g37.com.br Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.g37.com.br/
Effective URL:
https://g37.com.br/
Submission: On May 09 via api (May 9th 2023, 3:50:15 pm UTC) from US — Scanned from NL

Summary HTTP 442 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 74 IPs in 15 countries across 68 domains to perform 442 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is g37.com.br. The Cisco Umbrella rank of the primary domain is 807420.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 22nd 2023. Valid for: a year.

This is the only time g37.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
65	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
2 8	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
23	2606:4700::68... 2606:4700::6812:160e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
13	2a00:1450:400... 2a00:1450:4001:82b::2016	15169 (GOOGLE) (GOOGLE)
1 6	2606:4700:20:... 2606:4700:20::681a:442	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:18f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:4698	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 3	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
4 15	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
4	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
3	185.86.138.16 185.86.138.16	201081 (SMARTADSE...) (SMARTADSERVER)
1 12	104.22.68.131 104.22.68.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
17 51	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
7 15	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.17.96.165 52.17.96.165	16509 (AMAZON-02) (AMAZON-02)
8	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
1	13.32.121.11 13.32.121.11	16509 (AMAZON-02) (AMAZON-02)
1	52.215.61.40 52.215.61.40	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223f:8200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f18:1ac... 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e	14618 (AMAZON-AES) (AMAZON-AES)
2 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
3 3	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	64.74.236.127 64.74.236.127	19024 (INTERNAP-...) (INTERNAP-BLK5)
2 2	52.31.101.146 52.31.101.146	16509 (AMAZON-02) (AMAZON-02)
4 6	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2 2	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 4	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	18.195.170.223 18.195.170.223	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:e341:f6b2:dd43:a873	16509 (AMAZON-02) (AMAZON-02)
4 5	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
6 6	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 2	202.241.208.100 202.241.208.100	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2	3.74.91.153 3.74.91.153	16509 (AMAZON-02) (AMAZON-02)
1	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
3	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
7 9	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 3	67.220.226.234 67.220.226.234	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400e:2::9	15169 (GOOGLE) (GOOGLE)
2 2	188.42.34.64 188.42.34.64	7979 (SERVERS-COM) (SERVERS-COM)
2	8.2.110.114 8.2.110.114	46636 (NATCOWEB) (NATCOWEB)
1 1	193.108.153.23 193.108.153.23	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
442	74

32 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.g37.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g37.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.admasters.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adjs.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
server.gblcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6812:160e (United States)

ASN13335 (CLOUDFLARENET, US)

tags.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:442 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.currency.wiki	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18f6 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

data.gblcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:4698 (United States)

ASN13335 (CLOUDFLARENET, US)

a.cdn789.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.252.171.22 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

cpm.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.22.68.131 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 142.250.186.162 (United States) 17 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.80.39.216 (Canada) 7 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.96.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-96-165.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-11.fra60.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.61.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-61-40.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:8200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.74.118 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.248 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.127 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.101.146 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-101-146.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::90 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.248 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.170.223 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-170-223.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:e341:f6b2:dd43:a873 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.52.2.6 (United States) 4 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.45 (Castricum, Netherlands) 6 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.241.208.100 (Japan) 2 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.74.91.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-91-153.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.138 (Frankfurt am Main, Germany) 7 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.226.234 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:2::9 (Ireland)

ASN15169 (GOOGLE, US)

rr4---sn-5hnekn7k.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.34.64 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.23 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-23.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
102	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143	795 KB
96	doubleclick.net 17 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 cm.g.doubleclick.net — Cisco Umbrella Rank: 234 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 357	448 KB
28	g37.com.br 1 redirects www.g37.com.br g37.com.br — Cisco Umbrella Rank: 807420	796 KB
27	denakop.com tags.denakop.com — Cisco Umbrella Rank: 249375 cpm.denakop.com — Cisco Umbrella Rank: 282548	315 KB
19	wp.com s0.wp.com — Cisco Umbrella Rank: 7638 stats.wp.com — Cisco Umbrella Rank: 3022 i0.wp.com — Cisco Umbrella Rank: 3706 pixel.wp.com — Cisco Umbrella Rank: 2761	216 KB
17	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 232 acdn.adnxs.com — Cisco Umbrella Rank: 611	51 KB
15	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	721 KB
15	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	11 KB
15	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 491 eus.rubiconproject.com — Cisco Umbrella Rank: 589 pixel.rubiconproject.com — Cisco Umbrella Rank: 352 token.rubiconproject.com — Cisco Umbrella Rank: 600	16 KB
13	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	35 KB
13	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 83 region1.analytics.google.com — Cisco Umbrella Rank: 4217	3 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 950 static.adsafeprotected.com — Cisco Umbrella Rank: 631 dt.adsafeprotected.com — Cisco Umbrella Rank: 579	99 KB
12	smilewanted.com 1 redirects prebid.smilewanted.com — Cisco Umbrella Rank: 6274 csync.smilewanted.com — Cisco Umbrella Rank: 4243 static.smilewanted.com — Cisco Umbrella Rank: 11516	17 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	256 KB
8	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 385 fonts.googleapis.com — Cisco Umbrella Rank: 50 imasdk.googleapis.com — Cisco Umbrella Rank: 468	356 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	373 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1052 s.amazon-adsystem.com — Cisco Umbrella Rank: 293	4 KB
6	yandex.ru 4 redirects an.yandex.ru — Cisco Umbrella Rank: 4467	1 KB
6	currency.wiki 1 redirects www.currency.wiki — Cisco Umbrella Rank: 858488	38 KB
5	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 639	3 KB
5	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 674 gum.criteo.com — Cisco Umbrella Rank: 429 mug.criteo.com — Cisco Umbrella Rank: 2429	2 KB
5	google.nl adservice.google.nl — Cisco Umbrella Rank: 14080 www.google.nl — Cisco Umbrella Rank: 8603	1 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	282 KB
4	1rx.io 4 redirects sync.1rx.io — Cisco Umbrella Rank: 547	3 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 817 s.tribalfusion.com — Cisco Umbrella Rank: 2073	2 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 746	2 KB
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 792	2 KB
3	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 949 r.turn.com — Cisco Umbrella Rank: 3697	1 KB
3	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1705	2 KB
3	creativecdn.com 2 redirects prebid-us.creativecdn.com — Cisco Umbrella Rank: 32515 creativecdn.com — Cisco Umbrella Rank: 527	901 B
3	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 798	693 B
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	59 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39 region1.google-analytics.com — Cisco Umbrella Rank: 2495	21 KB
3	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 27944 ui.cleverwebserver.com — Cisco Umbrella Rank: 28837 call.cleverwebserver.com — Cisco Umbrella Rank: 30008	48 KB
2	ck-ie.com us.ck-ie.com — Cisco Umbrella Rank: 3360
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1702	1 KB
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 540	361 B
2	socdm.com 2 redirects tg.socdm.com — Cisco Umbrella Rank: 1080	2 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1173	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 324	1 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 505	2 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2410	810 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 562	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3063	207 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 585	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 682	911 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 740	797 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	253 B
2	adjs.media adjs.media — Cisco Umbrella Rank: 390673	2 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 775	36 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	114 KB
2	gblcdn.com data.gblcdn.com — Cisco Umbrella Rank: 352765 server.gblcdn.com — Cisco Umbrella Rank: 455794	8 KB
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 580	610 B
1	googlevideo.com rr4---sn-5hnekn7k.googlevideo.com — Cisco Umbrella Rank: 66910	2 MB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 414	651 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	265 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 984	500 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1581	586 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1307	350 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10383	287 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 612	338 B
1	truste.com choices.truste.com — Cisco Umbrella Rank: 921
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	603 B
1	cdn789.dev a.cdn789.dev	54 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1018	7 KB
1	admasters.media b.admasters.media	2 KB
0	richaudience.com Failed sync.richaudience.com Failed
442	68

	Domain	Requested by
65	pagead2.googlesyndication.com	g37.com.br pagead2.googlesyndication.com d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com imasdk.googleapis.com
51	cm.g.doubleclick.net	17 redirects googleads.g.doubleclick.net g37.com.br d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
33	tpc.googlesyndication.com	d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com imasdk.googleapis.com
29	googleads.g.doubleclick.net	pagead2.googlesyndication.com d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com googleads.g.doubleclick.net
27	g37.com.br	g37.com.br
23	tags.denakop.com	g37.com.br tags.denakop.com
15	s0.2mdn.net	d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com imasdk.googleapis.com g37.com.br googleads.g.doubleclick.net s0.2mdn.net
15	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
15	ib.adnxs.com	4 redirects tags.denakop.com googleads.g.doubleclick.net acdn.adnxs.com csync.smilewanted.com
14	i0.wp.com	g37.com.br
13	i.ytimg.com	g37.com.br
8	dt.adsafeprotected.com	d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
8	googleads4.g.doubleclick.net	googleads.g.doubleclick.net g37.com.br
8	www.google.com	2 redirects g37.com.br d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	csync.smilewanted.com	1 redirects tags.denakop.com csync.smilewanted.com
7	www.googletagservices.com	d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	g37.com.br securepubads.g.doubleclick.net imasdk.googleapis.com
6	an.yandex.ru	4 redirects
6	www.gstatic.com	www.google.com googleads.g.doubleclick.net
6	www.currency.wiki	1 redirects g37.com.br static.cloudflareinsights.com www.currency.wiki
5	pixel.rubiconproject.com	3 redirects
5	ap.lijit.com	4 redirects csync.smilewanted.com
5	www.googletagmanager.com	g37.com.br www.googletagmanager.com
4	token.rubiconproject.com	4 redirects
4	sync.1rx.io	4 redirects
4	d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	fastlane.rubiconproject.com	tags.denakop.com
4	prebid.smilewanted.com	tags.denakop.com
4	cpm.denakop.com	tags.denakop.com
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
4	adservice.google.nl	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
4	fonts.googleapis.com	ajax.googleapis.com googleads.g.doubleclick.net
3	s.amazon-adsystem.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	csi.gstatic.com	imasdk.googleapis.com
3	image6.pubmatic.com	3 redirects
3	um.simpli.fi	3 redirects
3	prg.smartadserver.com	tags.denakop.com
3	onetag-sys.com	1 redirects tags.denakop.com
3	fonts.gstatic.com	fonts.googleapis.com
3	imasdk.googleapis.com	tags.denakop.com imasdk.googleapis.com
3	www.youtube.com	g37.com.br www.youtube.com
2	creativecdn.com	2 redirects
2	us.ck-ie.com	csync.smilewanted.com
2	ads.betweendigital.com	2 redirects
2	eus.rubiconproject.com	tags.denakop.com eus.rubiconproject.com
2	acdn.adnxs.com	tags.denakop.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	match.sharethrough.com	d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com csync.smilewanted.com
2	tg.socdm.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	x.bidswitch.net	2 redirects
2	s.tribalfusion.com
2	a.tribalfusion.com	2 redirects
2	sync.mathtag.com	2 redirects
2	match.360yield.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	dclk-match.dotomi.com	d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	static.adsafeprotected.com	d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects googleads.g.doubleclick.net
2	www.facebook.com	g37.com.br
2	adjs.media	b.admasters.media adjs.media
2	code.jquery.com	www.currency.wiki
2	connect.facebook.net	g37.com.br connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pixel.wp.com	g37.com.br
2	s0.wp.com	g37.com.br
1	ads.stickyadstv.com	1 redirects
1	rr4---sn-5hnekn7k.googlevideo.com
1	px.ads.linkedin.com
1	match.adsrvr.org
1	static.smilewanted.com	csync.smilewanted.com
1	sync.go.sonobi.com	d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	rtb.openx.net	d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
1	s.uuidksinc.net	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	r.turn.com	g37.com.br
1	beacon.krxd.net	googleads.g.doubleclick.net
1	choices.truste.com	googleads.g.doubleclick.net
1	call.cleverwebserver.com	g37.com.br
1	prebid-us.creativecdn.com	tags.denakop.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.nl	g37.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	server.gblcdn.com	data.gblcdn.com
1	ui.cleverwebserver.com	g37.com.br
1	a.cdn789.dev	g37.com.br
1	static.cloudflareinsights.com	www.currency.wiki
1	data.gblcdn.com	g37.com.br
1	scripts.cleverwebserver.com	g37.com.br
1	stats.wp.com	g37.com.br
1	b.admasters.media	g37.com.br
1	ajax.googleapis.com	g37.com.br
1	www.g37.com.br	1 redirects
0	sync.richaudience.com Failed	csync.smilewanted.com
442	104

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.youtube.com
twitter.com
www.facebook.com
gml-grp.com
www.divinopolis.mg.leg.br
www2.gerdau.com.br
sintramdiv.org
www.avivar.com.br
www.sicredi.com.br
www.patiodivinopolis.com.br
cssjd.org.br
wa.me
www.mx72.com.br
chat.whatsapp.com
www.agenciaoficio.com.br

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-22` - `2024-02-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
denakop.com Cloudflare Inc ECC CA-3	`2023-02-17` - `2024-02-16`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.currency.wiki GTS CA 1P5	`2023-03-26` - `2023-06-24`	3 months	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2022-09-06` - `2023-09-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
gblcdn.com GTS CA 1P5	`2023-04-23` - `2023-07-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-15` - `2023-05-16`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-16`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-05-02` - `2023-07-11`	2 months	crt.sh
ck-ie.com Go Daddy Secure Certificate Authority - G2	`2022-11-12` - `2023-12-14`	a year	crt.sh

This page contains 57 frames:

Primary Page: https://g37.com.br/
Frame ID: CB8ED1F7E24C4F23EA9DB8A5331539AE
Requests: 161 HTTP requests in this frame

Frame: https://www.currency.wiki/widget/embed?wd=1&f=USD&t=BRL&cs=&d=3&tm=1683647156&lang=pt-BR
Frame ID: B46F8F9F9A3E3726D72AA6C4FD66D1D9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20190131/zrt_lookup.html
Frame ID: 9232CFCA82C55ADB75F600F61F890C36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&adk=2969136045&adf=3689892565&lmt=1683647156&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fg37.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647403065&bpp=13&bdt=1165&idt=917&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5511825866770&frm=20&pv=2&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1062
Frame ID: 889606FCC0D2982CB62CB89ECFE1B81C
Requests: 1 HTTP requests in this frame

Frame: https://www.currency.wiki/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
Frame ID: 39C171B0BA633D8B2D3E5B6A9EA1EFD6
Requests: 3 HTTP requests in this frame

Frame: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CF931B713ABD5DFF0F096955F3C32BB4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3442124017&pi=t.aa~a.237511901~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=3&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0&nras=2&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2TgFHOqYfA&p=https%3A//g37.com.br&dtd=7
Frame ID: 5B87B08350B5D1BE5BA0456F858BE957
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3186548570&pi=t.aa~a.897594617~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=3&bdt=3122&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250&nras=3&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=B4LssDECZI&p=https%3A//g37.com.br&dtd=15
Frame ID: 05C356D43783CD5F1EB541071510B21D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3416437488&pi=t.aa~a.1794496191~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3122&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250&nras=4&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3095&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=jobkHkVD9F&p=https%3A//g37.com.br&dtd=20
Frame ID: 672F63FB797E5CC87B196D6E0FF85404
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25
Frame ID: 0BF3FE6B5019830FF11FB962AB446B4F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=4145752843&pi=t.aa~a.2342164841~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=1&bdt=3122&idt=2&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250%2C305x250&nras=6&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=4677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=K5nqxETwZd&p=https%3A//g37.com.br&dtd=31
Frame ID: D3D7450322AC52430A7F147F53AE044C
Requests: 1 HTTP requests in this frame

Frame: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9C921ED1EA88FEF46F4C80B8010385CB
Requests: 30 HTTP requests in this frame

Frame: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 03356B61F579F356B9DDC9AB807A0B35
Requests: 20 HTTP requests in this frame

Frame: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7F2EE904ED23A1C0DB86693A61ABC7EE
Requests: 20 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E9D4DC99F5E09F421940B5DF34D36079
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1
Frame ID: D21BFEFA3546D0C84D3C5F3B151369C0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1
Frame ID: B8DFB8B25AA0122D7E3B2754AAF3093E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhDL7aGYAxjgx_rdATAB&v=APEucNU51RsDUUEvNx7astmJr5JWwE1ZbfCqRNSv1KNl-nL7PevbbSBDxTMltlruQvE9OHF8plMB9vPq5CawdXkFs4-F_OcV_i6D99CcYD7j4tRiI4JMJprSoqCVc1gn0lQNyvsCy93c4WufaWORTErOO4pDSLghyeNjcMHAdJx6SFLvPCvIlSY0T153X6QAkq76HzWSuv8WSF4OT0uv3fwLpCetYnbJSw
Frame ID: 7F15DCFB15461A1AD47C8AE2C1506426
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYgfS4ygEwAQ&v=APEucNU3GFlGZXfv-prOvDTYUSCXDiVFqm4VKYgb0Ay8mPfy28yBCib1f2NMNWtgugcjPAdZrGX6xn1ebCs_7-qklkeZU-9z6J0kgiJi4HMaBqRLbUXx5LNvbhWMvE4NJQ2Yfl1TQg6d3STH7NgiasfRMWCDOmT37e7zKSqACX0O3R-B_Wt1ZgfKNyDC14oiSrUMLbLm4hvvtBLEBRPYCbaaVdudEilUuQ
Frame ID: A01A15E5A770C8ABA97E7EFD6664B700
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYgfS4ygEwAQ&v=APEucNVVWwdqLZ6tyrwSv3QQ08AtNnR50dZnoLYyeBTG22cGMqb7jQNBn2lsgz0QfbLj35HkOtAYuuGkUB6FZnPJQ33PZ-hjynugaia5RXtTcclglmgOqSom9pzONEDsBzj5Z2VjGoUMVBU96nRGrD8cT0bQ6uN45h-C7h_XmJbe7kAPcnP2TvzJXLeFMlOjUxmb22n7fCjZophaghpkKb84Kvck9bdT4g
Frame ID: DC586ABDF0E71689F6044D9325AA34D4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDqxaqlAhjEyuWZATAB&v=APEucNWjaqmwWFq6fAkVM-unO-m-cm6n5VQbygQ6TZcarkax8azh5vsB4CseDdy4-XFgr7GStikNFaUgdghq0dmo-6MfKJ9ErOfPIu2kWLeoLpi9ryYbjhR6ntDyuG9ofweFPcV1PK5zarzjtb4juhgi3EHamFrG1oiIPkbdum05NEvjNQhQ4yE
Frame ID: B1DDBDCF65C7B37F51857F324E2139B0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CD6DA03EA437CDEB97B529EAF6F9B5C7
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 4BBED289601665EB159B82AAA8BAE181
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Frame ID: F7F244A1374F5FE693042FC1DDF962C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5C4A4AAAB413B1DADBC8B12F1752DEDE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E87E33E5E8A97B0ED89F02598200270C
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3BFF5704F7D97137B8F1CE212F1CE193
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9EDCC857112584F37B021EC342E8C7C6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 417878D124558B54E9EBA23DFD23BD55
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html
Frame ID: 68567BCB4AAE7E86EAC1CCB1A4873979
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html
Frame ID: DB882483D7F6C0A552C4AD27BC55D302
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 132DADFB60888EA4BD232D80B23F7733
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 52A054EFFB6799D7EF13A9F4CC713589
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 904C4FA40AAE85A7E50B0A2A3BD079F6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 997B919DA6A8BDC61944974FCBF0D8E9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Frame ID: B34EF6F73990EF00C477C75A13654356
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AAB0FCC2653DEC82AFE1FB2E9C4F3E83
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C1970F71F3FEC2D03DD260EAAC3BA9F5
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 6B7BF935304F142D142FDB8E1EA599F7
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5FE137A8F726EB6FCE3BA093FC2DC95B
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1683647404548
Frame ID: 552ADDD32A0065C7548EFB1650C63DBC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 372AFE8128C54976E9DB2D6E3ABF239B
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6ED3C301AC49CDDBFF551E23F9CA67F0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3EEE636281A45960515B57DC5335207A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 38703256DE37BAEDC7ADC19FE37AF8AD
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: BE2AE158E31AC18A37965ADCF4CEEC6F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: F2D635CEC0CFB0ACA51ED470A4E70A17
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Frame ID: F6F2EE7B82A3921D0BEC22275A95CEAD
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-55a9daad-5186-40e4-b294-b122d47bf882-003
Frame ID: 2FFD95CB96FD3994C05D16B617CC22E1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/40047c75-b388-5281-acaf-ee4dc8f585fd
Frame ID: 928867EAF4383D2C64FD6F10CEC5E412
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: BDF6BA596B3CA35E7F1F067BB6D270BF
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/8639980375ede171cf5c1e6d138ea?gdpr_consent=&gdpr=0
Frame ID: 86E59799D5399F21596104D8CCFDC9C4
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 662390E4DDA1FC90959E57FD3CEC6D20
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 2402CB90036C78FB8B546C10C9979ADE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/fwO1ZpaKDHR7UxaZEaWy?pi=smilewanted&tc=1
Frame ID: A3F8E8AE08AAA2EAED465D9E4A61A580
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=cb013480b56dd946997bd5e1b4bf77eb
Frame ID: 50241D7990084EDAC3F132F4B53DC5CF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 5AAA0FC4563F61353A93EE68CB0A74BF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Portal G37

