI&google_hm=X2JONE8tVGNQckd0TEdMbUdTY1paNlJDTENmdTJINXctR3dKaWRDT3dvRQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJ26L_Z3gyOjm9TvqjJlu5K_PgSeIwTBKVtMYHK4Pzoa44HJ3_ZXskJVs-Aon0BhkqWAlQAbHnGclrL5zwvSP_KBE3nMw9c&google_hm=clA4R1RTbkVrUzdVa3VQNlRjLWJuUkVsczdnMTJsajUzWHhEUTZtWnpiMA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPKyx0HYr7Xo2TrnpNGFeYFHBQWlzVC_KrqLpJT_y7GMNm9RPAdSprW2qvcEqMSt-NbjjyVB-oybOxYF5wcJ9eG4RCBfdtgi Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html Message: The resource https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html Message: The resource https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html Message: The resource https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://ultimosegundo.ig.com.br/politica/2021-11-28/deltan-dallagnol-faz-promocao-black-friday-de-curso-e-vira-alvo-de-piadas.html Message: The resource https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9xDS9apQQsyFsINPYLz5bw&google_push=AYg5qPL0VzidLA-caK-y8OcUprg9yrCVOTLjoN8zjLVshobGtF5w0QmwAUgxCB08Hb39tGhOcNOt34HB31ac7lOZY22NbE4RWCuvRg Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
ad.turn.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ap.lijit.com
api.pn.vg
beacon.krxd.net
bidder.criteo.com
cd70dc14500d4a42be7914829ae7e903.safeframe.googlesyndication.com
cdn.krxd.net
cdn.navdmp.com
cdn.pn.vg
cdn.taboola.com
cdn.webspectator.com
cds.taboola.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
code.createjs.com
consumer.krxd.net
cookies.pn.vg
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i0.statig.com.br
ib.adnxs.com
image6.pubmatic.com
imprammp.taboola.com
instant.page
localhost
lp.cleverwebserver.com
match.adsrvr.org
msgws.webspectator.com
mug.criteo.com
opi.navdmp.com
osp-assets.pn.vg
pagead2.googlesyndication.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
rules.quantcount.com
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
scripts.cleverwebserver.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
sender.clevernt.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.navdmp.com
sync.search.spotxchange.com
sync.taboola.com
sync2.navdmp.com
taboola-supply-partners.tremorhub.com
tag.navdmp.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
ui.cleverwebserver.com
ultimosegundo.ig.com.br
unpkg.com
ups.analytics.yahoo.com
usr.navdmp.com
vidstat.taboola.com
webservices.webspectator.com
wfpscripts.webspectator.com
widget.perfectmarket.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cm.g.doubleclick.net
google2waycm.netmng.com
localhost
pixel.rubiconproject.com
13.225.77.123
141.226.224.32
141.226.228.48
142.250.185.98
142.250.186.66
142.250.74.194
148.69.64.76
15.197.193.217
151.101.1.181
151.101.130.133
151.101.194.133
151.101.194.49
151.101.65.44
178.250.0.157
178.250.0.165
18.193.4.24
18.195.106.43
185.29.134.248
185.33.220.240
185.94.180.125
198.47.127.19
2.18.69.50
2001:678:cb4:bbbb::11
212.82.100.182
213.19.147.45
216.52.2.30
23.202.53.51
2600:1f18:612b:4232:542e:84b1:1361:c28e
2600:9000:20eb:8600:6:44e3:f8c0:93a1
2602:803:c004:200::143
2606:4700:10::6816:4c5b
2606:4700:3039::6815:c0b4
2606:4700:3039::6815:c0b5
2606:4700::6810:7aaf
2606:4700::6810:ef3
2606:4700::6811:a1a
2606:4700::6812:1676
2606:4700::6812:1d7e
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:80:800::7001
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9a
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00::210:ba2a
2a04:4e42:400::300
2a05:d018:d29:3605:b45:69d2:4384:b6f4
3.126.56.137
34.228.251.145
34.234.140.75
35.186.193.173
37.157.3.30
37.157.5.73
52.1.252.251
52.18.40.211
52.57.86.173
66.155.71.25
69.173.144.139
85.114.159.118
92.123.9.160