Page URL History Show full URLs

http://www.g37.com.br/ HTTP 301
https://g37.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

442
Requests

88 %
HTTPS

52 %
IPv6

68
Domains

104
Subdomains

74
IPs

15
Countries

7530 kB
Transfer

16022 kB
Size

76
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/portal_g37/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/PortalG37
Title: YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/portalg37
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/portalg37
Title: Facebook

Search URL Search Domain Scan URL

URL: https://gml-grp.com/C.ashx?btag=a_16847b_1823c_&affid=5253&siteid=16847&adid=1823&c=

Search URL Search Domain Scan URL

URL: https://www.divinopolis.mg.leg.br/

Search URL Search Domain Scan URL

URL: https://www2.gerdau.com.br/?utm_source=portal&utm_medium=banner&utm_campaign=gerdau_germinar&utm_term=g37

Search URL Search Domain Scan URL

URL: https://sintramdiv.org/

Search URL Search Domain Scan URL

URL: http://www.avivar.com.br/?utm_source=Portal+G37&utm_medium=Banner&utm_campaign=Lan%C3%A7amento&utm_id=Bacon+de+Frango&utm_content=G37-970X194-AD

Search URL Search Domain Scan URL

URL: https://www.sicredi.com.br/home/?utm_source=Portal+G37&utm_medium=Banner&utm_campaign=Institucional&utm_id=Alternativa&utm_content=G37-820X120-AD

Search URL Search Domain Scan URL

URL: https://www.patiodivinopolis.com.br/?utm_source=Portal+G37&utm_medium=Banner+&utm_campaign=Riachuelo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sicoobdivicred/

Search URL Search Domain Scan URL

URL: https://cssjd.org.br/c/noticias/organizacao-nacional-de-acreditacao-ona-certifica-o-complexo-de-saude-sao-joao-de-deus

Search URL Search Domain Scan URL

URL: https://wa.me/5537999028804?text=Vi+o+an%C3%BAncio+de+voc%C3%AAs+pelo+G37%21+Gostaria+de+saber+sobre+a+vaga+de+motorista.

Search URL Search Domain Scan URL

URL: http://www.mx72.com.br/?utm_source=Portal+G37&utm_medium=Banner

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/HDm0kNYEGAq4pUPiWtq9QE

Search URL Search Domain Scan URL

URL: https://www.agenciaoficio.com.br/?utm_source=Rodap%C3%A9&utm_medium=Link&utm_campaign=Assinatura+Site&utm_id=Portal+G37
Title: OFÍCIO

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.g37.com.br/ HTTP 301
https://g37.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://www.currency.wiki/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://www.currency.wiki/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6HGVAsnXV3Y7NYcxXUXP4&google_cver=1

Request Chain 206

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFprrW2LUVt48dcKqOYnBwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF1lNODqHR6OBx5pWuc6XmY&google_cver=1

Request Chain 208

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDzTljw9SZwcS3L0ZkLKSjo&google_cver=1

Request Chain 210

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFprrW2LUVt48dcKqOYnBwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF1lNODqHR6OBx5pWuc6XmY&google_cver=1

Request Chain 212

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDzTljw9SZwcS3L0ZkLKSjo&google_cver=1

Request Chain 214

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFprrW2LUVt48dcKqOYnBwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF1lNODqHR6OBx5pWuc6XmY&google_cver=1

Request Chain 216

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1

Request Chain 239

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFprrW2LUVt48dcKqOYnBwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENSOLJupKtl-8kIN8RsiS5I&google_cver=1

Request Chain 240

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENOnqWiKXb0wic6mzkrjkeA&google_cver=1

Request Chain 241

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D

Request Chain 262

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 281

https://fw.adsafeprotected.com/rfw/st/1128384/68656984/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=26643843&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=18537685671&bidurl=https://g37.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ilDeKgbpk9j9Uk4s14Tup3&adContainerId=gcc_rWtaZICMKdW8x_AP6M-X8Ac&cbFunctionName=goog_wrapCb_rWtaZICMKdW8x_AP6M-X8Ac&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fg37.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fg37.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:46ebc884-7e3f-d1c9-26f6-4233fad8f535,c:c8it5l,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5cf46fd95f-dctqm,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tDM8W49+11%7C121%7C13%7C14%7C15%7C161%7C17%7C18%7C191%7C192%7C1a%7C1b*.1128384-68656984%7C1b1%7C1c1%7C1d1%7C1e1%7C1f1%7C1g%7C1h,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:39,oid:2b1ebcef-ee81-11ed-8ea0-52bf6f68a41b,v:19.8.411,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}

Request Chain 296

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBY66_r7G6WtbxDKXabAMGo&google_cver=1&google_push=ATf1kGPwRQDMW9ftxEgGnINmwBcZXqIBXtWDzO4QoQibfvPXN1QwV8Ar72gpzaDJ-QC9kbPrLfhcgOkQGFpfSB0pk1b7-hHF4KFBtVFJ0x0HPmMDyNhd9S5Fj7LIYPoeDZsRPOpQwOmeTm0uYLiEWLt-JA5NIg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM4ODQ0NjE3NjM0NDc5NjIxNg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENz3kXNFkVppXxGAzmVT1jc&google_cver=1

Request Chain 298

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMkC-MUZWjXgc6IuXmN7Eyk&google_cver=1&google_push=ATf1kGMq3AFgsCYajSTf0POQ7jM_HWjE_NxdUK46QU92BI0v6uR1ABngynjMY_K1K-mlOzE-YyjDHiMKHVGAROPazbkN1iCu-sX1B8q8Lm6-p8uXhzt0hwHPI3TdbELDSwPqj-OkdVDUedRgutSKSU108tlx6Iw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMkC-MUZWjXgc6IuXmN7Eyk&google_push=ATf1kGMq3AFgsCYajSTf0POQ7jM_HWjE_NxdUK46QU92BI0v6uR1ABngynjMY_K1K-mlOzE-YyjDHiMKHVGAROPazbkN1iCu-sX1B8q8Lm6-p8uXhzt0hwHPI3TdbELDSwPqj-OkdVDUedRgutSKSU108tlx6Iw

Request Chain 299

https://um.simpli.fi/gp_match?google_gid=CAESEJzTjhb9FIQTHsow2KNDBB4&google_cver=1&google_push=ATf1kGM8OYArWqIr__xCgXEEgyT2vU4ljM09clMBCcR-gUpmzKVS_I5Q_wv7sbIsduMdWuf2L-C4p81m56LOfAb3o2IYstUk_ffjLFeN8wZ8iLpxAj_ABxaakVXUfTCPejQvpLRMqR5W7vQ351uAlIsCEpqenTE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1DA4CFC031A45298F0B3F7769AADDBE&google_push=ATf1kGM8OYArWqIr__xCgXEEgyT2vU4ljM09clMBCcR-gUpmzKVS_I5Q_wv7sbIsduMdWuf2L-C4p81m56LOfAb3o2IYstUk_ffjLFeN8wZ8iLpxAj_ABxaakVXUfTCPejQvpLRMqR5W7vQ351uAlIsCEpqenTE

Request Chain 301

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELEv64KnNnCqK4eMHIwNyBU&google_cver=1&google_push=ATf1kGM-dokJChW8jo8sSzsrv9IdL8HRwuStrTTyZrMw4OM8vURYzBEQfabLHpdHQOanakHokJs5n25u_bML3MlQj1CZQlWP4fHTF-M-V46rAin_PBaVUlwEJ_X4iq84S-UEGS61Sa8ghj5Seg_d-VW5Y19-9ks HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELEv64KnNnCqK4eMHIwNyBU&google_cver=1&google_push=ATf1kGM-dokJChW8jo8sSzsrv9IdL8HRwuStrTTyZrMw4OM8vURYzBEQfabLHpdHQOanakHokJs5n25u_bML3MlQj1CZQlWP4fHTF-M-V46rAin_PBaVUlwEJ_X4iq84S-UEGS61Sa8ghj5Seg_d-VW5Y19-9ks HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjcxNjg5MTQ2NjU4MzYyOTU5OQ&google_push=ATf1kGM-dokJChW8jo8sSzsrv9IdL8HRwuStrTTyZrMw4OM8vURYzBEQfabLHpdHQOanakHokJs5n25u_bML3MlQj1CZQlWP4fHTF-M-V46rAin_PBaVUlwEJ_X4iq84S-UEGS61Sa8ghj5Seg_d-VW5Y19-9ks

Request Chain 302

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIJRBONGZxU-MZtlzZtXOP0&google_cver=1&google_push=ATf1kGMQRrPklrfP5svEijvo3WI9lDAyWMpCeDjh6n8scTd5piiFerO5t2DwIThIrycN1knur6yhQwmKRKWKHnjiYYI4p6h4M41SWce7Sbhp7KwCP6WzkdDSu-Ci4_Pinx3wtXWIk6JwVULZftvfrLp5WxCH8rc HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIJRBONGZxU-MZtlzZtXOP0&google_cver=1&google_push=ATf1kGMQRrPklrfP5svEijvo3WI9lDAyWMpCeDjh6n8scTd5piiFerO5t2DwIThIrycN1knur6yhQwmKRKWKHnjiYYI4p6h4M41SWce7Sbhp7KwCP6WzkdDSu-Ci4_Pinx3wtXWIk6JwVULZftvfrLp5WxCH8rc&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yaGd1P3ESnuD7wqMWjC4CA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMQRrPklrfP5svEijvo3WI9lDAyWMpCeDjh6n8scTd5piiFerO5t2DwIThIrycN1knur6yhQwmKRKWKHnjiYYI4p6h4M41SWce7Sbhp7KwCP6WzkdDSu-Ci4_Pinx3wtXWIk6JwVULZftvfrLp5WxCH8rc

Request Chain 304

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 318

https://s.uuidksinc.net/match/47/?remote_uid=CAESELmGP4lsiHGtv-2RiUS7V0g&c_param1=ATf1kGObQbW6f-RPTs3nJMvQRUrjB2WFtWpZ_1psl8p5B3Ev9fws5OJHSbzCb-j0UXKWIcfBJ4Fc4dsb4rDzZh3h61H-OdKoeso&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGObQbW6f-RPTs3nJMvQRUrjB2WFtWpZ_1psl8p5B3Ev9fws5OJHSbzCb-j0UXKWIcfBJ4Fc4dsb4rDzZh3h61H-OdKoeso

Request Chain 320

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEP1JyP5kyLMtDXHjZPct6V8&google_cver=1&google_push=ATf1kGM4Wl137UAJm9yDASzlJhok7bQKrYZrmFqPye2lRXFJoh1NobKFH2hnIX_3V6fNpltuBa97UzOUBFUScdPc12ArDSv89aoN HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEP1JyP5kyLMtDXHjZPct6V8&google_push=ATf1kGM4Wl137UAJm9yDASzlJhok7bQKrYZrmFqPye2lRXFJoh1NobKFH2hnIX_3V6fNpltuBa97UzOUBFUScdPc12ArDSv89aoN&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGM4Wl137UAJm9yDASzlJhok7bQKrYZrmFqPye2lRXFJoh1NobKFH2hnIX_3V6fNpltuBa97UzOUBFUScdPc12ArDSv89aoN&google_hm=djNsRXhfUWVUY3cwQ0ttOUxmbE0=

Request Chain 321

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEZ9b42mpacLnrt1ZJYhRlA&google_cver=1&google_push=ATf1kGOz07B4oB47YJ53WU6V4huMNiEhsN6qHmaCmTEPFmtyjNJ2P2v9HS5uacdLIf4XtJTBfUp2od9_9e8fLyjEDayt9MqjqJgp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yaGd1P3ESnuD7wqMWjC4CA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOz07B4oB47YJ53WU6V4huMNiEhsN6qHmaCmTEPFmtyjNJ2P2v9HS5uacdLIf4XtJTBfUp2od9_9e8fLyjEDayt9MqjqJgp

Request Chain 322

https://match.360yield.com/match/ebda?google_gid=CAESEE6o-cjmhAItkYZp8vdYTFY&google_cver=1&google_push=ATf1kGMUtIziKZngXobMXvKHL5lLqYR__XWZ9-rnOo42Vi6OWvbameqfeljHutlfMetO5uBGuAeulKoOOycOIPLlqJovDdxGjM4 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEE6o-cjmhAItkYZp8vdYTFY&google_cver=1&google_push=ATf1kGMUtIziKZngXobMXvKHL5lLqYR__XWZ9-rnOo42Vi6OWvbameqfeljHutlfMetO5uBGuAeulKoOOycOIPLlqJovDdxGjM4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=df1JIjaiQLGWAYj9frAMWQ&google_push=ATf1kGMUtIziKZngXobMXvKHL5lLqYR__XWZ9-rnOo42Vi6OWvbameqfeljHutlfMetO5uBGuAeulKoOOycOIPLlqJovDdxGjM4

Request Chain 323

https://an.yandex.ru/mapuid/google/CAESEEd7DfXqimGZ2plDP4_wtA4?ext-param=ATf1kGMuRsmL1QpKKrvt8NosEGJNJviN3HdoQEj7eTcHJ4PtmllgSEcTFulk95aCgAB32ENZhaWvHaR9h6nsWlteD6xjsUvnpJBBHA&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEEd7DfXqimGZ2plDP4_wtA4?redir-setuniq=1&ext-param=ATf1kGMuRsmL1QpKKrvt8NosEGJNJviN3HdoQEj7eTcHJ4PtmllgSEcTFulk95aCgAB32ENZhaWvHaR9h6nsWlteD6xjsUvnpJBBHA&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEd7DfXqimGZ2plDP4_wtA4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 326

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHHBy3a77STtlLHADzzSEec&google_cver=1&google_push=ATf1kGOHKSCkAATXSeOPGU3lyA65KUQl87K_9NiodzTohwVqA8tdAEqASxCZ6jJi7uLJO9rqaCnw1xefzYgI5DrQq4TZLNVJApObOg HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOHKSCkAATXSeOPGU3lyA65KUQl87K_9NiodzTohwVqA8tdAEqASxCZ6jJi7uLJO9rqaCnw1xefzYgI5DrQq4TZLNVJApObOg&google_hm=soos8x8FWHkWzCF07Y6ITg

Request Chain 328

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECCdwv4s4wtyPbsOb2jaUFc&google_cver=1&google_push=ATf1kGPEYdfyAtvZvx_EfRByANLrKuWnQ-ZFyjrpHxBTW1JUwUJGrPXlrJJt5-ar-KU01xCsx5oHqFvpvGBBrVKF7E_RY2A4mp49oFs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPEYdfyAtvZvx_EfRByANLrKuWnQ-ZFyjrpHxBTW1JUwUJGrPXlrJJt5-ar-KU01xCsx5oHqFvpvGBBrVKF7E_RY2A4mp49oFs

Request Chain 329

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHC1FfMZXoHp-5ppMSBBIHg&google_cver=1&google_push=ATf1kGMJEb-A0AxyToju4ACCrPRu1T42UyLnxXSDhhiezu6gRvn8wuB513R50mIMKR_rNUwuje97jdck3N2ZT2zpLkIm8PNX3hRVow&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMJEb-A0AxyToju4ACCrPRu1T42UyLnxXSDhhiezu6gRvn8wuB513R50mIMKR_rNUwuje97jdck3N2ZT2zpLkIm8PNX3hRVow%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHC1FfMZXoHp-5ppMSBBIHg&google_cver=1&google_push=ATf1kGMJEb-A0AxyToju4ACCrPRu1T42UyLnxXSDhhiezu6gRvn8wuB513R50mIMKR_rNUwuje97jdck3N2ZT2zpLkIm8PNX3hRVow&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMJEb-A0AxyToju4ACCrPRu1T42UyLnxXSDhhiezu6gRvn8wuB513R50mIMKR_rNUwuje97jdck3N2ZT2zpLkIm8PNX3hRVow%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 330

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIcoXi7fnZwsxh33pmEod04&google_cver=1&google_push=ATf1kGMAyqzxliDmpP_tDT6gM4fYX_Raeun6byhH4AWwb-9_0O3rF5hRo9htSSHTak3cz-To41VHCAnIruQN3FJg943I0ez1pyJMn5o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIcoXi7fnZwsxh33pmEod04&google_push=ATf1kGMAyqzxliDmpP_tDT6gM4fYX_Raeun6byhH4AWwb-9_0O3rF5hRo9htSSHTak3cz-To41VHCAnIruQN3FJg943I0ez1pyJMn5o

Request Chain 331

https://um.simpli.fi/gp_match?google_gid=CAESECXzgc9JilR7Xcoe8OrcN1w&google_cver=1&google_push=ATf1kGOczln7ZkkTsBYqnQ1AjbQbTy9qDixr6kzkmgUI_2jylUQzoQD73896XRk2wHUzpv2-FcTzH0ao5N7Zj3-PvNpmJppTnRL0SQY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1DA4CFC031A45298F0B3F7769AADDBE&google_push=ATf1kGOczln7ZkkTsBYqnQ1AjbQbTy9qDixr6kzkmgUI_2jylUQzoQD73896XRk2wHUzpv2-FcTzH0ao5N7Zj3-PvNpmJppTnRL0SQY

Request Chain 332

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGLbGpStGDbrcRZzW3a1aa8&google_cver=1&google_push=ATf1kGN-p1CeWAGyHN9mZv3C29zarfeOPXEj6bOZatmhuYlHd6CewpGOjUMtAKpWPI4LJ0SqqGKBdla4lzQQbTtX17-6yWEuHNWDdY4 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGLbGpStGDbrcRZzW3a1aa8&google_cver=1&google_push=ATf1kGN-p1CeWAGyHN9mZv3C29zarfeOPXEj6bOZatmhuYlHd6CewpGOjUMtAKpWPI4LJ0SqqGKBdla4lzQQbTtX17-6yWEuHNWDdY4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGN-p1CeWAGyHN9mZv3C29zarfeOPXEj6bOZatmhuYlHd6CewpGOjUMtAKpWPI4LJ0SqqGKBdla4lzQQbTtX17-6yWEuHNWDdY4&google_hm=lJVbSXD9RNSLMwFRxAC-zw==

Request Chain 337

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEC8cs6aSlGzYe0MoXxUixkU&google_cver=1&google_push=ATf1kGOgNMF5Dw6Ycb2f9c7IZZcX19YZvmdFo4SL1hDW7mHf8yG_V56rbM5blULxHS7jpqvNKWAjNYCFbMa-X_gL2zuSEJ-Hy4Wd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ysFkWmuuQwChPtfp9D_W7g&google_push=ATf1kGOgNMF5Dw6Ycb2f9c7IZZcX19YZvmdFo4SL1hDW7mHf8yG_V56rbM5blULxHS7jpqvNKWAjNYCFbMa-X_gL2zuSEJ-Hy4Wd

Request Chain 338

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFxILGYtWwBihcEP7MORPXw&google_cver=1&google_push=ATf1kGNk3ZCfEPNko5UDjXL8J17PoBwkh8PNnTvw20ZaJdE4UPy08xLCw1SDJBm2RpJnm82p3bQThU3L2Ja13fRp0KPU7CHM11QyEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMTIxMDU1MTA2MTM3OTIxOQ%3D%3D&google_push=ATf1kGNk3ZCfEPNko5UDjXL8J17PoBwkh8PNnTvw20ZaJdE4UPy08xLCw1SDJBm2RpJnm82p3bQThU3L2Ja13fRp0KPU7CHM11QyEA

Request Chain 339

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO94M_8dxcXMAYanmM_tZ8M&google_cver=1&google_push=ATf1kGNJYjvVpRVhzId9lCA25JEB8_nrnzK5fAwBlKU7aaMNH1_a7ukcgzskn-fYH2EsaQs4nU7pXFySDLz03XC2uwKzl0kKithoiw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNJYjvVpRVhzId9lCA25JEB8_nrnzK5fAwBlKU7aaMNH1_a7ukcgzskn-fYH2EsaQs4nU7pXFySDLz03XC2uwKzl0kKithoiw&google_hm=eS0ydHAxRGVGRTJwSGNFUG14OFhocVYwM21PVXRkYS41S35B

Request Chain 340

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENk4AQzR2ukoCAUkLrHnhKs&google_cver=1&google_push=ATf1kGOgsbrNfsJu8kqXvkuvdSK3ju-S07fD3kakw_UF2J0SlCCkcUiFtinnGBJ8vfNDMtN0eYFZtCkCuvUvrSJjl51l6ij5a_ZOYg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENk4AQzR2ukoCAUkLrHnhKs&google_cver=1&google_push=ATf1kGOgsbrNfsJu8kqXvkuvdSK3ju-S07fD3kakw_UF2J0SlCCkcUiFtinnGBJ8vfNDMtN0eYFZtCkCuvUvrSJjl51l6ij5a_ZOYg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOgsbrNfsJu8kqXvkuvdSK3ju-S07fD3kakw_UF2J0SlCCkcUiFtinnGBJ8vfNDMtN0eYFZtCkCuvUvrSJjl51l6ij5a_ZOYg&google_hm=Gng2qGZHDt5RukUpQcieoMPJ

Request Chain 341

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKwE7CBudvtKFO8wJWt-6Hg&google_cver=1&google_push=ATf1kGPi0cm3lppFGWwaRJ37aWLf_aEXV2qlgFlJ5GNaB95Za40kXpMibCQFmM5d_Y7tcWT4SSM7q2lN9otHi7axUVzg9VXyXKsQkQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGPi0cm3lppFGWwaRJ37aWLf_aEXV2qlgFlJ5GNaB95Za40kXpMibCQFmM5d_Y7tcWT4SSM7q2lN9otHi7axUVzg9VXyXKsQkQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1683647407025 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-55a9daad-5186-40e4-b294-b122d47bf882-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPi0cm3lppFGWwaRJ37aWLf_aEXV2qlgFlJ5GNaB95Za40kXpMibCQFmM5d_Y7tcWT4SSM7q2lN9otHi7axUVzg9VXyXKsQkQ%26google_hm%3DA1Wp2q1RhkDkspSxItR7-II HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPi0cm3lppFGWwaRJ37aWLf_aEXV2qlgFlJ5GNaB95Za40kXpMibCQFmM5d_Y7tcWT4SSM7q2lN9otHi7axUVzg9VXyXKsQkQ&google_hm=A1Wp2q1RhkDkspSxItR7-II

Request Chain 342

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEMWurYKb1vlUiGwY3MN-05Y&google_cver=1&google_push=ATf1kGPdx3spgDgnO3_M-uLy489xfVRmdblw8K8RDH0ISHaF-k_dhiVslXBuFcFf_9uQd--6TqvtSpW4BXaRQicSagY2ifF3YL7QNg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGPdx3spgDgnO3_M-uLy489xfVRmdblw8K8RDH0ISHaF-k_dhiVslXBuFcFf_9uQd--6TqvtSpW4BXaRQicSagY2ifF3YL7QNg&google_hm=WkZwcnI4Q281dWtBQUxIdUFTc0FBQUFB

Request Chain 346

https://a.tribalfusion.com/i.match?p=b6&u=CAESEK4JqmvBCizN0wlljfN9bZ8&google_cver=1&google_push=ATf1kGNhY4MFsHPVaLvLvqlh46pRVDycfHDZAUZavZa425IHCA_FP0AylZCW5rVi_099UZ0PS5atoYz3vpsr2xMaFks9FTXssac&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNhY4MFsHPVaLvLvqlh46pRVDycfHDZAUZavZa425IHCA_FP0AylZCW5rVi_099UZ0PS5atoYz3vpsr2xMaFks9FTXssac%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK4JqmvBCizN0wlljfN9bZ8&google_cver=1&google_push=ATf1kGNhY4MFsHPVaLvLvqlh46pRVDycfHDZAUZavZa425IHCA_FP0AylZCW5rVi_099UZ0PS5atoYz3vpsr2xMaFks9FTXssac&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNhY4MFsHPVaLvLvqlh46pRVDycfHDZAUZavZa425IHCA_FP0AylZCW5rVi_099UZ0PS5atoYz3vpsr2xMaFks9FTXssac%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 347

https://um.simpli.fi/gp_match?google_gid=CAESEAh5spvkZj-W-uOA1pm36zo&google_cver=1&google_push=ATf1kGMXUjjXaz_ukEkpf386cAYR_1CZHUX_yfodtEpIV-FmonD-yB8araSRzKHFgbXifiyt0PPIqOh84J1wsHr2JvhsL4LRgkG3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1DA4CFC031A45298F0B3F7769AADDBE&google_push=ATf1kGMXUjjXaz_ukEkpf386cAYR_1CZHUX_yfodtEpIV-FmonD-yB8araSRzKHFgbXifiyt0PPIqOh84J1wsHr2JvhsL4LRgkG3

Request Chain 349

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENk4AQzR2ukoCAUkLrHnhKs&google_cver=1&google_push=ATf1kGPB1SSc24uNb5HSeqeAKULC3JgYQg0jTrZOF0eqSN64gycTsD7HxWSBFFjillCde05wvOYT2KZRrNS0MA9ELr3XdGVrdxQ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENk4AQzR2ukoCAUkLrHnhKs&google_cver=1&google_push=ATf1kGPB1SSc24uNb5HSeqeAKULC3JgYQg0jTrZOF0eqSN64gycTsD7HxWSBFFjillCde05wvOYT2KZRrNS0MA9ELr3XdGVrdxQ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPB1SSc24uNb5HSeqeAKULC3JgYQg0jTrZOF0eqSN64gycTsD7HxWSBFFjillCde05wvOYT2KZRrNS0MA9ELr3XdGVrdxQ&google_hm=Gng2qGZHDt5RukUpQcieoMPJ

Request Chain 350

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOxCWuRYBdzFlAObLvqyrQ0&google_cver=1&google_push=ATf1kGM5vtYiNtICi5ILPxB8K7C3rcKpQ5bEb0H-jWI6syK_RHPn4IB9mVp3I5T8n9uxcSpetN__KY6_F0m34Q2dg24-JEZcZWE1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM5vtYiNtICi5ILPxB8K7C3rcKpQ5bEb0H-jWI6syK_RHPn4IB9mVp3I5T8n9uxcSpetN__KY6_F0m34Q2dg24-JEZcZWE1

Request Chain 351

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEMWurYKb1vlUiGwY3MN-05Y&google_cver=1&google_push=ATf1kGP2pLg3vaPZYOGmf_Y3HwCIJfxSEG4qTK37QNJCiDsGW3emjb7cj8WDkQ1Lb0nyGBpMC4bVOA-oK02YFEKzeNBZSXtzC_lL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGP2pLg3vaPZYOGmf_Y3HwCIJfxSEG4qTK37QNJCiDsGW3emjb7cj8WDkQ1Lb0nyGBpMC4bVOA-oK02YFEKzeNBZSXtzC_lL&google_hm=WkZwcnI4Q281dVlBQUFQN0JQZ0FBQUFB

Request Chain 352

https://an.yandex.ru/mapuid/google/CAESEEd7DfXqimGZ2plDP4_wtA4?ext-param=ATf1kGOixq6I2blBvruWCwvZ0mJbtH45LpDRJ-1FOGVNm0yu5FARMceD_3f0_i8NVQN3VJ3GVcTV4wSmLKlu2WXx1ejUd7-FYDHorQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEEd7DfXqimGZ2plDP4_wtA4?redir-setuniq=1&ext-param=ATf1kGOixq6I2blBvruWCwvZ0mJbtH45LpDRJ-1FOGVNm0yu5FARMceD_3f0_i8NVQN3VJ3GVcTV4wSmLKlu2WXx1ejUd7-FYDHorQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEd7DfXqimGZ2plDP4_wtA4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 374

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fg37.com.br%2F&domain=g37.com.br&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=vKOwDnxiRTJSek9jT0Zjekh6ekg5Q05lY3FTekszQVJSSC95cHNsN3NXT3R1dkowcDZVMGZzRFlaSWhVOW42NHM1K1F6d3YrT29Qb0luUEx2cXNXWFN3TFk2N0NwNTlodHIyNHcrbm5oTE95T2VQbWUvZUV6T2pCNWoyRDZUUW0zTWhlcFN2VDlVU0FRcWl4Nll1MmhYQngzSVBNOW14NVowTFRQT0NITm5FTUV2aGFwM2R6RWs3dGJPaFlLTTkwSDZ0RW9zYXJHNEpGWE9JS0dRSHJlZHdSeE1rVmFzaW1oUDVhODlHL0IwQjZJVldzPXw&cppv=2

Request Chain 396

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ28pzPzv_93T2lUdHlxc8Y&google_cver=1

Request Chain 398

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3pQfim43SoGSy6u7_bqQyA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3pQfim43SoGSy6u7_bqQyA

Request Chain 399

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGE1NmI3NGM1NDk1M2YzNDIzNzM2ZmFlNzg5NTQzOWJjMjllYTZhZA

Request Chain 400

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OihmxHIZT6mIaLTy9qEQBA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OihmxHIZT6mIaLTy9qEQBA

Request Chain 401

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHGG6ZNS-B-BANW

Request Chain 402

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/yvBTZ55P661wA0n5wobcNg?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pWdgbpZE2oJzx2QKF5gCwW9ghchRqK9Op5grZw--~A

Request Chain 403

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhHRzZaTlMtQi1CQU5X HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECsnatpoPtYedEU7DgW_C8I&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhHRzZaTlMtQi1CQU5X&google_push=

Request Chain 417

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1318193980 HTTP 302
https://sync.1rx.io/usersync/turn/3388446176344796216?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-55a9daad-5186-40e4-b294-b122d47bf882-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-55a9daad-5186-40e4-b294-b122d47bf882-003 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-55a9daad-5186-40e4-b294-b122d47bf882-003

Request Chain 419

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/40047c75-b388-5281-acaf-ee4dc8f585fd

Request Chain 423

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/8639980375ede171cf5c1e6d138ea?gdpr_consent=&gdpr=0

Request Chain 427

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/fwO1ZpaKDHR7UxaZEaWy?pi=smilewanted&tc=1

Request Chain 429

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=cb013480b56dd946997bd5e1b4bf77eb

442 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
g37.com.br/
Redirect Chain

http://www.g37.com.br/
https://g37.com.br/

588 KB
87 KB

286ms
222ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3300157bdc34ae69fac7daeed3cd627821f82c4541cb5e6e96b302929aa54a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=55, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c4b18848b3518c5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 09 May 2023 15:50:01 GMT
host-header: WordPress.com
last-modified: Tue, 09 May 2023 15:45:56 GMT
link: <https://g37.com.br/wp-json/>; rel="https://api.w.org/" <https://g37.com.br/wp-json/wp/v2/pages/1020>; rel="alternate"; type="application/json" <https://wp.me/PdLQgj-gs>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxgRuxR%2FC4y0rWxhmIM2NBTCaMqmHAmBZWPRiwpNrwY9EygvXfw5HoyO93%2BPMxgM7G7h4s0E3a0Pk5KhoP0eHpRo0A0u1pg2FM5zV7ibM7bcPPV5qS4T%2FP7lJeg21fV9dhQiIfr6FBEF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 2.hhn _atomic_ams BYPASS
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
x-nananana: Batcache-Hit

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7c4b1883ba929243-FRA
Connection: keep-alive
Content-Type: text/html
Date: Tue, 09 May 2023 15:50:01 GMT
Location: https://g37.com.br/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZCx37BIVgo43FyodeaMSHRS9r5NqHnQQtsfavNUyfveIz%2F%2B3yxjwMf1m01qNxWfen5jjXfGYkUlh5Zs%2BDbYJGh2gn2fkRB6%2Foph0eS5chEBGZU1577srJifzv3K2iOL8u2LYgu8KJj64%2BZfvw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-ac: 5.ams BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 65ms
19ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 19:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 19:03:11 GMT

GET
H2 200 wp-emoji-release.min.js Show response
g37.com.br/wp-includes/js/ 18 KB
5 KB 30ms
29ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.2

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:01 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 729800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: cloudflare
etag: W/"63db0985-4904"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=li1cel9UqRd5JFkcCmqRCwD6FKviDBmzdt8MYoocFw0quZcM7X4rXeT5SJFTfZ%2F7uEpuVixuYx1tV4IZiplAvmjzi4OKfn0NXOR9LPaC81as1jnLib8RPXxffGrW8fF5z4qyAp9JKzTq"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7c4b18863d3b18c5-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
g37.com.br/_static/ 574 KB
97 KB 207ms
207ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/_static/??-eJytkttOwzAMhl+ILJsYaDeIR0Fu4rWhzoE4Wenb425UmsZgq8SNG8f/50OdISkTQ8FQdKLausCaYIy1qDY7q7mMhCvD/DD8FL5jSWD6+ft2wGBj1lBL9FCKM3NEHZzFmDIy66Y6srqhKNdoXRHg6LA+isTiMBd0wVC1KJVYexEDEvqpg3MnSb+YFWELZlx5F27SEjv3z5nLEU2MvUNFMEi6fdSnKjrVhmQ8gS4V6hT6v3ytTfnWAny0lWRQcr3YqzsrncwqBIQAnQZmLHys1wDjtT/wK3BKv4QYnG3lvIjpkBLmZcxeBDAgR3/f+I5c25UmfmoLuVfcu6Anc3fBeQ/cxVxMlLe2qN8ZL/AxIvq/3uG86Qn7Pk/SV/+yed49rp92m/X2C7kPckg=

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

888e63efacfa5335fdc5c9297a9ac8804fa3027eb6c517166bc01381bda8c01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 May 2023 20:08:24 GMT
server: cloudflare
x-page-optimize: uncached
etag: W/"12f9ceb1478a114aa5abbe4be29c88c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAITdYcu4B%2BhEocs9h8%2BCMDVp4qVduGt8C6Iy1BKkuh83pHcPnjcppwCuz0Bla1lkkekje9HqNhb%2FNUMphLRu4dIpbpuncxdOU57H1Mvh9Pp25XuhCrNwf4KMZH3rREMiMVjVTUdhJ0W"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
cf-ray: 7c4b18863d3d18c5-FRA

GET
H2 200 jquery.min.js Show response
g37.com.br/wp-includes/js/jquery/ 88 KB
32 KB 30ms
29ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:01 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2104125
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 Mar 2023 18:37:33 GMT
server: cloudflare
etag: W/"6408d5ed-15ed7"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TA5A6sGW326OXVcLzNS9UtawEddJJFSbcrOZyCOb5Kj8%2BiTjOmFxuAW8aaCYNfjOxeJo%2FnoMKkAItyUIVsxlfm3lT4ioqUwxzc7jnoq15YcVevDd3Wp6L8q3%2Bin%2BpBdwlg6LtnGr78aE"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7c4b18863d3f18c5-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
g37.com.br/_static/ 46 KB
13 KB 205ms
205ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?m=1682692729

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8963d294c9d3666a9a6cc76f8f0ceee212c81e07e8d79667c64d107327e5377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Apr 2023 14:38:49 GMT
server: cloudflare
x-page-optimize: uncached
etag: W/"b70d77233184bf67f306b8d2d93d21f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GopaNasd0of9lHzohTEYZGQEdmAKhi8kTA46uK%2B2T4eU2z%2BiEnYoz3c4BPdb5nJxopye3mVnG5rwobnEkT1e0sjKDrwa8L1rQEB7D3UOOT1Qs%2Fg6pVQO0esplSVR7MoDxwHNjZdPOvPO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7c4b18863d4b18c5-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 90ms
32ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-223565207-1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ba951574347e3dc5c46c4afb188fff206560ffec9f842d67bce311ec39aa331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45813
x-xss-protection: 0
last-modified: Tue, 09 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 May 2023 15:50:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
47 KB 143ms
85ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9615345408743774

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

268be480f403c9153437f06cc4423983ffec519ab9af6160a2c9b52c8fe41db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Origin: https://g37.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47888
x-xss-protection: 0
server: cafe
etag: 13515783709335975583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
47 KB 138ms
80ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9615345408743774&host=ca-host-pub-2644536267352236

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aeb9b5f067cbd3e9dcb263925281e3468cdb89e060ffd1839b5d3422c7f16d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Origin: https://g37.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47891
x-xss-protection: 0
server: cafe
etag: 8560712668447156077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:02 GMT

GET
H3 200 logo-portalg37.png
g37.com.br/wp-content/uploads/2022/03/ 1 KB
2 KB 31ms
28ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g37.com.br/wp-content/uploads/2022/03/logo-portalg37.png

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5eebde867d40a81ae97e3435d28131caca3bc51c4f4f6129ac7321bf755704f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72615
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1460
last-modified: Tue, 31 May 2022 21:44:09 GMT
server: cloudflare
etag: "62968c29-5b4"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OESVk74%2BYe8kSkwi3Z%2FS6Uiv%2Bs%2Bmk0fINm5bNFSH7sKuQ3rMcakN27r02g3MdnBUyGp3QAg5pNozGHgtOrMW9ZD1PgOh3g%2B1P6Gl3mxkw4fa5pZNugDV4loSACJdEl8hq8JDUz8KltnD"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188addbf39d0-FRA
expires: Mon, 15 May 2023 19:39:47 GMT