08736a1058fabb07f01ad941d8efc2d62d312c05d853bc82cafd942aa8489a0b
08c8b21fa63d60565144598cdab68984b80f2cdfecc4014a51f3a4cd4c143275
0918725725c371abd28fb918c98559b0bd7bd2ea78b0ca47c652e6859265a6c9
0a0fbe801018e3e13cedde3c9f8af4bf907175785b019b3e08a901df08a4d3b7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e12d15a2134515189ce9ba51e11767aa354063bc227ac0576e7eb08ae5eae89
0f9eb005b24103a89f1e3cf2b19caf956a7e0481d446be5bb6b3a1ce541422ea
1195918f381f5acabbf5d1f73e0330b01a579b612c5dcd15bcae3d79115866e1
122c68ef5b96850581f49f5a40038c8b540df6f61fb1050a579396326ed19898
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c0cf9f6de304a51f19366fe047fb42bb246c48f96fb0bcbe0cc6543e596e4f
150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80
1aa608fe40501cfd597b29d216e7d2f031214e7715aabc6fe344714a2b4c9eca
1ba1379142cf56bdeb04a51cab3a341bfea9e6e7612b845d8da6419c3c686fea
1c5a674b146c5944490af733bc7691aaee22238092a81bc66823867cbb0ead8a
20939bdf42aa69ef12fb0a2f8d06ebdb6f31d41240fe09fe8d13f300eba23d96
21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c
21dff8629c39fe1f0d4cda9e8d7670a978fbd8cbc30bbd64a6da23c7c77e781c
23f53eb8e6f5ab2c67d8e63b25b9abe03408efa0529f8abed515259d7966f2f8
241155907faff3ddf6df02126069a4fc7f05f77454acef7e1cbd49d8395ea556
24fe7e4c353937e55ac1ee80c4f95679b9beaac602601dfbd1e32b30ae7699f0
26f23c42cb0b8ccf01747102693b7049c3ed3e4b0ebc34d3dc7bf4cc7a1ffada
27cdbc6ceb3c64a6fc6ad32390b513e0ba72f7435ba03f58bc4e8ef3eed48319
2b491ee638aa0636d43b4078f5fe81b47a9d5e014bb9a568d38658ebf203d4f0
2e616e0a51ae1e98f7ac3469594d28c1e6b6bcf637dd594e6734fdbe09588db4
2f8e1830268c54658f9fb3e47c8b76fe6d89b0b8193cb42c85fb1058c470299c
2fcfe2782543f837703e2a2950fa8504e04933cb5b22c0cf83cf34e216729202
307f81c7e43cf8160605495ba9994bb30dbe60df8e62cfa635e5a29ba455f2dc
310b28ac061650c615b0a70e171769f70c625e04a4e89bbe0d8bc892c12031ac
31c64c49aced83c84ff88bce719ed564b507f80bb2a586e3d5135e709c00eb23
321665f63dd01ae97ce2db14eaa65071c34d54bc5b6fe07ace2376c3ab0ad69b
3361e91435c8d8a10b7ba8e447fdb9e8cf94681182d2ce70a59dd3fb56dfca5d
3371f801000f02d00a3011c06bd012698f91b361b6d8d4bb76816e8dba84d22f
3424edf9930c5ea9bab2f1cc97d3d96e0634f80a4ce97ed29230caf67b0b6099
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a1a1dc4c5efa2ad4da95fa893fea8406d60838ef4ed0aff33c8335f3f8b66c
3805120c54e56c53a2538f6db7951211560ebe6edd7f96ba6748b6bf0b63f482
39557a7f33ff6f1f964462ce178d8fce00ac5ff51203849598375035c271128a
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3bd58e35553fae10ffd9313150213d074a422bec27024257ca2eee3aa0a27494
3caca0548dfa1e75942da5de52e25020df9782ccefd738dab59f0ca81cd0f9f3
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5
3e7133aa9ea26b5f2f1d6223d09c6856290d0928751e2cbd8019790fea3d4f87
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03
41b24bedde901818e2de2d0f47b5007524cb4758d879e3d5c80ad65604fbf160
422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20
47ec43a976a02f308644a37ac16e7270e3ef6e9e6e1ab01b25c6b16f9c92a931
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
491a1930b3803b2f1119633f96c7742fd1c65cf19da4faf488bf0f0fb3bef92c
49c132dbc2dfd6a7fc08e685413fefb75cce0896a42ce04aed13ad2866970a00
4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539
4a6a47a362db1d1e4370b995be64fcca90aaab507abdede4d51a2942eebf3e17
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d874be1cdfd3198f90ff2a6ee4e949b877259980ebb6dbeed554164f89e0b44
4f4715460ceb48d91ce5ca6a0fc670b5f2b6d5370f2cc9cb07ec04b82d7f3701
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51bed738a88ebcfee0b97de05f5794b492fef21c54a406d86f5c9e4cc969e68f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3
55904d995e0a34983ca3f216b980347a8677ff700fa81f0d99582db39685de58