GET
H2 200 ext.js Show response
b.admasters.media/widget/f0523b42-4ad3-4fe9-b4e2-b195f7906859/ 3 KB
2 KB 258ms
196ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b.admasters.media/widget/f0523b42-4ad3-4fe9-b4e2-b195f7906859/ext.js
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 31cf6a8d923d6a1492fcbb452b3b255fba60888ffeabe8f16b444150cf1457de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"b87-rj4MrWDc7/FtsDpJisZPqQgGhsA"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEnAJgqZ7xb%2FTzFMZl7rI%2Fyx0z2mAReRplcq3g0q1x3EUGfQJFKwkzq1RwPqrLYQi1nBWhHkU9MncQFUfDsZ07tixd77O%2BpVoSdSD7gTrNEF0zw6cIqo7LlKHGSqVwkX5753P0FSO8iUh06M%2Fp6lYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7c4b188b3ce05c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3 200 Banner_animado_rodeo_14_04_23.gif
g37.com.br/wp-content/uploads/2023/04/ 67 KB
68 KB 231ms
227ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g37.com.br/wp-content/uploads/2023/04/Banner_animado_rodeo_14_04_23.gif

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07917176a1b0c542bbc744903ee02a4c204371a21e0988b0069bf98b0f54c304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68642
last-modified: Fri, 14 Apr 2023 18:51:30 GMT
server: cloudflare
etag: "6439a0b2-10c22"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dl6hZM1HzwBgN5XXAqT%2FVf9jXohZTBjBTzcGDGqIJCxw5HXSldq8dAXWtYwUeNT8fJzDq3R2uR%2BlGG9Jxo%2BkaIf5MhJmdFHCGUf%2BpN%2BfVbEKXyUXI7WCwRUC%2Fc2%2BOji4H0uOcqfnx3b8"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188addc139d0-FRA
expires: Tue, 16 May 2023 15:50:02 GMT

GET
H3 200 20230329_ly_BannersInternet_B_728x90px.jpg
g37.com.br/wp-content/uploads/2023/03/ 43 KB
43 KB 694ms
691ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g37.com.br/wp-content/uploads/2023/03/20230329_ly_BannersInternet_B_728x90px.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eabacd75cb4a227b466dcd25139e00aa63f64a0b118325ff22b92e4088ef33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43799
last-modified: Fri, 31 Mar 2023 13:47:41 GMT
server: cloudflare
etag: "6426e47d-ab17"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDi8wCHqlRNU94wv8c%2B4uUhSk7rEOeNCGMlKdwLxKAs2Hf14T8d3o7xUKvFwMeDHpOFp33Lh%2BYCXP%2FxXlm%2BRKYjp6HayShXQUqnUQgw0f%2BCTHeoDj7AiHddqjlOqu6RRyJV1CZWtRWJQ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188addc339d0-FRA
expires: Tue, 16 May 2023 15:50:02 GMT

GET
H3 200 g37-sintram-abril.png
g37.com.br/wp-content/uploads/2023/04/ 65 KB
66 KB 716ms
713ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g37.com.br/wp-content/uploads/2023/04/g37-sintram-abril.png

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b46c6f7e20964b81298dda484f46677574fed9d392840532ed52cbed7a287e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66625
last-modified: Mon, 03 Apr 2023 14:10:54 GMT
server: cloudflare
etag: "642ade6e-10441"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EiUVAy0EVz49RF%2FSYRJHcfqyTYS3D7U80E%2FyaNVtqrgKtgGl1rZ44pJXgZPNsxSFYY8xtK6Kh7LgorpICIbqjoAP7wwPNO8MlSmc0LWd8sBKW0jqMgKTNHeGJHcw67inTldUVIraFae"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188addc439d0-FRA
expires: Tue, 16 May 2023 15:50:02 GMT

GET
H3 200 avivar-AD970x194-bacon-de-frango.jpg
g37.com.br/wp-content/uploads/2022/03/ 29 KB
29 KB 269ms
266ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g37.com.br/wp-content/uploads/2022/03/avivar-AD970x194-bacon-de-frango.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

545ac3ae16ed95d67e93bb3067a65c779e4d00fdaa7ec1df2d735a4660e84e07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams BYPASS
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29383
last-modified: Tue, 29 Mar 2022 13:14:20 GMT
server: cloudflare
etag: "6243062c-72c7"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yc%2FA%2FAmyyG2HaqMHsC41smIRDb2t%2Fknq5dSRpRURRcp0AAddCjs9UeTIAGAokSkOQicV7cNcewui8hahgwxaUmEHGl1OnLtCd4uBnqjgIUmx6805LEGp8SX8%2FOyiPis9zlymgNfkneok"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188addc639d0-FRA
expires: Tue, 16 May 2023 15:50:02 GMT

GET
H3 200 sicred-AD-820x164-alternativa.jpg
g37.com.br/wp-content/uploads/2022/09/ 13 KB
14 KB 208ms
205ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g37.com.br/wp-content/uploads/2022/09/sicred-AD-820x164-alternativa.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3574e2d9bb51b3d538fa73d5e6f56c2c51ee0065e451b70088261fecc832f72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13617
last-modified: Tue, 27 Sep 2022 12:14:24 GMT
server: cloudflare
etag: "6332e920-3531"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcIooXcHzULGowbkd4MtpnI%2FoGgj0Wn6IHL9EwidlvDFuSakDNzqOLXTcYz4F1bZWA7ZTY6INY3NvHXWdRwRtbqfpzEbeWZupgN8r%2BZSHuS3OhnN411ZK%2BzrnaLbgj2YymW9BQByHfPN"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188addc839d0-FRA
expires: Tue, 16 May 2023 15:50:02 GMT

GET
H3 200 Banner_Patio_RCHLO_14_04_23.jpg
g37.com.br/wp-content/uploads/2023/04/ 15 KB
15 KB 32ms
29ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g37.com.br/wp-content/uploads/2023/04/Banner_Patio_RCHLO_14_04_23.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a112c49f0b988044b983dc9a75629c0e408200719c903357b0c9cd8931959b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18827
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15236
last-modified: Fri, 14 Apr 2023 18:44:26 GMT
server: cloudflare
etag: "64399f0a-3b84"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnLdKtMnMb%2BfNTHr6cAKgPj48HJh0ralk8PUKXhkTW7FkyyCvRXxhDEqO1thw4ObafwhngHrZp%2B59M2WTJnHjSZjHGRiafS7Lk7Den4QOd8IVghaPREvNWsDqHsi9zlQ9t3zdcejz8Op"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188addca39d0-FRA
expires: Tue, 16 May 2023 10:36:15 GMT

GET
H3 200 Banner_Divicred_11_01_23.png
g37.com.br/wp-content/uploads/2023/01/ 51 KB
52 KB 347ms
343ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g37.com.br/wp-content/uploads/2023/01/Banner_Divicred_11_01_23.png

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b8e2bb8137f39111920a199ffaed5afc3223477f7831ab69a93ab67e7875b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52613
last-modified: Wed, 11 Jan 2023 17:40:48 GMT
server: cloudflare
etag: "63bef4a0-cd85"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RCPrK%2BtCw%2B4lWc6PJd7UFfNJ8AXPNoxUSwtfngcYCfvcgRX%2FGDt67UbJYkVAirHmzZcics9L2AkwjOVRfqwizsw83RGjzGD%2F4D6E%2FuRI7nimg4WQI%2FZdNDVsNaExy6sYaxZp7XM4Lt5"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188addcb39d0-FRA
expires: Tue, 16 May 2023 15:50:02 GMT

GET
H3 200 cssjd-AD820x140-ona.jpg
g37.com.br/wp-content/uploads/2022/12/ 34 KB
35 KB 40ms
37ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g37.com.br/wp-content/uploads/2022/12/cssjd-AD820x140-ona.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea326de78d6cf890aa6c41b13383c9dde0bb0a700d5a25d193fc2017c41d338d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57562
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35026
last-modified: Tue, 27 Dec 2022 18:04:32 GMT
server: cloudflare
etag: "63ab33b0-88d2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvorWTmLkjMB13W909KhDFJ3DW4lGXTVTNSOMlwHNKGUhxbjaopUYk9%2FjlFL5bApViNAJLXLRo4K6%2BNFdNlzCJuT6dTvNNIJo9dVnWDLONtgXvo0T6AxJcfuaziWtSFqJX5VQNMLtYkF"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188addcc39d0-FRA
expires: Mon, 15 May 2023 23:50:40 GMT

GET
H3 200 trancid_banner_g37_motorista_04_23.jpg
g37.com.br/wp-content/uploads/2023/04/ 55 KB
56 KB 72ms
69ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g37.com.br/wp-content/uploads/2023/04/trancid_banner_g37_motorista_04_23.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3edc2d3457909332a975b69ecc9c3055b756012ad4bff5ce9575abff15ce7f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57172
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56723
last-modified: Thu, 27 Apr 2023 16:24:19 GMT
server: cloudflare
etag: "644aa1b3-dd93"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doj2Ksx4vjl8lucq2sKwNE7el5OZjXd98%2FHHjk1guHhOfqXySVZUnom9RVoFaHMKnTN9LFjg9ccoKpTlnvRiSnbhvMK7Rmddbbb22GDAevKB1AAhX2C6MnXaxixd5L8NTkWlAj66c9on"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188addce39d0-FRA
expires: Mon, 15 May 2023 23:57:10 GMT

GET
H3 200 mx72-1280x192-excelencia.jpg
g37.com.br/wp-content/uploads/2022/03/ 40 KB
40 KB 262ms
259ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g37.com.br/wp-content/uploads/2022/03/mx72-1280x192-excelencia.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4dd815204b6cd3bec2ca31d4a94eaf4a67fb1f3a918a6cf97923049806379e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40696
last-modified: Tue, 29 Mar 2022 13:32:46 GMT
server: cloudflare
etag: "62430a7e-9ef8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLOScZrGIZRYaf0ok3F1jo1OFUV6X23xrKAfcwt4LJgPYDj8KYH7RtTfHSEXRFdY2QY627UdwFQQZN1CPNIB3uoi85slwV%2BUbsz0V3jDo%2FZz8GGuwYeFhEY0z2QatBLTSDOxs7euDKko"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188addd039d0-FRA
expires: Tue, 16 May 2023 15:50:02 GMT

GET
H3 200 g37-banner-whatsapp.jpg
g37.com.br/wp-content/uploads/2022/03/ 10 KB
11 KB 107ms
104ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g37.com.br/wp-content/uploads/2022/03/g37-banner-whatsapp.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ebfc4b3fc6e4a8bf1eb340eebd701a2c91c367a62d6f196adb115ea919f1f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72615
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10485
last-modified: Tue, 31 May 2022 20:39:07 GMT
server: cloudflare
etag: "62967ceb-28f5"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Um7yRb5lTVraq%2Fkfi2MtD0bHTEjFEpo5VwpJQMvjkxebdIAzAEH9%2BWrJ%2FjtNx6uPckgPLx%2FtZsfm%2FoEKbCE8PsLgTY00rUv7mrHrdz8%2B%2B8aJyzUnS%2FNEb8RuCIYm0gY0hoF9bluG0qc4"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188addd139d0-FRA
expires: Mon, 15 May 2023 19:39:47 GMT

GET
H3 200 logo-portalg37-cinza-rodape-menor.png
g37.com.br/wp-content/uploads/2022/03/ 1 KB
2 KB 110ms
107ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g37.com.br/wp-content/uploads/2022/03/logo-portalg37-cinza-rodape-menor.png

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4362863a471ecabb6b9df186f74709e6c0e98386ebbaa042cdde18ee798d2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72615
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1149
last-modified: Tue, 31 May 2022 21:43:07 GMT
server: cloudflare
etag: "62968beb-47d"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcdE%2FGboXfmf5wZ8h2lnF3ifbQnk5ZN9WLNS83qZ5U4V0k6Ihlc3CE%2F1cRWDhuAR6e4A0CzzI3rYnymEF3U6KV4QJt5%2FanrKcac3oAISUiYGyQ2xQzDJAkLTuAlgK4xvKIilcIFh4R9M"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188addd239d0-FRA
expires: Mon, 15 May 2023 19:39:47 GMT

GET
H3 200 email-decode.min.js Show response
g37.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 22ms
21ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 28 Apr 2023 14:11:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"644bd41c-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FktgMf3OaTFZPWk%2BB94RlD1NEmX6L%2BkVCgABT8k5spVyxG6poRKez2tsXQHAr4Twp7RLCx%2BtuoJOLvGddv0H2sh8T9nmURGit9cdTNk8JYVXuFlv1H%2FkILIu1tow1STdzrI1l%2BhQ3mf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c4b188798d239d0-FRA
expires: Thu, 11 May 2023 15:50:02 GMT

GET
H2 200 bilmur.min.js Show response
s0.wp.com/wp-content/js/ 7 KB
3 KB 48ms
12ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/bilmur.min.js?m=202319
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 51dc1ea3b9642d966bbdf2c63346e4d2d3f668a693fa8e7f1e31bf6acbe48860

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: br
x-ac: 4.ams _dfw MISS
server: nginx
etag: W/"63bbf1d2-1a69"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 07 May 2024 00:00:02 GMT

GET
H3 200 /
g37.com.br/_static/ 43 KB
10 KB 224ms
224ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/_static/??-eJyVjkEOwjAMBD+Escih0APiLYlrqlA3tupEEb8HCbggceC6s7PabkBaKpeKJm3OxfHG1SItuOrUhB0pbtqcBb1n4w1SK5Pwntx3/Q/7DeAT/Bog1SUzSOyQy1VReI50R2tJMuFT+m5Ajen157KeD8MpDGM4hvEBLJJR+A==

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9afecf3800826cd6854395b64a7bbcabeebaab7a369e9505e7e0160b9de63b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Apr 2023 14:38:49 GMT
server: cloudflare
x-page-optimize: uncached
etag: W/"82808b140127d32e0f07f8f294f967fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhjvPGx4nrbwU6SRDRXgdYF2p%2BpJz%2BvWcB%2BZER84DxLTYpINC9ESTijmMJJNO8S5eKJEyrQzDQ9VaP2nK4J%2FZxKhO%2FExQ%2FzyKuqDO4S07keZUFZzXsEknbeFqw9GZoqzddH0g%2B40Sm7j"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
cf-ray: 7c4b1887b91939d0-FRA

GET
H3 200 photon.js Show response
g37.com.br/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-image-cdn/src/js/ 2 KB
1 KB 28ms
28ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-image-cdn/src/js/photon.js?m=1681828236

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

848c1152d9a329cf2b01b4c8d32858b76d66d2e58dc7153f88f6cffc865114be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 372795
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Apr 2023 14:30:36 GMT
server: cloudflare
etag: W/"643ea98c-720"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZuACwHEwQgclRqOh2uUPZ6iu4xGNPxEf5%2BHTF1Q8%2FCV8f3ez4NgjOQEjkY9fyuOj%2FUfo1ZSeO8Z0kpY7vX%2B0zmNBrxFwq1cqyPoNBujrFPg2v8SQ70njL2VWOxJpu60IRFO4eRwOlBp"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7c4b18892b1639d0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 919 B
903 B 84ms
29ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

502cf1cd8e1f55aeca22c593588cb2174fe76962147a540c6aac013a9e29e01e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 583
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 15:50:02 GMT

GET
H3 200 / Show response
g37.com.br/_static/ 205 KB
61 KB 223ms
222ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/_static/??-eJytkEkOwjAMRS9ESBGD2CCOgkxqNW6TOIrdMpyesKiEWBWJlcf/n+xbNo6TYlKbw9hREtujZnDDHC8TppaLhVE5giq5eWICPB+GInQotiVRS9WpCDolToavgmXCsu5ldfsr5qPxZa4eY93qISXwFkRQayVWXKGsso6UligoUOf1ync7J0s5gdr6gaWct8JzUcft4lPq5qCcf0AEmtAIQnG+Ks7xtDkct83+uGl2Lxnjws4=

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5865ff7b5d234958650376486a58ce1f59a0b5d50cb66adba43a0732f8c2e50b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 May 2023 20:08:24 GMT
server: cloudflare
x-page-optimize: uncached
etag: W/"ccdfa629d059b879c4728fe807e34e0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alzFsTgjWkPVIq%2FxtK1kmwLPGtF0U63%2B2lDEo%2BjoYL96OS04OF4GjeIiZ4kX%2FRx7Y%2BT8M8I89R5bIgJA%2F14r8b%2FMoA07X6CzR76omMAiOKW2Bj6Y67%2BFMu3EP4a%2B7tXf%2FbHXCYLVpj93"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7c4b18895b6539d0-FRA

GET
H2 200 e-202319.js Show response
stats.wp.com/ 9 KB
3 KB 50ms
13ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202319.js
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT ams
date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: br
server: nginx
etag: W/"62f6b688-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 05 May 2024 22:23:56 GMT

GET
H3 200 br-news.js Show response
g37.com.br/wp-content/themes/jannah/assets/js/ 5 KB
2 KB 216ms
216ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/wp-content/themes/jannah/assets/js/br-news.js?m=1674049419

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 Jan 2023 13:43:39 GMT
server: cloudflare
etag: W/"63c7f78b-15da"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s68bmSuJoXz9djRZwoZ9MxHYs9QtQmQXvwXo9AaOMlSt3%2BtyW07glJZF5hzvC94FpYOfYUP%2FSjwFs1UOWUyp9fy%2B70EEYoB2xpHkwz8b6JyS91yC7YaOrNKP8cq75%2FAZOSPL0hr1vd5l"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7c4b188a8d4639d0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 token-bridge.js Show response
g37.com.br/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/ 10 KB
4 KB 218ms
217ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/token-bridge.js?ver=0.14.0

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39dc6e27661f1c1de2b758d008b20657c600df5c714926a3636284628b4863bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 04 Apr 2023 23:29:44 GMT
server: cloudflare
etag: W/"642cb2e8-26c2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3w0gy8LXXtkTGPyffhPnL9VU8Wl5Iyp%2FB0cF6N8E3plcrhU3I2l0gZchDnd%2FUcfnHLsKPB8ROjRfxzW9sulT4f%2FbBJ%2FoUz%2BB06fA%2Bp862oInaG76B4%2B0zu2PSi%2BnofMBEy5MSq5yuDUz"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 7c4b188acdb739d0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 videopress-iframe-api.js Show response
s0.wp.com/wp-content/plugins/video/assets/js/videojs/ 9 KB
3 KB 50ms
12ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/plugins/video/assets/js/videojs/videopress-iframe-api.js?ver=202319
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: b4fbcbbf07940d1778900ccf5470efe4e5df9c8b43118d93603af1e5b791a25b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: br
x-ac: 4.ams _dfw MISS
server: nginx
etag: W/"643ef209-2300"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 07 May 2024 00:00:51 GMT

GET
H3 200 / Show response
g37.com.br/_static/ 36 KB
11 KB 216ms
212ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/_static/??wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js,wp-content/themes/jannah/assets/js/videos-playlist.js?m=1680650984