56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5ae962ea488c2f954d15cf08816d5abac08f52b68b2148ce0490cec915b9f128
5b70327b18b83eaf79d0b3b175e10cbfc5ead3f146684fb9e34d59f1a8345fa4
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230
6438652b06337d0665587b7b15dd632fa35a0e99a9fcea79b3a124e692ed64a3
6747e709d3592f6d0e131364774e86e4862dc80836699aa6edbae13e8bd720ed
69e18acf4210e512378ef9ce202aa504c46cf34e1abc492bf676b86a04edd00d
6ad3a9f52e081b13ac0b02580922cf9f472a723499f0a3ad729530eae802886c
6f1175d5b4fc2986cd4aed612a8f339da50cf8b28245e6059e35bb7ce1b7e914
6f6d66d3b77eb846070778c27c9445f0336cf44fdf1f16b9c5cfb01abdc1c0f1
749b2e7e0880ee2421d6d3152e372a3f20bd8ae3c0cc94f1423493a3ed68dd83
757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df
77975c195fcffe3d4b63ce1d1d899d11cbbe5817789a972e9d673d172196f405
7a19984d571822b96ee6b9409e41876768a4934047124d95ee11abfe14423d72
7a1c3535dfa3a006455d30af09d59ea1c17f181aaed752e3a076fb37d54cb9a5
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
7cdf6cc66d09d6323e084e7a39b1c909869ea9c0d5e54beccb854109483de7f2
7eadfe2faf760f5867c746c48b7661683cdf1801ef401b22aa47e8844b594179
7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a
829c2d63292a922e20c5ccd6befb457396af06a466ab2829401bc175035bd2b8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
85afb8f06c5a04978df28e7adaacee7ba0648503776d34b3dc75c47452df67f2
85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
8699269a448ef73c4746a2bd7ac33a8b04240431ab7256aec22968652ea92f69
869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33
86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26
87a621fc047090c531e9e2d685e6b3c9175cc0cfd888c90c1daf5b4f9bed717e
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89facceaa87231ab6878db6a1f5b7346b0b5c7b886ff5d7de19bd46202b9da0b
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b59e9de69384439725d3b593b5c7eaab27e59d16879cf12e8af4bd434d8546b
8ccd8267074c1e01e7d21d98d212fec77abfa9a8a7c68f199ab61c1351a02296
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b
8d827fb943d8a11015605086f0cd12190eaaaec7d42fdce5955edfb16bfc4bb5
8da1af9bea99eb5f40ed7ae215088540103b41491cb4c56b0a49254400504cbf
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
903a30008ee9249cc71b6cb534c86e5e8caf0358be048234734e5267c5051177
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
966827e765bea9ab0891604038f47128e807ce4f945d76d6cffc6258f2f92c07
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9fd2f28fdd0dfef7165c579f553505f034a9ffb2e622e5a27ee4afdf2b89b502
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1493ee6db9b437bda61c7772b5d4bf1fc8deb27387e3086f53fc7d209d7e81a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5740190ccff6ae3479381051dadb4c3cbbff210d839dfd119bfc10752607315
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87f4a24f4f01835df7934304d45ee8cbdb5a53a38c07a5ff75b882faa6e0c57
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad2eafcafc70de6f521a79b473ad6fa18750622751a0542f1fb4ee8995bee008
ae0838b56d0b5007c4e2bd436c0106f1712ddbe4f7020b17adf3cc144740bbbe
ae8fc06de3bf41915d227c897a89b47a0f32a3a75c09dde8d39ea1dc27d95318
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3e5cfbec7a3ad4f4f5ae7f38bd6e857fb46b79a4851ed6084f32adcd327363
af826959e3b915ae25f936e25e0384e389fbaa98574273c18e54abf57883c723
b112103c51c9ef84dc320cd03022903acfc96e907aa885f09348eaf468eda9a6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b30e99c952f1ea8a910db9482569a8007066b63243f679d4c125fe8f290cafe2
b69967c0d0795c59adbf5770fb6891760d3b8e2d0934aa54a165ae44de87447b
bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88
bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385