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa620478181dc6447b55b854d8d398cbbb973d068a9c69510b4012956c284a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 04 Apr 2023 23:29:44 GMT
server: cloudflare
x-page-optimize: uncached
etag: W/"c34e70e162ea9e04410eb0f7f779ebe5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JROoUzLVmgSrY0wuZS7kB3%2FpBlOEGpshVgoo%2BIs4Q6vz5PNCPKkkCzj%2Bi5y4OnGXT%2FJ29O2I65VL2KZr2xG2cgW5IcF2MJUF637ETlvp66cwA%2FWkaU4j8oEwhSnF8H7dbc6O2KBwioib"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7c4b188addbe39d0-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 174ms
86ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

831fd3239256a34b82338d3f53ccfd7e5a8577e2cd426fcfc77a5a8bd160c928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24944
x-xss-protection: 0
server: cafe
etag: 667 / 19486 / m202305040101 / config-hash: 16246440820329187477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:02 GMT

GET
H2 200 prebid.js Show response
tags.denakop.com/ 272 KB
84 KB 103ms
43ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/prebid.js
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee888bc3e7a166fe422eb4ba38421559ac0d86114235822d5ee02d8c5bdd7d63

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 17 Apr 2023 14:43:23 GMT
server: cloudflare
age: 2549
cf-polished: origSize=279167
etag: W/"643d5b0b-4427f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7c4b188b28fe19a9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 g37.com.br.js Show response
tags.denakop.com/10298/ 220 KB
38 KB 153ms
145ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/10298/g37.com.br.js
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e131dafe5a4e9e7d0a15873898caa5c5e991b819e1f5b382ca7615b5c0c80886

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 09 May 2023 15:07:21 GMT
server: cloudflare
etag: W/"645a61a9-3716d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7c4b188b390119a9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
40 KB 55ms
52ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX9ZM83

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

042f2c6f59caf65387df2ac20bbcbc71f356ffcf49a4857efb78a21115a3ed82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41164
x-xss-protection: 0
last-modified: Tue, 09 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 May 2023 15:50:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
45 KB 72ms
70ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TGJPRT7

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ac1072dcfa5c92eaa9bd7df7303aceedcd0edc63d127cb5ec62c66909113366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45966
x-xss-protection: 0
last-modified: Tue, 09 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 May 2023 15:50:02 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 WhatsApp-Image-2023-05-09-at-11.13.14.jpeg
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 17 KB
17 KB 49ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/WhatsApp-Image-2023-05-09-at-11.13.14.jpeg?resize=780%2C470&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

9ecbf3119b8cdcae792d565ac6d41e17d59fbe4637e9ee1b50eea38ed19a52b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 15:18:29 GMT
server: nginx
etag: "d4511f18aac5e544"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/WhatsApp-Image-2023-05-09-at-11.13.14.jpeg>; rel="canonical"
content-length: 17462
expires: Fri, 09 May 2025 03:18:29 GMT

GET
H2 200 balcao-de-empregos-5-1.jpg
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 7 KB
7 KB 71ms
34ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/balcao-de-empregos-5-1.jpg?resize=500%2C281&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d49ccc03ae3871d68801383bb2ac979b374ab16a3e7533cc1c0b8b38428698a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: MISS ams 8
date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 15:50:02 GMT
server: nginx
etag: "84a80674996d1a9c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/balcao-de-empregos-5-1.jpg>; rel="canonical"
content-length: 7390
expires: Fri, 09 May 2025 03:50:02 GMT

GET
H2 200 Arte-Samu-3-3.jpg
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 16 KB
16 KB 101ms
64ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/Arte-Samu-3-3.jpg?resize=780%2C470&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

2e61e1a88bb296c840bbc2b285bf9c6647fe3df7e9930e6d2a35b58fa4e23122

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: MISS ams 1
date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 15:50:02 GMT
server: nginx
etag: "bf34669108f40a27"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/Arte-Samu-3-3.jpg>; rel="canonical"
content-length: 15946
expires: Fri, 09 May 2025 03:50:02 GMT

GET
H2 200 Arte-Samu-2.jpeg
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 16 KB
16 KB 94ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/Arte-Samu-2.jpeg?resize=780%2C470&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

8e2e20ebce6447783d5c1ff767c64f0307b48fd9f3c00069e46fe30a7f10d6f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: MISS ams 4
date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 15:50:02 GMT
server: nginx
etag: "99053f02b47b46ec"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/Arte-Samu-2.jpeg>; rel="canonical"
content-length: 15928
expires: Fri, 09 May 2025 03:50:02 GMT

GET
H2 200 Arte-SAMU-2-scaled.jpg
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 15 KB
15 KB 123ms
86ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/Arte-SAMU-2-scaled.jpg?resize=780%2C470&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

78700a017b7d680a688cf5040e5feb9ae2fe11ae8597ee8dca7f95407b21235c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: MISS ams 7
date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 15:50:02 GMT
server: nginx
etag: "cfc5c16a291b74b8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/Arte-SAMU-2-scaled.jpg>; rel="canonical"
content-length: 15564
expires: Fri, 09 May 2025 03:50:02 GMT

GET
H3 200 tielabs-fonticon.woff
g37.com.br/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 40 KB
25 KB 94ms
93ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff

Requested by

Host: g37.com.br
URL: https://g37.com.br/_static/??-eJytkttOwzAMhl+ILJsYaDeIR0Fu4rWhzoE4Wenb425UmsZgq8SNG8f/50OdISkTQ8FQdKLausCaYIy1qDY7q7mMhCvD/DD8FL5jSWD6+ft2wGBj1lBL9FCKM3NEHZzFmDIy66Y6srqhKNdoXRHg6LA+isTiMBd0wVC1KJVYexEDEvqpg3MnSb+YFWELZlx5F27SEjv3z5nLEU2MvUNFMEi6fdSnKjrVhmQ8gS4V6hT6v3ytTfnWAny0lWRQcr3YqzsrncwqBIQAnQZmLHys1wDjtT/wK3BKv4QYnG3lvIjpkBLmZcxeBDAgR3/f+I5c25UmfmoLuVfcu6Anc3fBeQ/cxVxMlLe2qN8ZL/AxIvq/3uG86Qn7Pk/SV/+yed49rp92m/X2C7kPckg=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1bc17112f84d3e3b9e381a292e9ee6263cfb0706f07e34501396dee3a7c8a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://g37.com.br/_static/??-eJytkttOwzAMhl+ILJsYaDeIR0Fu4rWhzoE4Wenb425UmsZgq8SNG8f/50OdISkTQ8FQdKLausCaYIy1qDY7q7mMhCvD/DD8FL5jSWD6+ft2wGBj1lBL9FCKM3NEHZzFmDIy66Y6srqhKNdoXRHg6LA+isTiMBd0wVC1KJVYexEDEvqpg3MnSb+YFWELZlx5F27SEjv3z5nLEU2MvUNFMEi6fdSnKjrVhmQ8gS4V6hT6v3ytTfnWAny0lWRQcr3YqzsrncwqBIQAnQZmLHys1wDjtT/wK3BKv4QYnG3lvIjpkBLmZcxeBDAgR3/f+I5c25UmfmoLuVfcu6Anc3fBeQ/cxVxMlLe2qN8ZL/AxIvq/3uG86Qn7Pk/SV/+yed49rp92m/X2C7kPckg=
Origin: https://g37.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57562
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 Jan 2023 13:43:39 GMT
server: cloudflare
etag: W/"63c7f78b-9f6c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFHXllbLzTEwbj6YVIXE5GVJItXPl8RW9e8g8v3THjswchaM5FVOCdrj1eSKts%2BKwXUXjlZoqLoNkBmJKG3I5c0st456XfaWMa0Y4QDzj2dva4alMmyHW459TSwdAo53USjC0fUD7dOp"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
cf-ray: 7c4b188aedff39d0-FRA
expires: Mon, 15 May 2023 23:50:40 GMT

GET
H3 200 fa-regular-400.woff2
g37.com.br/wp-content/themes/jannah/assets/fonts/fontawesome/ 13 KB
14 KB 109ms
108ms Font
application/font-woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g37.com.br/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://g37.com.br/_static/??-eJytkttOwzAMhl+ILJsYaDeIR0Fu4rWhzoE4Wenb425UmsZgq8SNG8f/50OdISkTQ8FQdKLausCaYIy1qDY7q7mMhCvD/DD8FL5jSWD6+ft2wGBj1lBL9FCKM3NEHZzFmDIy66Y6srqhKNdoXRHg6LA+isTiMBd0wVC1KJVYexEDEvqpg3MnSb+YFWELZlx5F27SEjv3z5nLEU2MvUNFMEi6fdSnKjrVhmQ8gS4V6hT6v3ytTfnWAny0lWRQcr3YqzsrncwqBIQAnQZmLHys1wDjtT/wK3BKv4QYnG3lvIjpkBLmZcxeBDAgR3/f+I5c25UmfmoLuVfcu6Anc3fBeQ/cxVxMlLe2qN8ZL/AxIvq/3uG86Qn7Pk/SV/+yed49rp92m/X2C7kPckg=
Origin: https://g37.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38997
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13584
last-modified: Wed, 18 Jan 2023 13:43:39 GMT
server: cloudflare
etag: "63c7f78b-3510"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDSSs0tU8hhpR8rKz%2FM45WgCevIwscoG333uVlzfBhfn9vxqHOzGR3j3rqtRfQLuoR%2FTM%2Fa5ekR%2BjJEezJrglBUZ1jAuFNYTUguSkerR1LkLmLUOcolHQJhMaFz2m2nvLZDfowVMOEGA"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c4b188aee0239d0-FRA
expires: Tue, 16 May 2023 05:00:05 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/-pGsum-QYJA/ 3 KB
3 KB 78ms
31ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/-pGsum-QYJA/default.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1c2eba9dd067d2907d0517fe436202a857da14e0fd73e9a699d676129b35067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3055
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 17:50:02 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/F62Mh-rROjA/ 4 KB
4 KB 70ms
34ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/F62Mh-rROjA/default.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06bb13eb509ed08cb89ad82c321c468b9f1b4fc8f3e8e9d965ee0464236ac22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3691
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 17:50:02 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/lw4mtuSrZD8/ 4 KB
4 KB 74ms
40ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/lw4mtuSrZD8/default.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb3f13a00ed39c265020b2e6f0e1b90c79f332911d2f7ab3193a0db1337890d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3596
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 17:50:02 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/0HPCpE2-K_k/ 2 KB
2 KB 72ms
41ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/0HPCpE2-K_k/default.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cf2197f2fb9bda274ec8c136c63958e6f1f39f669129e3eb383ba560483b6e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1800
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 17:50:02 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/jkAXMH4QV1o/ 2 KB
2 KB 55ms
31ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jkAXMH4QV1o/default.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01f77e154a5a5227a5e380b72b61023bd59681a8d8901931480f0bcbedd9717d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1940
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 17:50:02 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/eTorJFMRda0/ 2 KB
2 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/eTorJFMRda0/default.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21e8f89adf39c45a1b9d800fd0af165f020ec63d38d77eec516cfae46df737e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1883
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 17:50:02 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/jsDL09VbNIU/ 3 KB
3 KB 32ms
31ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jsDL09VbNIU/default.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86e037c1fb743b98f684b81eb34e51b464ecbcb0306a08c1191ee0d8a0e63ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2642
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 17:50:02 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/tOMHONbzKaQ/ 2 KB
2 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/tOMHONbzKaQ/default.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21afc53680e444ad244fa921e1d16415e29549e74cfe0577eccedb4175c4b01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2282
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 17:50:02 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/7J-1PKNkL-E/ 3 KB
3 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/7J-1PKNkL-E/default.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb5036da953c88ab6a081da7198a54329b559b2cdf85c8b06fa12dd26a118a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2733
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 17:50:02 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/dKMV1AvOWPQ/ 3 KB
3 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/dKMV1AvOWPQ/default.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

838d5ea3cbf1b371d33f793b4c93772fb285878824f3666428948e34caf93215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 17:50:02 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/UraQ_j7BBxQ/ 2 KB
2 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/UraQ_j7BBxQ/default.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d731d9c4d2093d32b1dd4e08c2abf25c23bb9e094699c567c577d4c2c9782d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2336
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 17:50:02 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/3X2UsxSW8t0/ 3 KB
3 KB 49ms
49ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/3X2UsxSW8t0/default.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69087d7c027c1d2e40000046ef9b2be0bfa17c6227208c2fbc5dca1c6b673580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2859
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 17:50:02 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/WuUdEsoq5cM/ 2 KB
2 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/WuUdEsoq5cM/default.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1783396171552e363f707655f9677906ac7304fb38163c3fc25de9b11656bdfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2476
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 17:50:02 GMT

GET
H2 200 embed Show response
www.currency.wiki/widget/ Frame B46F 81 KB
21 KB 232ms
168ms Document
text/html 2606:4700:20::681a:442
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.currency.wiki/widget/embed?wd=1&f=USD&t=BRL&cs=&d=3&tm=1683647156&lang=pt-BR
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca06ac01baad34a8d2faa930825cd34d6303983accce5c43abee5c4258c6aee

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7c4b188c3c57903c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 09 May 2023 15:50:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZ%2FgQiSJMFyEsyjhiuSecJ%2F%2BAiF7uVYNjjPk9HvpjtvCnZ8BFJIvjxNUTwNKvASy1Eq1Mp7a4px3j4I6GL7MibIZIqA0fpQmgtPiQ%2B0Vs2BzZ7XhH9VjwWpIlwKHkDgHtRwTkNP4R02wmWBp42gj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 49d0a82eeff713b74763ec2aefde176b.js Show response
scripts.cleverwebserver.com/ 129 KB
48 KB 279ms
212ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/49d0a82eeff713b74763ec2aefde176b.js
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4368ff23045891accbe79eb847c09d03d32cbd7298002ba2c3ab3c14bf29c536

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
x-amz-version-id: tu0ieMdlLd.IO_AY3L4MT1n._RVPTUGT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 09:11:33 GMT
server: cloudflare
x-amz-request-id: GNP0NAVH2XKWYWRE
etag: W/"376321fb59a2db76fbd3771bf2b2f6ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7c4b188c8c492c3d-FRA
x-amz-id-2: QniCxx6TyjF9/SgG/fAJny/QiJn4J84SM70fXUPcbBTO04wl3U6fB5jcLhMGnD7WjLtUvgV9AjA=
expires: Tue, 09 May 2023 16:20:03 GMT

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ 406 KB
164 KB 102ms
30ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7669342d5cea568d6b38d5d626149f6b1a34ea046d076647abd6c74876210463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Origin: https://g37.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 20:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166796
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 20:44:56 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/ 355 KB
120 KB 128ms
86ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9615345408743774&plah=g37.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9615345408743774&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

358045565f4986d574ac025c1267a10f88b64a1c58988fe3edfc250e1cd99707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122353
x-xss-protection: 0
server: cafe
etag: 13283415573095675460
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230504/r20190131/ Frame 9232 10 KB
5 KB 66ms
19ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230504/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9615345408743774&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 49367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 02:07:16 GMT
etag: 15057649708203361565
expires: Tue, 23 May 2023 02:07:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 18ms
12ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=203494683&post=1020&tz=-3&srv=g37.com.br&hp=atomic&ac=2&amp=0&j=1%3A12.2-a.1&host=g37.com.br&ref=&fcp=1270&rand=0.08273520003179469
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 May 2023 15:50:03 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 pastoclockp.js Show response
data.gblcdn.com/data/ 21 KB
6 KB 125ms
61ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.gblcdn.com/data/pastoclockp.js?aid=6f4889f8e38ca8e79c6a&pubid=c94b7050-f992-11e9-9d65-87d8d8f59fc9&pid=jhyjhphwsrooaxn&renderD=0&limitT=0&limitH=24&parent=body&t=i&mt=b
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96495736e304e92c2c59f020def4d40398dd58502ad7504281cab1e4a8ccf3f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
x-amz-version-id: nwvlDJEJvNG8DeRyqPSJh0zbqh3.zufe
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 May 2023 15:18:44 GMT
server: cloudflare
etag: W/"d38eebc021752f86f15983ab1ffaaf45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2r4rBnfk40DohLVIvgtO%2F6kWx7qpMTjaCJ9cPc3xDWJUBGCamBHrEvrosNFnN%2Fw%2Fjyo3XauYEaONyjo6LuQLzvbfcgive8PWf%2FTlDyorBgpLEH8XSv1mPW9vSu4d5qVw%2B%2BjvjwefEoSv8EJb24o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7c4b188e0bef2c4b-FRA
x-amz-cf-id: 5qe5s7fxNNIxPKbP8b0u-3hgu-Sa2mXI1L4HxRfaMxn6xDxf7SJIRA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 219ms
21ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-223565207-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 May 2023 14:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4464
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 09 May 2023 16:35:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
74 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YCLYQ3FDTE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-223565207-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b7adcaa3cb72833b6940a4a3034ff8136b6401f68e51aa8e00ff2a756a164c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 May 2023 15:50:03 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/ 403 KB
125 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77384310d4ffb3b35481ce813a3ef4f3cbcf694e8a7a58f6698c692bdf27de5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 18:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75155
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127480
x-xss-protection: 0
server: cafe
etag: 445900462459606666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 07 May 2024 18:57:28 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 360 B
221 B 107ms
66ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=g37.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cd04cfe5bafa961bdaadbf89fea8711dbe3fee55ac0e2ec3680028ef06cda51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196
x-xss-protection: 0
expires: Tue, 09 May 2023 15:50:03 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 194ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 May 2023 15:50:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2z0M1XnfzMW3fmOtKeCVOWdKI4Cj/GlCWeec5TQhczPR5nHt7m4RCeqfzRgEADc8FdLwQJJD8ILS2JN2HXrW0w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WDKQRS2GPR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJPRT7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93ebac2a7b4d263d6548a28e5290e644f70ec101bd80450ee4ca2fb47c5c0898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 May 2023 15:50:03 GMT

GET
H2 200 jquery-1.12.0.min.js Show response
code.jquery.com/ Frame B46F 95 KB
33 KB 165ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.0.min.js
Requested by: Host: www.currency.wiki
URL: https://www.currency.wiki/widget/embed?wd=1&f=USD&t=BRL&cs=&d=3&tm=1683647156&lang=pt-BR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.currency.wiki/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-17c52"
vary: Accept-Encoding
x-hw: 1683647403.dop226.am5.t,1683647403.cds008.am5.hn,1683647403.cds304.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33820

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ Frame B46F 7 KB
3 KB 177ms
30ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: www.currency.wiki
URL: https://www.currency.wiki/widget/embed?wd=1&f=USD&t=BRL&cs=&d=3&tm=1683647156&lang=pt-BR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.currency.wiki/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-1c1f"
vary: Accept-Encoding
x-hw: 1683647403.dop226.am5.t,1683647403.cds008.am5.hn,1683647403.cds125.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3063

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame B46F 19 KB
7 KB 297ms
96ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.currency.wiki
URL: https://www.currency.wiki/widget/embed?wd=1&f=USD&t=BRL&cs=&d=3&tm=1683647156&lang=pt-BR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.currency.wiki/
Origin: https://www.currency.wiki
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c4b1890eb9a2c37-FRA

GET
H2 200 api.gif
tags.denakop.com/ 0
312 B 126ms
125ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10298&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=p&p=https%3A%2F%2Fg37.com.br%2F&t=1683647403271&cb=0.45692038957088865

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:03 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7c4b188e9d7419a9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
903 B 149ms
30ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:500,regular&subset=latin&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

492584db86b05db92e84082fb80ac2d2944bc4c7c8d9ef82cdf8c880b7cee02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 May 2023 15:50:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 May 2023 15:50:03 GMT

GET
H2 200 WhatsApp-Image-2023-05-09-at-09.31.59.jpeg
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 47 KB
47 KB 80ms
79ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/WhatsApp-Image-2023-05-09-at-09.31.59.jpeg?resize=780%2C470&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

eb0048226c135f488d7d6f207a6ec8e392b73dcfcd0ebf1a1c3972d6de7ca436

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: MISS ams 8
date: Tue, 09 May 2023 15:50:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 15:50:03 GMT
server: nginx
etag: "585b7f104daf5ab1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/WhatsApp-Image-2023-05-09-at-09.31.59.jpeg>; rel="canonical"
content-length: 48296
expires: Fri, 09 May 2025 03:50:03 GMT

GET
H2 200 WhatsApp-Image-2023-05-09-at-10.09.51.jpeg
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 11 KB
11 KB 111ms
111ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/WhatsApp-Image-2023-05-09-at-10.09.51.jpeg?resize=780%2C470&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

947777ca80656a7f4768ffe41ef2c360c67e333d09b2c5a7965a4608919f3504

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: MISS ams 1
date: Tue, 09 May 2023 15:50:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 15:50:03 GMT
server: nginx
etag: "5a721af04325f4be"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/WhatsApp-Image-2023-05-09-at-10.09.51.jpeg>; rel="canonical"
content-length: 11406
expires: Fri, 09 May 2025 03:50:03 GMT

GET
H2 200 af820200620005.jpg
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 23 KB
23 KB 104ms
104ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/af820200620005.jpg?resize=780%2C470&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

ceab2a954eb0ed5f56d2113128d33914704897669fcf688f379ba1a0a8708eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: MISS ams 6
date: Tue, 09 May 2023 15:50:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 15:50:03 GMT
server: nginx
etag: "a863987be7ecf391"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/af820200620005.jpg>; rel="canonical"
content-length: 23678
expires: Fri, 09 May 2025 03:50:03 GMT

GET
H2 200 Arte-Gleidson.jpeg
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 5 KB
5 KB 38ms
38ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/Arte-Gleidson.jpeg?resize=669%2C458&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

13b0138595dabcf3ef27e791569b3712814a585230244c4220feb227f41e330a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: MISS ams 8
date: Tue, 09 May 2023 15:50:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 15:50:03 GMT
server: nginx
etag: "1748748f51bf6e74"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/Arte-Gleidson.jpeg>; rel="canonical"
content-length: 5250
expires: Fri, 09 May 2025 03:50:03 GMT

GET
H2 200 image_preview-1.png
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 28 KB
28 KB 17ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/image_preview-1.png?resize=400%2C266&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

1b5201264a2a934de87c72ce20ed8f356858cf8144a2d0fb46aaf64f81839751

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT ams 6
date: Tue, 09 May 2023 15:50:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 13:08:36 GMT
server: nginx
etag: "6df1d30033fd6835"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/image_preview-1.png>; rel="canonical"
content-length: 28730
expires: Fri, 09 May 2025 01:08:36 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 89ms
37ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: g37.com.br
URL: https://g37.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9fbd32212b5e1d8c88a8fa8215367e8f9c5679417529f9debfc3546834231bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 09 May 2023 15:50:03 GMT

GET
H2 200 af820200620005.jpg
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 9 KB
9 KB 55ms
53ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/af820200620005.jpg?resize=390%2C220&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

2f3d5041a0b1bfd6133a793693335fd61ab52eae1eef9a3f0192ac740392cf53

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: MISS ams 6
date: Tue, 09 May 2023 15:50:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 15:50:03 GMT
server: nginx
etag: "02cb2d5757db8be8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/af820200620005.jpg>; rel="canonical"
content-length: 9326
expires: Fri, 09 May 2025 03:50:03 GMT

GET
H2 200 Arte-Gleidson.jpeg
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 1 KB
1 KB 28ms
27ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/Arte-Gleidson.jpeg?resize=220%2C150&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b779cb526d81ad5d53dad7f96914a04b619f80e1b7a941b94f82b7656b759248

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: MISS ams 8
date: Tue, 09 May 2023 15:50:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 15:50:03 GMT
server: nginx
etag: "86807fba62307ff8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/Arte-Gleidson.jpeg>; rel="canonical"
content-length: 1284
expires: Fri, 09 May 2025 03:50:03 GMT

GET
H2 200 WhatsApp-Image-2023-05-08-at-23.18.32.jpeg
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 7 KB
7 KB 34ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/WhatsApp-Image-2023-05-08-at-23.18.32.jpeg?resize=220%2C150&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d22ff010062ceab86440a7c8da9694203448065da3194f1ca00442b9988a6150

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: MISS ams 4
date: Tue, 09 May 2023 15:50:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 15:50:03 GMT
server: nginx
etag: "05cbcc9992dffbef"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/WhatsApp-Image-2023-05-08-at-23.18.32.jpeg>; rel="canonical"
content-length: 6996
expires: Fri, 09 May 2025 03:50:03 GMT

GET
H2 200 interditado.jpg
i0.wp.com/g37.com.br/wp-content/uploads/2023/05/ 3 KB
3 KB 25ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/g37.com.br/wp-content/uploads/2023/05/interditado.jpg?resize=220%2C150&ssl=1

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d082c8f89a636d53c3897dd3b2ff097776ec1bf9796ce593fcffce8988d92d28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: MISS ams 4
date: Tue, 09 May 2023 15:50:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 15:50:03 GMT
server: nginx
etag: "1f89b1cfcf21de35"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://g37.com.br/wp-content/uploads/2023/05/interditado.jpg>; rel="canonical"
content-length: 2998
expires: Fri, 09 May 2025 03:50:03 GMT

GET
H2 200 g37.js Show response
adjs.media/resources/content/ 3 KB
2 KB 359ms
147ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adjs.media/resources/content/g37.js

Requested by

Host: b.admasters.media
URL: https://b.admasters.media/widget/f0523b42-4ad3-4fe9-b4e2-b195f7906859/ext.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f628e528615b4682d48990c1b88679af4e94523258e40fff53a7f390f111de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5cedf7ca-5396-463c-9bb1-f6ae8840ec74
x-runtime: 0.003621
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"5f628e528615b4682d48990c1b88679a"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsBh%2BjcDuaecXO0yz%2BNW4RXPfrA4OZr0V6%2BNV%2FNhLleGthK64Nw6C5Zb02%2B0OB84F2UZQdFVzw62Op34dlfLKHI9xTxb%2BWMNqWfV3POjw96oYV5AwjuSI2x7vOqBDDE6%2BeAJjT6QeHD8"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, private
cf-ray: 7c4b1890fd456904-FRA

GET
H2 200 22bb954ac85311edafa10242ac120002%2F970_betano_250.jpg
a.cdn789.dev/ 53 KB
54 KB 630ms
417ms Image
image/jpeg 2606:4700:3036::6815:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.cdn789.dev/22bb954ac85311edafa10242ac120002%2F970_betano_250.jpg

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c19746b6623e6e708ff5afb555128bd3612e58eb53168b11403489926883008

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000021190eb3-00643c523a-65bc352a-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54120
last-modified: Wed, 22 Mar 2023 01:46:16 GMT
server: cloudflare
etag: "0e98f5ae927fdb96e0c5c7f4b9738ac8"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1681674810.dop130.am5.t,1681674810.cds135.am5.hn,1681674810.cds248.am5.pr
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jvZrTUUkZRViHcf0c7nZ%2FlrF1KY2lDVPAZ2pWsyCFh8C1WSF%2Bab%2BHQ%2Brubh%2F%2Fh3tSTJdtasvOYJ4RzYMCwm8oTBSZ78q6XkUe02c1LbBczj%2FDvLEGzlK5A291O06355VcauYDcHrFWHHUI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 7c4b1890fefa9bcb-FRA

GET
H3 200 video-js.min.css
tags.denakop.com/assets/css/ 29 KB
8 KB 40ms
40ms Stylesheet
text/css 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/assets/css/video-js.min.css
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/10298/g37.com.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3035f4da137318c8ab24443847c53184aa239f7ae069dc2659eb9aaf8e4a4fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 13:39:42 GMT
server: cloudflare
age: 938
etag: W/"620e501e-7587"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7c4b1890ad4c3804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 videojs.ima.css
tags.denakop.com/assets/css/ 3 KB
1 KB 35ms
35ms Stylesheet
text/css 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/assets/css/videojs.ima.css
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/10298/g37.com.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ac5a1e6c2c1fde505d9378a2bec86ae156da7dc888e199b380c8203f010e8c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 30 Nov 2022 19:08:03 GMT
server: cloudflare
age: 2206
cf-polished: origSize=4176
etag: W/"6387aa13-1050"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7c4b1890ad4d3804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 videojs.ads.css
tags.denakop.com/assets/css/ 1 KB
530 B 41ms
36ms Stylesheet
text/css 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/assets/css/videojs.ads.css
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/10298/g37.com.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 542007f1393d22bb236f7092a3098723c68ce5fa756e18f40b8b9a8af8669426

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 11 Feb 2022 17:05:10 GMT
server: cloudflare
age: 938
cf-polished: origSize=1071
etag: W/"62069746-42f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7c4b1890bd523804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 360 KB
121 KB 139ms
50ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/10298/g37.com.br.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122883
x-xss-protection: 0
expires: Tue, 09 May 2023 15:50:03 GMT

GET
H3 200 video.min.js Show response
tags.denakop.com/assets/js/ 569 KB
160 KB 57ms
53ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/assets/js/video.min.js
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/10298/g37.com.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d29a4da589df44d74041478486a73e8875b37c1a460616e1017e07f76d209e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 17:05:14 GMT
server: cloudflare
age: 2484
etag: W/"6206974a-8e318"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7c4b1890bd5f3804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 videojs.ima.js Show response
tags.denakop.com/assets/js/ 36 KB
8 KB 35ms
33ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/assets/js/videojs.ima.js
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/10298/g37.com.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074fbc5276a1cd4fc4594fd67e3f1a7ca65760f03d40426e18db2cbd96907cda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 07 Jun 2022 17:56:31 GMT
server: cloudflare
age: 938
cf-polished: origSize=36923
etag: W/"629f914f-903b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7c4b1890bd603804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 videojs.ads.min.js Show response
tags.denakop.com/assets/js/ 28 KB
8 KB 48ms
47ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/assets/js/videojs.ads.min.js
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/10298/g37.com.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b080077be67f44a0c4cf754a402ddaced203190343eaa31bb79690f5c128d9e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 17:05:13 GMT
server: cloudflare
age: 2205
etag: W/"62069749-6e4e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7c4b1890bd613804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 btn_close.svg
tags.denakop.com/assets/ 2 KB
980 B 43ms
43ms Image
image/svg+xml 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.denakop.com/assets/btn_close.svg
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9798fc4c7ff476555c03664d50915973981718170a86a95ab1fbc2c9faf3255

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 15:50:23 GMT
server: cloudflare
age: 2487
etag: W/"63862a3f-697"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7c4b1890bd693804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
ui.cleverwebserver.com/ 160 B
196 B 58ms
37ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8396ba2f8fa4612c8a2cec04395908b1b414727856eb1548a9e7b9ea68a0dc1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c4b18910ade2c3d-FRA
content-type: application/javascript

GET
H2 202 p Show response
server.gblcdn.com/pool/ 167 B
2 KB 699ms
632ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://server.gblcdn.com/pool/p?pubid=c94b7050-f992-11e9-9d65-87d8d8f59fc9&l=1&mck_o=&mck_b=&mck_c=&mck_ov=&mck_bv=&t=i&mt=b&dco=0&fq=&fqc=&wh=g37.com.br&w=300&h=250
Requested by: Host: data.gblcdn.com
URL: https://data.gblcdn.com/data/pastoclockp.js?aid=6f4889f8e38ca8e79c6a&pubid=c94b7050-f992-11e9-9d65-87d8d8f59fc9&pid=jhyjhphwsrooaxn&renderD=0&limitT=0&limitH=24&parent=body&t=i&mt=b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fefed5fb5b13d8e217c9bfc2481ed9971784f6e88387be7b1486e209ffe2964e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XWzhTNcWuiiTyRx9BjiLOQIP0fWO%2FYkoPJ218a0V14cAvws7PE2b2Px3hQ9KcgXZSA2ZqWqd%2FEPk674t9NHMTzO%2Fy9AuHxikVPcPhUf4lrUeTvKIdptITk3I9xglwoRMAYnzzI0sSc2Femd1C5kQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://g37.com.br
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control: no-cache, private
cf-ray: 7c4b1892091b36dd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 206 black.mp4
tags.denakop.com/assets/ 1 KB
1 KB 34ms
28ms Media
video/mp4 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/assets/black.mp4
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c627153c9cb78d7447539e7d75ed6e85225424e5d0a60959a51d49f2d0f20f1b

Request headers

Referer: https://g37.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 09 May 2023 15:50:03 GMT
cf-cache-status: HIT
last-modified: Mon, 04 Jul 2022 15:50:48 GMT
server: cloudflare
age: 2486
etag: "62c30c58-4c4"
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 0-1219/1220
cache-control: public, must-revalidate, max-age=604800
cf-ray: 7c4b18919ecd3804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1220

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 77ms
20ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:500,regular&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://g37.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 06:24:35 GMT
x-content-type-options: nosniff
age: 293128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 06:24:35 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 79ms
22ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:500,regular&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://g37.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:52:39 GMT
x-content-type-options: nosniff
age: 295044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 05:52:39 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
603 B 101ms
30ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=g37.com.br&callback=_gfp_s_&client=ca-pub-9615345408743774

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9615345408743774&plah=g37.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c56390843c87e6a77c3fe29a47771105bac6a5b96cb358e025d6b34ab82fe59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 86ms
28ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=g37.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 88ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=g37.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 124ms
124ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8896 264 KB
50 KB 550ms
549ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&adk=2969136045&adf=3689892565&lmt=1683647156&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fg37.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647403065&bpp=13&bdt=1165&idt=917&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5511825866770&frm=20&pv=2&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1062

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7cdf25a5386ab328c13f7e79b2bbeaaef26dfeca314722793c8858710791562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 50836
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:04 GMT
expires: Tue, 09 May 2023 15:50:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 26ms
26ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&aip=1&a=139216161&t=pageview&_s=1&dl=https%3A%2F%2Fg37.com.br%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Portal%20G37&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACUABBAAAACAAI~&jid=1223582022&gjid=877270510&cid=1340732611.1683647404&tid=UA-223565207-1&_gid=133574251.1683647404&_r=1&gtm=457e3530&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=399769087

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://g37.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 100ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YCLYQ3FDTE&gtm=45je3530&_p=139216161&_gaz=1&gdid=dZTNiMT&cid=1340732611.1683647404&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683647404&sct=1&seg=0&dl=https%3A%2F%2Fg37.com.br%2F&dt=Home%20-%20Portal%20G37&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YCLYQ3FDTE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://g37.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 82ms
22ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YCLYQ3FDTE&cid=1340732611.1683647404&gtm=45je3530&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YCLYQ3FDTE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://g37.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 117ms
58ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YCLYQ3FDTE&cid=1340732611.1683647404&gtm=45je3530&aip=1&z=686854185

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 508162000946489 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 128ms
127ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/508162000946489?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d39dd26ec8fb71eb7f698699e902d6bf28f816c2064341cb44e72050a1620c7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 May 2023 15:50:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MHPsDxAUzrGQ4HIaPCz6bMre6/zHMZGc5EqL3OX3qUdAat9VVF53X50FrHewB4GvqsYznF5bmNOOAhWIoOZi6g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 55ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WDKQRS2GPR&gtm=45je3530&_p=139216161&cid=1340732611.1683647404&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683647404&sct=1&seg=0&dl=https%3A%2F%2Fg37.com.br%2F&dt=Home%20-%20Portal%20G37&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WDKQRS2GPR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://g37.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

invisible.js Show response
www.currency.wiki/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/ Frame 39C1
Redirect Chain

https://www.currency.wiki/cdn-cgi/challenge-platform/scripts/invisible.js
https://www.currency.wiki/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js

27 KB
12 KB

38ms
38ms

Script
application/javascript

2606:4700:20::681a:442
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.currency.wiki/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Server

2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df60c3df02472e163c9dcc847c78f653d0a0104cf6dea974d1e2f8483a90c365

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flqYQIiSaZHxVBgOAQbqdnvvntIqT7Q5MyfVgZ%2BmL2H9JDmLkbQzM0P2P6bIzUGf3433w38uJLA46XvNc2NIXrG6zvWiaOhlxYytepnATw5a2sEb5KQS4UYpLEK1olKNArGU0T5LUZTO5OvivzpM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c4b18962a50bb67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 09 May 2023 15:50:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NTS7nk13EH4tBevEzHMmzRYcshkUYHKFQzptgZMbZ5KvhuuFfwcqQA8C01A1nZHYrwCoszo7r25jY9L%2BbqV03v%2F3i68mLlH3TWTzO0sH8GyYzUAX5mB4DWbbQsb4Vf1luF2ToHTW1vuyhhQOpmf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
cache-control: max-age=300, public
cf-ray: 7c4b18952ea7903c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/ 184 KB
57 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c6733fdbc08bb75f154508d9414199f89121ff4f7b1347699b338fb01fa81b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57768
x-xss-protection: 0
last-modified: Wed, 03 May 2023 00:18:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 08 May 2024 15:09:44 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
358 B 108ms
24ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://g37.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
173 B 340ms
107ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://g37.com.br
date: Tue, 09 May 2023 15:50:04 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 487 B
2 KB 298ms
220ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a9c33d5162cee7063044b2c49a79c299110752f61e312e27c22163cd15557e5c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:04 GMT
AN-X-Request-Uuid: 485f8c55-d3ba-4827-bcfe-2b06e8e7ef73
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://g37.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 487
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
257 B 103ms
13ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=146448&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:04 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://g37.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
257 B 104ms
14ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=166141&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:04 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://g37.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
257 B 103ms
13ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=166171&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:04 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://g37.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
257 B 119ms
14ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=166152&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:04 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://g37.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 366 B
1 KB 281ms
209ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

00b1ab7925bf1a7b66545f01c1d44d02d79900efe26f3afac50c3f5b598172db

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:04 GMT
AN-X-Request-Uuid: 8227ed9b-005b-4387-9334-bd2f01f179b1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://g37.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 366
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
552 B 215ms
96ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://g37.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
552 B 217ms
103ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://g37.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
552 B 329ms
215ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:03 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://g37.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 158ms
59ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://g37.com.br
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7c4b18960d45366d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 159ms
61ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://g37.com.br
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7c4b18960d48366d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 143ms
47ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://g37.com.br
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7c4b18960d49366d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
305 B 141ms
46ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://g37.com.br
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7c4b18960d4a366d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
583 B 268ms
107ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=9&alt_size_ids=8&rp_schain=1.0,1!denakop.com,10298,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fg37.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=939635fe-918c-4890-b32b-96736325ac26&l_pb_bid_id=345608f3671ea9b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.004316685386209329
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a21062c797f56e5087fe330b593a7c0835825e6d483e9da83f5078cc342350c9

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://g37.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 259
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
584 B 265ms
105ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10298,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fg37.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=dc2b6cd1-8cb9-4aa0-ad8d-73b51a485c1d&l_pb_bid_id=355c075972ab52b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.13365205163574423
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e5081454d86612e40a39d1173fee48d3d9fb6b776e66840de8385e1ede4754f5