bca82d642f5d978b59db10014913b736f527d7c742f4a2281836f7c34dfaa71f
bd39187a63bf82e1752acc7f108b9f55cad58d26d6e36e4a01688aac302bf608
be339f8baf147b9c343cea4d6685a909c02f1c1ad17707eba82b30a19f5d20d1
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf8d10e274a3ac1f4514103df4921fb1dc19e35192a4dae10bfa990adc952f89
c3401afc923844ade07f26f7afc7d7b533dde9d93db00134c7d640fe36711b76
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
ca38646fd9d76082e9251583f9613469d22434353e4b11dadda86af37b0d55a8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb8c6b27c844450802297e5b9dee62d2a8daf4d1879aadf85fd8432752529e75
cc93a4534fad4d42c22ef5ba59d604a2831e47ad15310d8a878f69413deb7436
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406
ce675305ed291e79fb12c03a16372057a9cdf3335c0cab0073a74794f0b2eff7
ce6ef2801940a6e14e273264db836dc087ccf6c11902f693f0c61321ff2aad0b
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ceb6939190f9ceb9d0defa8d89239f2292e6829360f500aeb193c647f304b875
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bdd86697bb017441dbae00908e5824fd6d4c071310e5e52ccebc16463b3238
d12f1d9c35940a2b74b61e7125d12245c1de8c96e386583979963db701383d95
d8ee9e5c6172799b23c85276c45925ecac96175ae40fac90694ce5b65ed2e49c
db310e6ff85eafdb484c6a3705a7137e39f2e686412d28be6fa0195cd2bd4bc2
de4b6efbdf52e8eaeb718d190e8d3e486cae538b5e01b9a3b49fcbf284ee2685
df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470
dfcc8f74a5cebacd2821e200bcd0b55d8b2b403e3b36751fcc5fffc47fe0d9d2
e078334ed45ae6772a8f19f6e0e33bce3eb7036b07b5003fb435f37bb2aa0909
e0b67b3057636225604c9da907488c495c5deb3000d05174dd0d3af565e7999f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e43a5802d5ed9337da2e507c39c43080de4305db7e520e22fe3ec9fd83c1b72f
e4abcb25995824507287896b94d19768c0431a2f7fe3cc162b7370c31d3e931b
e53538494ea824f9b92bebbab3490c9cc861fc787e3cb2ccae6a0b70c19538d5
e5cb401cc56565442f671442427b0258f8520eaa52b470be469e8bc7059e4b8a
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e751e48f4e7ea27901a50cce0a3e5b695ede7cab50058c4cc51c4a7435d02b7d
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
ed3203d8498983b519c204b98570b6922114b38344423c53e3c372cddd0d85c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef39163cbbce50a84efc0cc838809c6e4e2ac01993727913a59f3463e100b579
f05853e1697c6da5c376f52167e0cc2bbd3f7a142c53bd8fbf457e1b04c1060f
f5c133a1fde3f99f80f7ce95147bfa0e150bde8c01ce5e07276e897d83a0d297
f5f2153203c3ac589d446a5169260aa6d8c5aa3bdf368a67c39f93fd85d9f2d5
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6942838852beb0146636ff0e659ab7e963bc73dbdbdcef79cb33adca54bf900
f72b1f9ce83feba0b7861a613253f154c24ae9d37adc192422aafb0df57eea0a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b
f80d43df7d04805b82c3e7d7a1a682607c39f09dbb95fd9e8ccceb45c6fcade9
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
f9fac0b5797fb9910e9d53bcc4918ac62d3a27ed5afb680d9a5a031fad329239
fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f
fd81d8edd46322a7e2192221ced4d0914929de4549a8ec673069b002eb2c34f0

ultimosegundo.ig.com.br Open in urlscan Pro 2606:4700::6812:1d7e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

381 Requests

83 %HTTPS

46 %IPv6

50 Domains

99 Subdomains

60 IPs

10 Countries

3222 kBTransfer

7929 kBSize

69 Cookies

227 Outgoing links

Redirected requests

381 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ultimosegundo.ig.com.br Open in urlscan Pro
2606:4700::6812:1d7e Public Scan

Screenshot
Live screenshot

Full Image

381
Requests

83 %
HTTPS

46 %
IPv6

50
Domains

99
Subdomains

60
IPs

10
Countries

3222 kB
Transfer

7929 kB
Size

69
Cookies

381 HTTP transactions
8 data transactions