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://g37.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 260
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
788 B 243ms
82ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=65&rp_schain=1.0,1!denakop.com,10298,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fg37.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=c36d0c7f-cb11-42f7-9a96-5a942bd973f0&l_pb_bid_id=36721838f02f2fe&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18289340194299886
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 865a9253f7a2302ece2061ce64b476ffc5906ecfcc44b7f9fe3913d71110d246

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://g37.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
585 B 266ms
106ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10298,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fg37.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=2b8e805f-ee61-480f-81b3-3c778c826c3e&l_pb_bid_id=3788456b4cb43bb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5267021107445808
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7a49dd6981ad19baa86a909298b2c1ca474b1845b24e14479dde564b2b22ebef

Request headers

Referer: https://g37.com.br/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://g37.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 260
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H3 204 rum Show response
www.currency.wiki/cdn-cgi/ Frame B46F 0
179 B 31ms
30ms XHR
text/plain 2606:4700:20::681a:442
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.currency.wiki/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.currency.wiki/widget/embed?wd=1&f=USD&t=BRL&cs=&d=3&tm=1683647156&lang=pt-BR
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: application/json

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.currency.wiki
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7c4b1895c9e4bb67-FRA

GET
H2 200 g37.gif Show response
adjs.media/hit/ 0
347 B 154ms
148ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adjs.media/hit/g37.gif?date=1683647404543&page=https%3A%2F%2Fg37.com.br%2F&ref=&tid=tid-3d8f54853.337419bb2

Requested by

Host: adjs.media
URL: https://adjs.media/resources/content/g37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 392b80b1-7c04-49a3-984e-a7c77defc6d6
x-runtime: 0.003751
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4q3ROF8pr4%2Bmx2z76MO5lgsVi9qKv19hLKJR0bULoZ4BCofp5fwR6%2F3QjzatuDSIpHBITV5A%2Bt%2FlCITDXbYBt43upgMSvQqdFuflsxu8ABVykd2sQae1DbPwJzMDbCKPPjr6dZEtaaTr"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 7c4b18968b1f6904-FRA

GET
H2 200 /
call.cleverwebserver.com/ 43 B
128 B 72ms
38ms Image
image/gif 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=52019&c=NL&r=null&l=920&b=Chrome&os=Win10&mob=0&v=1.40.7&ref=aHR0cHM6Ly9nMzcuY29tLmJyLw%3D%3D&ruri=&iv=-1&ctr=NL&sz=1200
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c4b18972c5e2c3d-FRA
content-length: 43
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 101ms
18ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=508162000946489&ev=PageView&dl=https%3A%2F%2Fg37.com.br%2F&rl=&if=false&ts=1683647404655&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.2.1683647404653.1669618545&it=1683647404220&coo=false&rqm=GET

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 09 May 2023 15:50:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 127ms
126ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10298&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=e&p=https%3A%2F%2Fg37.com.br%2F&t=1683647404689&cb=0.08331008001346518&aa=intext&m=Auto%20placement%20container%20not%20found

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7c4b18976eea3804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 127ms
127ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10298&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=e&p=https%3A%2F%2Fg37.com.br%2F&t=1683647404700&cb=0.8836517805677011&aa=inimage&m=Auto%20placement%20container%20not%20found

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7c4b18977f143804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 pica.js
www.currency.wiki/cdn-cgi/challenge-platform/h/g/scripts/ Frame 39C1 6 KB
4 KB 29ms
28ms Other
application/javascript 2606:4700:20::681a:442
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.currency.wiki/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

351937b82a2c29d3bb1001bf8232319288626dbcd71039b78c9168d1cf5c79fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0iJ2a5lIKZGmvPtvW01GuSiKIdqtbA2mtHUjGsPuTRuS8eJd9UU2994JvbJ0wnWt0UDMhkCLPJ%2BalsVKtI4EZ%2Bk5YKJ0diNZyZ%2BPsLKsHa35YKxeoDqC0gXpntsJNT%2FZK%2BBtUDsBhWER1AuNEJzN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c4b18977c71bb67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 126ms
126ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10298&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fg37.com.br%2F&t=1683647404732&cb=0.9389263425142536&aa=side

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7c4b1897af5a3804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 175ms
175ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10298&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fg37.com.br%2F&t=1683647404733&cb=0.03775323729543323&aa=under

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7c4b1897af5b3804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 123ms
123ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10298&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fg37.com.br%2F&t=1683647404733&cb=0.47763902120955315&aa=top

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7c4b1897af5e3804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 31ms
29ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=g37.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 28ms
27ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=g37.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
20 KB 355ms
354ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3673824616139106&correlator=2176944865528290&eid=31068366&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fifs&iu_parts=21715141650%3A22664157990%2Cg37.com.br%2Cdesktop_side%2Cdesktop_under%2Cdesktop_top&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=160x600%7C120x600%7C120x450%2C970x90%7C728x90%2C970x90%7C728x90&ifi=2&adks=1346253794%2C170934107%2C3857769147&sfv=1-0-40&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dg37%2Ccom%2Cbr%2Cg37.com.br%26pathname%3D%252F%26placement_name%3Dside%26secom%3D1%26tier%3D3%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dg37%2Ccom%2Cbr%2Cg37.com.br%26pathname%3D%252F%26placement_name%3Dunder%26secom%3D1%26tier%3D3%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dg37%2Ccom%2Cbr%2Cg37.com.br%26pathname%3D%252F%26placement_name%3Dtop%26secom%3D1%26tier%3D3&sc=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&abxe=1&dt=1683647404755&lmt=1683647156&dlt=1683647401900&idt=2390&adxs=0%2C0%2C0&adys=0%2C0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fg37.com.br%2F&frm=20&vis=1&psz=1600x16754%7C1600x16754%7C1600x16754&msz=160x-1%7C970x-1%7C970x-1&fws=512%2C512%2C512&ohw=0%2C0%2C0&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b5635f4bf43e0a24ac24f19054d7a7c2f0a76e038276cf160491c79f9a205f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20472
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://g37.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CF93 6 KB
3 KB 119ms
26ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:04 GMT
expires: Wed, 08 May 2024 15:50:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/ 151 KB
51 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d23473bcc89d3dd2c81bea8c73a5b4c7eeead1dce1b7fb3ac1ff8dfdd5fb2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52374
x-xss-protection: 0
server: cafe
etag: 16978876783460126563
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:04 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5B87 19 KB
9 KB 522ms
522ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3442124017&pi=t.aa~a.237511901~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=3&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0&nras=2&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2TgFHOqYfA&p=https%3A//g37.com.br&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0405772d5591f91c49ea3193dea5865f3573ad206b0f21657f8beabc42a3b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9144
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:05 GMT
expires: Tue, 09 May 2023 15:50:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 05C3 436 B
238 B 510ms
509ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3186548570&pi=t.aa~a.897594617~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=3&bdt=3122&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250&nras=3&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=B4LssDECZI&p=https%3A//g37.com.br&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88ec6678578572c52d64e8e106e9051d379bc178e108539374c14530b7431cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:05 GMT
expires: Tue, 09 May 2023 15:50:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 672F 436 B
235 B 739ms
739ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3416437488&pi=t.aa~a.1794496191~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3122&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250&nras=4&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3095&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=jobkHkVD9F&p=https%3A//g37.com.br&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a553be9e39efefaa2561864f98d6e3cac6a5083aed2915f35eb4db030869f11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:05 GMT
expires: Tue, 09 May 2023 15:50:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0BF3 105 KB
37 KB 612ms
611ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15234d123832ed49dc2ad298e70fdf00b744161aa31ab600fe18f3bac0fbb9d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38091
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:05 GMT
expires: Tue, 09 May 2023 15:50:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3D7 436 B
236 B 650ms
649ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=4145752843&pi=t.aa~a.2342164841~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=1&bdt=3122&idt=2&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250%2C305x250&nras=6&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=4677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=K5nqxETwZd&p=https%3A//g37.com.br&dtd=31

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7437e71649e432f5be08a376c0b08eb0901eb656d9f665d4c1c6ce55fb1064c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:05 GMT
expires: Tue, 09 May 2023 15:50:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B46F 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 018e10b5b0a2934f9305885806e671af8f1f66ad6efee6af2d508227942b0a37

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B46F 535 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d24628c01669011268da9e920146b99d3d1687aa0efc5445595116b8a2ab380

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 7c4b188c3c57903c Show response
www.currency.wiki/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 39C1 2 B
635 B 40ms
39ms XHR
text/plain 2606:4700:20::681a:442
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.currency.wiki/cdn-cgi/challenge-platform/h/g/cv/result/7c4b188c3c57903c
Requested by: Host: www.currency.wiki
URL: https://www.currency.wiki/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPtt8sj1f0zCva0jlTDbd%2B6uhyO1AF%2BUHP0zakrx806aVQ3SODypBp2vmjG4TnbXDD0qv399PEHqHnf7mAFRfBrRR6e1JFoIOu0HLYB7tloOI8XUFAdfA3xOnMU7tcO1KlEPpck0kWfvJJPw6Uhm"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7c4b189ad913bb67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 container.html Show response
d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9C92 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:04 GMT
expires: Wed, 08 May 2024 15:50:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0335 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:04 GMT
expires: Wed, 08 May 2024 15:50:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F2E 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:04 GMT
expires: Wed, 08 May 2024 15:50:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 arrow.svg
tags.denakop.com/assets/img/ 1022 B
1 KB 32ms
31ms Image
image/svg+xml 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.denakop.com/assets/img/arrow.svg
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c600119468acb102f4e6e3d790eb6039839b2bfed1a4453fba41c2ce40419bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Jun 2022 21:26:09 GMT
server: cloudflare
age: 2511
etag: W/"62b23771-3fe"
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=UTciDUzsfDNhWA9mZ1eobGAfD8PFAhCcAUG4M6PT.44-1683647405-0-AZOs5pMngcbL-z9JRurKt3vSZtIgLHx-lQzzH6Q7itJqL-f-QFmeXHDl3WFcIHrNrO6ttAtQKbc9fBHRarY4ZPH7MA_iuCHBrj9blD34mYx74ty3EO1sT_QxywLc-xgfSRveLgUvPkjAs_rg69951yo0IwHqE_mjt9D3iGW3Br-L; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=UTciDUzsfDNhWA9mZ1eobGAfD8PFAhCcAUG4M6PT.44-1683647405-0-AZOs5pMngcbL-z9JRurKt3vSZtIgLHx-lQzzH6Q7itJqL-f-QFmeXHDl3WFcIHrNrO6ttAtQKbc9fBHRarY4ZPH7MA_iuCHBrj9blD34mYx74ty3EO1sT_QxywLc-xgfSRveLgUvPkjAs_rg69951yo0IwHqE_mjt9D3iGW3Br-L"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7c4b189b6d0d3804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 262 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 / Show response
www.facebook.com/tr/ Frame E9D4 0
68 B 19ms
19ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://g37.com.br
Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://g37.com.br
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:05 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=g37.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=g37.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/ Frame D21B 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 44214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 03:33:11 GMT
etag: 15057649708203361565
expires: Tue, 23 May 2023 03:33:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/ Frame B8DF 10 KB
4 KB 19ms
18ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 44214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 03:33:11 GMT
etag: 15057649708203361565
expires: Tue, 23 May 2023 03:33:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7F15 624 B
242 B 61ms
59ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhDL7aGYAxjgx_rdATAB&v=APEucNU51RsDUUEvNx7astmJr5JWwE1ZbfCqRNSv1KNl-nL7PevbbSBDxTMltlruQvE9OHF8plMB9vPq5CawdXkFs4-F_OcV_i6D99CcYD7j4tRiI4JMJprSoqCVc1gn0lQNyvsCy93c4WufaWORTErOO4pDSLghyeNjcMHAdJx6SFLvPCvIlSY0T153X6QAkq76HzWSuv8WSF4OT0uv3fwLpCetYnbJSw

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9C92 78 KB
27 KB 161ms
159ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C92 42 B
63 B 123ms
120ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DEGUJgyZ42boaA0u6fzKEuq1iDVrj4Y7Bg-yH2K7Jlz9qlL2l3F8LEAPzVWuq6lYNkwKM43J8tDmrlRU1d0KUiVP5rPrVekM9YgFa9irNzP8dKSjU

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C92 0
20 B 124ms
121ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4181980834106756360&x=1&ct=76

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 9C92 3 KB
1 KB 86ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/window_focus_fy2021.js

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 13:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:29:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 9C92 19 KB
8 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 8677084837583379376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:47:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9C92 0
0 28ms
24ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-22MqHQTSNhqFC9vPdXWXB3BJ-0kdYbaZbXGz0DvrPaSVvZ5HKiKsZbqMIqKN_dfEV9W8bAqK46kgLq-tE8u0CNu5cg
Requested by: Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C92 169 KB
53 KB 146ms
85ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53510
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683545318771348"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A01A 624 B
242 B 65ms
60ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYgfS4ygEwAQ&v=APEucNU3GFlGZXfv-prOvDTYUSCXDiVFqm4VKYgb0Ay8mPfy28yBCib1f2NMNWtgugcjPAdZrGX6xn1ebCs_7-qklkeZU-9z6J0kgiJi4HMaBqRLbUXx5LNvbhWMvE4NJQ2Yfl1TQg6d3STH7NgiasfRMWCDOmT37e7zKSqACX0O3R-B_Wt1ZgfKNyDC14oiSrUMLbLm4hvvtBLEBRPYCbaaVdudEilUuQ

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0335 78 KB
27 KB 259ms
259ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0335 42 B
63 B 127ms
124ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DJZCZTT0XvRpLoGRTj_GaS-UuaRJD2Hw9m2s8Sjr6sEpP5hvV19lAv3T3M0GJqYlqDZHujRKAYNFKeHn9ypUJy0GoIEL3yPMrhO_Qy6f-tOlFm06A

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0335 0
20 B 128ms
125ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2352389826938446228&x=1&ct=76

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 0335 3 KB
1 KB 84ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/window_focus_fy2021.js

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 13:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:29:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 0335 19 KB
8 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 8677084837583379376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:47:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0335 0
0 28ms
26ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTiVQG8i6qjVIRHiOgXh7ik66twigTq68RzBi39PcbtAdK8-y0-ix1YXQgf1Y9WfnMSOzNgDqmJOYTLtES8bOmP6iMtg
Requested by: Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0335 169 KB
52 KB 196ms
138ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53510
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683545318771348"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DC58 624 B
242 B 65ms
62ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYgfS4ygEwAQ&v=APEucNVVWwdqLZ6tyrwSv3QQ08AtNnR50dZnoLYyeBTG22cGMqb7jQNBn2lsgz0QfbLj35HkOtAYuuGkUB6FZnPJQ33PZ-hjynugaia5RXtTcclglmgOqSom9pzONEDsBzj5Z2VjGoUMVBU96nRGrD8cT0bQ6uN45h-C7h_XmJbe7kAPcnP2TvzJXLeFMlOjUxmb22n7fCjZophaghpkKb84Kvck9bdT4g

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7F2E 78 KB
27 KB 257ms
254ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F2E 42 B
63 B 127ms
123ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CUYvyoq8lvZl0kezEuJOZ8R5JVJw31E9rwqBLCNDNxNPMv7DicC-0vE8lVgLMpGgf-Do05HlM7UiPlkuQYXSCSqXzrNquInAXKmjRgxjbluSp5Vog

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F2E 0
20 B 128ms
124ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12552198611907960602&x=1&ct=76

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 7F2E 3 KB
1 KB 77ms
38ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/window_focus_fy2021.js

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 13:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:29:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 7F2E 19 KB
8 KB 61ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 8677084837583379376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:47:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7F2E 0
0 29ms
26ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGRbGVccZvkABBso2kJ70ezU1j1FD5kPoBTpJf5rmDYTZB-0EY2BFBmnxkRfMHp44IDcoa1Hffx-3EntYeUc3EgXrAcw
Requested by: Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F2E 169 KB
52 KB 171ms
119ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53510
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683545318771348"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D21B 9 KB
1 KB 30ms
30ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb4c9bbeed2aa7fc0461b59147e4ad09841b9309030f8a22ffa8a2e7296e2ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:04:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame D21B 2 KB
845 B 19ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 15:04:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/ Frame D21B 22 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec25a2a97a622751d1ec7a9f41e37b52e978d5482fa38c16391f5ce1eb732c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:45:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 9540740394202920180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:45:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame D21B 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 13:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:29:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame D21B 19 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 8677084837583379376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:47:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D21B 169 KB
52 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53510
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683545318771348"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H3 200 fe5bb951bcb64b0813d5b031a6a87c6d.js Show response
www.gstatic.com/mysidia/ Frame D21B 32 KB
13 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe5bb951bcb64b0813d5b031a6a87c6d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13644
x-xss-protection: 0
last-modified: Fri, 05 May 2023 14:26:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 15:56:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B8DF 4 KB
705 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:09:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame B8DF 2 KB
799 B 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 15:04:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/ Frame B8DF 22 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec25a2a97a622751d1ec7a9f41e37b52e978d5482fa38c16391f5ce1eb732c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:45:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 9540740394202920180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:45:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame B8DF 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 13:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:29:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame B8DF 19 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 8677084837583379376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:47:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8DF 169 KB
52 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53510
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683545318771348"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H3 200 fe5bb951bcb64b0813d5b031a6a87c6d.js Show response
www.gstatic.com/mysidia/ Frame B8DF 32 KB
13 KB 54ms
22ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe5bb951bcb64b0813d5b031a6a87c6d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13644
x-xss-protection: 0
last-modified: Fri, 05 May 2023 14:26:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 15:56:56 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7F15
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6HGVAsnXV3Y7NYcxXUXP4&google_cver=1

43 B
632 B

32ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6HGVAsnXV3Y7NYcxXUXP4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhDL7aGYAxjgx_rdATAB&v=APEucNU51RsDUUEvNx7astmJr5JWwE1ZbfCqRNSv1KNl-nL7PevbbSBDxTMltlruQvE9OHF8plMB9vPq5CawdXkFs4-F_OcV_i6D99CcYD7j4tRiI4JMJprSoqCVc1gn0lQNyvsCy93c4WufaWORTErOO4pDSLghyeNjcMHAdJx6SFLvPCvIlSY0T153X6QAkq76HzWSuv8WSF4OT0uv3fwLpCetYnbJSw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6HGVAsnXV3Y7NYcxXUXP4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7F15
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFprrW2LUVt48dcKqOYnBwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1

43 B
632 B

23ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhDL7aGYAxjgx_rdATAB&v=APEucNU51RsDUUEvNx7astmJr5JWwE1ZbfCqRNSv1KNl-nL7PevbbSBDxTMltlruQvE9OHF8plMB9vPq5CawdXkFs4-F_OcV_i6D99CcYD7j4tRiI4JMJprSoqCVc1gn0lQNyvsCy93c4WufaWORTErOO4pDSLghyeNjcMHAdJx6SFLvPCvIlSY0T153X6QAkq76HzWSuv8WSF4OT0uv3fwLpCetYnbJSw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7F15
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF1lNODqHR6OBx5pWuc6XmY&google_cver=1

43 B
1 KB

42ms
19ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF1lNODqHR6OBx5pWuc6XmY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhDL7aGYAxjgx_rdATAB&v=APEucNU51RsDUUEvNx7astmJr5JWwE1ZbfCqRNSv1KNl-nL7PevbbSBDxTMltlruQvE9OHF8plMB9vPq5CawdXkFs4-F_OcV_i6D99CcYD7j4tRiI4JMJprSoqCVc1gn0lQNyvsCy93c4WufaWORTErOO4pDSLghyeNjcMHAdJx6SFLvPCvIlSY0T153X6QAkq76HzWSuv8WSF4OT0uv3fwLpCetYnbJSw

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:05 GMT
AN-X-Request-Uuid: c62bc322-c6a7-4cde-9974-7d4321dd4308
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF1lNODqHR6OBx5pWuc6XmY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7F15
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D

170 B
243 B

30ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 May 2023 15:50:05 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 211597d6-a7af-4f59-ac59-af99805df9db
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A01A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDzTljw9SZwcS3L0ZkLKSjo&google_cver=1

43 B
632 B

31ms
19ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDzTljw9SZwcS3L0ZkLKSjo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYgfS4ygEwAQ&v=APEucNU3GFlGZXfv-prOvDTYUSCXDiVFqm4VKYgb0Ay8mPfy28yBCib1f2NMNWtgugcjPAdZrGX6xn1ebCs_7-qklkeZU-9z6J0kgiJi4HMaBqRLbUXx5LNvbhWMvE4NJQ2Yfl1TQg6d3STH7NgiasfRMWCDOmT37e7zKSqACX0O3R-B_Wt1ZgfKNyDC14oiSrUMLbLm4hvvtBLEBRPYCbaaVdudEilUuQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDzTljw9SZwcS3L0ZkLKSjo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A01A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFprrW2LUVt48dcKqOYnBwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1

43 B
632 B

25ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYgfS4ygEwAQ&v=APEucNU3GFlGZXfv-prOvDTYUSCXDiVFqm4VKYgb0Ay8mPfy28yBCib1f2NMNWtgugcjPAdZrGX6xn1ebCs_7-qklkeZU-9z6J0kgiJi4HMaBqRLbUXx5LNvbhWMvE4NJQ2Yfl1TQg6d3STH7NgiasfRMWCDOmT37e7zKSqACX0O3R-B_Wt1ZgfKNyDC14oiSrUMLbLm4hvvtBLEBRPYCbaaVdudEilUuQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A01A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF1lNODqHR6OBx5pWuc6XmY&google_cver=1

43 B
1 KB

21ms
19ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF1lNODqHR6OBx5pWuc6XmY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYgfS4ygEwAQ&v=APEucNU3GFlGZXfv-prOvDTYUSCXDiVFqm4VKYgb0Ay8mPfy28yBCib1f2NMNWtgugcjPAdZrGX6xn1ebCs_7-qklkeZU-9z6J0kgiJi4HMaBqRLbUXx5LNvbhWMvE4NJQ2Yfl1TQg6d3STH7NgiasfRMWCDOmT37e7zKSqACX0O3R-B_Wt1ZgfKNyDC14oiSrUMLbLm4hvvtBLEBRPYCbaaVdudEilUuQ

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:05 GMT
AN-X-Request-Uuid: b867ed13-cebe-4eca-93e9-82300c588438
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF1lNODqHR6OBx5pWuc6XmY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A01A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D

170 B
232 B

35ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 May 2023 15:50:05 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 385c6f24-b794-4b22-9eaf-2d2be6a4784f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DC58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDzTljw9SZwcS3L0ZkLKSjo&google_cver=1

43 B
766 B

22ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDzTljw9SZwcS3L0ZkLKSjo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYgfS4ygEwAQ&v=APEucNVVWwdqLZ6tyrwSv3QQ08AtNnR50dZnoLYyeBTG22cGMqb7jQNBn2lsgz0QfbLj35HkOtAYuuGkUB6FZnPJQ33PZ-hjynugaia5RXtTcclglmgOqSom9pzONEDsBzj5Z2VjGoUMVBU96nRGrD8cT0bQ6uN45h-C7h_XmJbe7kAPcnP2TvzJXLeFMlOjUxmb22n7fCjZophaghpkKb84Kvck9bdT4g
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDzTljw9SZwcS3L0ZkLKSjo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DC58
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFprrW2LUVt48dcKqOYnBwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1

43 B
766 B

21ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYgfS4ygEwAQ&v=APEucNVVWwdqLZ6tyrwSv3QQ08AtNnR50dZnoLYyeBTG22cGMqb7jQNBn2lsgz0QfbLj35HkOtAYuuGkUB6FZnPJQ33PZ-hjynugaia5RXtTcclglmgOqSom9pzONEDsBzj5Z2VjGoUMVBU96nRGrD8cT0bQ6uN45h-C7h_XmJbe7kAPcnP2TvzJXLeFMlOjUxmb22n7fCjZophaghpkKb84Kvck9bdT4g
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DC58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF1lNODqHR6OBx5pWuc6XmY&google_cver=1

43 B
1 KB

35ms
35ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF1lNODqHR6OBx5pWuc6XmY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYgfS4ygEwAQ&v=APEucNVVWwdqLZ6tyrwSv3QQ08AtNnR50dZnoLYyeBTG22cGMqb7jQNBn2lsgz0QfbLj35HkOtAYuuGkUB6FZnPJQ33PZ-hjynugaia5RXtTcclglmgOqSom9pzONEDsBzj5Z2VjGoUMVBU96nRGrD8cT0bQ6uN45h-C7h_XmJbe7kAPcnP2TvzJXLeFMlOjUxmb22n7fCjZophaghpkKb84Kvck9bdT4g

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:05 GMT
AN-X-Request-Uuid: af0d790c-485e-4cb5-9f42-b04dc7959b37
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF1lNODqHR6OBx5pWuc6XmY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC58
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 May 2023 15:50:05 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7135c539-cdba-4811-b267-e212b152abc2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B87 42 B
63 B 122ms
122ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DajbSg9MYRoHZ6pfGFQSWr5Xm0KcBq6WBMu8e2tzmHYEqF4Ki7UPjLMmSbxe1sQHyem9IhUDr1EdEDpMEOgRMpEvBb5_fT5mDjq3mIlxSkcOtkhqQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3442124017&pi=t.aa~a.237511901~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=3&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0&nras=2&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2TgFHOqYfA&p=https%3A//g37.com.br&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B87 0
20 B 123ms
122ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17737131163380317068&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5B87 78 KB
27 KB 92ms
90ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 5B87 3 KB
1 KB 37ms
33ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 13:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:29:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 5B87 19 KB
8 KB 35ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 8677084837583379376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:47:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5B87 0
0 30ms
27ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTo3bpDMpH8-DSoy7cGeb2F1N1okWQDWPJ9_J_5p6JJ5BnTIe0nM0SvxIJnKpN5TxMZRaMTYWpLji8VvCqPM7qkaalZbQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3442124017&pi=t.aa~a.237511901~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=3&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0&nras=2&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2TgFHOqYfA&p=https%3A//g37.com.br&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B87 169 KB
52 KB 89ms
85ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53510
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683545318771348"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B1DD 624 B
242 B 61ms
59ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDqxaqlAhjEyuWZATAB&v=APEucNWjaqmwWFq6fAkVM-unO-m-cm6n5VQbygQ6TZcarkax8azh5vsB4CseDdy4-XFgr7GStikNFaUgdghq0dmo-6MfKJ9ErOfPIu2kWLeoLpi9ryYbjhR6ntDyuG9ofweFPcV1PK5zarzjtb4juhgi3EHamFrG1oiIPkbdum05NEvjNQhQ4yE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3442124017&pi=t.aa~a.237511901~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=3&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0&nras=2&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2TgFHOqYfA&p=https%3A//g37.com.br&dtd=7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C92 0
20 B 120ms
119ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=879079930726&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C92 0
20 B 120ms
119ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=879079930726&version=m202301230201&ct=76&x=1&cor=4181980834106756600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9C92 82 KB
37 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cd7jS4GZKJvqle8Gp8wYxlpYoav6wWeHbrnklFG8eK2y_FDZgggs4EIdfn9p_6wWei6n0aMe8A-PVQRXWSRowGjVBBd4xsDmN7tSaqF4eE7mbQBpWAqcFRjwAYz0ZSvSt5MV0hRdKy2jTGUoAjX3-yDIue-tU5JNR1r9bJdpjlGsn6PbE&dbm_d=AKAmf-DkJHVKOnwzWTMhYYBu5qtlxkBJ-cKFH6hfizvSSv7xbJggS2FG4zzAQvZ_b9kPIBo6sFlOKa3jA7GreI4WNYiu2VgvcimhQj-_k_ybht67-dMQvWUlafJh8ZTNFUaW8n64rpgbrlUpe29g7JxglI8QX4mjC5mIKpvzmbd7qHG5Q_soHZUD5xA-xoriSCsqExhepbBpAb_7e0YZHj6dQbWNROLDVTUO94wYO59xKp06ACsHOhCG__ALK5A7Tswq5CTsl68uKrbwQcLu9h_iKdyuAJNzmtltYUnhZPfFAQanWBF0_2qqueJliV6rtJzqG7foTEz-GHGZJqPnorjjxR_5tdlWhMc-A4qvPtYdqApzL6alQCYLu4taDTgYzEmPNE2VQhV-JmJJga6f9n_VDNfEKmaGPdmXwjJSQTbceKYulf0x17s1E5TBSbzFpQNcZWzrKlloW1S-u5CxiAVq6aCZzEzVQs4QQr9tR3Y3GeipCxgFZQpzw5ovzGCHObYBfF5B3a14E9uBkaYR2psncZNwXfb22dXzvKZzZ_tLPy3o2iiHN6s2s_Fn3SxYmAg6wS6BM3UnFnryIHUqP529PMin8GQEnbdQs7TWiBRJ0NH3xlvAQtRm9RF4hFrCLzdPM4bjt1dveokfLlFX9s-101gd59C5YpVsRW4qm4teUn4rLseUVBjDp2_v3OlNT2ExxfxqlWRsXWJGBUuvFZY6UU-EaOQnFRggke6i7FsKfVGmfYjVifzeFyRFw0C3o-B2iQxSp_Vz7sjPmkNliD_Hxic9hv-X6Q8Vku-i80zgG6haB-NGKuyAVl9NnIUwAwlevvcxq2qODST4IrffEJ-yxGJA66XoHjqYClM9C_NI7sDstjjYE9C8JWE0V_Oue3Mrn39cyNKSW1HjVyqvY6FKEgfV6NQz0AQWPfuvHOLaXs8c9N5WNnhrQJXDjMUf1syNgdhOz9ZC6xFnZg4sn6FMswWgkQWapC2kpP07BCv6oRUqVXiz2Ca1w_1v_ZHUsOxMrHD6LfcZC5UuLCKrU4Zj_7CDeZ7lKIDxPUDIb_beO8lRErhAsAOxXnP96-R_cy4M3N9d44tBCUQFVbSKMnRiM8x4sxE8LpKVcYbyS7wjP4F3Cl4H_SRjwK9hAFaYO6TwtC7dv4Ugp0-3Wv7sI8QOgZbdsGr1dDSJQptabFGcXKNwzIai3QhPauvt96n27HtrFOOqbpPZtDwT3rX3dpYRlCAEmdLkGrDvvhxn8uMMoG7_wRfFqMQf3WYf5OsrVw0uH9AIPqYizCrxsTb68e_TCPIPJmBc08INjHqYK9xAYUnG0UPoz5ATiwm-iOC-2EehSmw6wVCoNAFyv2p1judjMS1rQ2wmGMJojY96ToyhxFZt9pu_ut6EmhwiKVYOA2eXMWiQKCpc7qtqhfZ2jMIBRiVpc40l7MM2hny1cm_p5sQ7AVpXG3tgOV7hPI7E6qk4_lE8zUnQJgNrgIpT8mP2WQ7rWp72c1eHRJLaLur514FGG3xxH0taabIkEV_LiARLypZcQIDVjSOnxRAkcf4gbWYBn3tzGDQ361APn8WvleacFdmNBVfzu1skCtnLGfZyF2cvz76mSQAcJwcFXdSXfRCveGhdQhyWj-7MZGOZo8t9rbEUkvSmmPFIP88MvLjWfhHJ4TRrhOSp1PLsM4bOfsjzf9bXA4NLEYBas4zA8Z47ocbnWCqRtJT13JKi8LWudmmsl_AmihIBjxT0uNNeVFw1hcslnDhB_BUwxRs3gpbJwf4sJapWkkR8Dv0vZJAAYJqndw46cNzQkbm2F9uizdPlh6PNZEsvlqR-2PaajKksQjArSNgVP5qKdd0bzeRoroUO8gKyqyQSLva5Rl6VlyOtpdtCXnC6642Rvaea67CsPAupSwsUClz9SW5Ww4qGDow8zz5sVwAfJs7DY1kxQZDptBeA3mt_fdBCBKsAEas7FckRRUR2F6m97tzqNq6MMip_-FH72EsDSgzJnfHHS8Z46y7QxvIa6VHDpK8eVZshtyEwr_SdrKY7dtZBQf1O86Rnp_AyUbnPn7SOUYnI_dUHGbJ_REUPv93MBVcE1HVSzlNonJbrWk5Bm3ISanMoTD9zfZB3YH87PnCSJAz09ca8XGLN7w6yXHp0LuHHqA6N3fIRfHGFTvXnApOTbkfBZFhkxaFhwnD0w09VmfYWX5F0pXsUvNpUeOmeScGz4suUn7H-hgZYy__EJmnrO249295f8P2wfBh2hsXWAG67PnTMYFLkoP15GdlxQDn_Tuu4GuJHJnOgmwXjT1eSQpawarEmuq_IwokhEWMhC1zXpXluNqxWMeONCfUmI55Pgkp2y-XPDqKxYe_tz-n9WAl1rY2gDVUq5YVf4kLK3xF1QhDE6Lv2sktOxjZMwSpEs_svNkl9ZouD79s9yxqv5Zeojt_lX5T342rml3QCWz6xeTgwYAd0YrWJ8-ezqp2XJMGFBfFo9XRQZRbhQWl0WOABezWAJqh3OM5tfnUEhGWB5XG8C7bLLXW--FDg0sGWmN6AODad0TEvpqtTLekIfZhFmUpzWCKNKQlHDPkp1uJWov3P6jdrNdHj_l8LeqYF2cuzl3NtJB0MpFTsopqTsJGbTU8fWIQumbqrfrVsG0CHbef75fiGKU6mkCq2kyhWL2831OcBOEdbuQmDQQLXYnIwT-6EQmh7ld362nf-24Ek9cOOmlvFhumWNS_obr9_u6IYwn2yT7RSMq_xwHEc1ZGI54JwKk1Lw0VBS2BYaPwyIN4sDq6OliZ-FrldSb_KfxrknyYAJ7s1Gu2mEM7DGXaAq4pKQWq3nfO8XUX3u9ucta9HMAaFb2Sxr6wKl5SYAYt_DNgJUoApyCXCu6QQUuexTai7WqWDbYU2iBRdpIx_YAagnPTOIaakQBlWGU0gC7dMTJ68KOI_MPm30WiQ3V0t_bJIuWmZkQKuQ5b9NNOAgynwDO1SUmHW8yCPHdKbhONQr8-9C6u22mDPCDFAWPptjGRcSHX2ngyWRj9VKm3Nv7ubOJlVo6DLRzJXL4RvnDS1vB3Mt4s6jqGFcv3Z4MQfOVJurpkt8-Yf4CIy8k04Race6aH5JyW7p4vAKehtLhiVEN0uQQrkrrUjtWFh7w0OKqyt7f0xk_IGMTNnkFtWXEGoJUvpCiwdKWyhHBsTBYJuOxM7C6YR02qdyWht4rJsmeeDhhDNeakGlGWQKALCvQdB66EEs3M8KPIYCMdlrEeGdHBkaQtQBds5vgjnchZPYSschwKryhH76l4h_3BCBpY0hgTbvrsqOHHhgCnA1rwxX2m3nD3UONlTakm9mB_x0R1kd3O-MEEY8kK9Ejpg8fzLyKHK4vxeu_8KSP3UldtO0Ld1dYXAhtknucPao_qm1MKqF3dckMfpW7VPyl2zOuIMqZZollmcc1pQBHgTNlsHTgq0Fb9DW7d3IOuzEqEml8OoFow3rwbsAfbprQVYG0LQTPdMfG5TFdL_Jsnm9yLZoqlp1OLrXaT2I5bIWMTtCRFmSAl148YqfFP178rx4c9YqXuCWJaungq9oIGZSLLIL696pxQg-vX5ct18vgQ3Q79g5S2IVyXzmpZwlR9QVX9OhpAU49iBn_IxZJApdFQonPFHEuRasJ_5zIJqo29wC2C2doQVJRapFyhrRzvQ-JeJ4y6g9IXFV86npM92apx8C6N4WXQ&cid=CAQSOwBygQiDDri9Ow9-GgbyWCWCC9DflCv0Z03eh4iNwCQlPnngndfOmU_XTBe2UCVtso7VQlGVG0jepDkBGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fg37.com.br%2F&ds=l&xdt=1&iif=1&cor=4181980834106756600&adk=943508955&idt=168&cac=0&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe2cca48ed6abed6497908b5ad92d87de2f7f68ffc8d583f47c66f6211d57f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37613
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD6D 143 B
166 B 21ms
19ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:10:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 0c3fcbd11d59311dee4fb2fc3914400a.js Show response
www.gstatic.com/mysidia/ Frame 0BF3 8 KB
4 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0c3fcbd11d59311dee4fb2fc3914400a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70e9da01afd557b6f75424e37f55925f31f8629fc137db92cc762865bb7b91fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 16:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3677
x-xss-protection: 0
last-modified: Fri, 05 May 2023 14:26:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 16:08:56 GMT

GET
H3 200 dbcafcdae286812aec38be95ec986b06.js Show response
www.gstatic.com/mysidia/ Frame 0BF3 9 KB
4 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dbcafcdae286812aec38be95ec986b06.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc6b4be08e6abb3eb2a11aa144bd219680b1ab1572ff7a51501fc717c380e5c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 16:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3910
x-xss-protection: 0
last-modified: Fri, 05 May 2023 14:26:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 16:08:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0BF3 9 KB
932 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 0BF3 2 KB
765 B 32ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 15:04:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/ Frame 0BF3 22 KB
9 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec25a2a97a622751d1ec7a9f41e37b52e978d5482fa38c16391f5ce1eb732c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:45:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 9540740394202920180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:45:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 0BF3 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 13:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:29:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 0BF3 19 KB
8 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 8677084837583379376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:47:42 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0BF3 185 KB
58 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9b55e1fad9c29de94a1b3a0ccce5881f47565e94eaaeeecf4594a111fd5b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683545318771348"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:05 GMT

GET
H3 200 fe5bb951bcb64b0813d5b031a6a87c6d.js Show response
www.gstatic.com/mysidia/ Frame 0BF3 32 KB
13 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe5bb951bcb64b0813d5b031a6a87c6d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13644
x-xss-protection: 0
last-modified: Fri, 05 May 2023 14:26:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 15:56:56 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B1DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1

43 B
766 B

20ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDqxaqlAhjEyuWZATAB&v=APEucNWjaqmwWFq6fAkVM-unO-m-cm6n5VQbygQ6TZcarkax8azh5vsB4CseDdy4-XFgr7GStikNFaUgdghq0dmo-6MfKJ9ErOfPIu2kWLeoLpi9ryYbjhR6ntDyuG9ofweFPcV1PK5zarzjtb4juhgi3EHamFrG1oiIPkbdum05NEvjNQhQ4yE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENHlsYGb_NMlwBIpay0KOso&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B1DD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFprrW2LUVt48dcKqOYnBwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENSOLJupKtl-8kIN8RsiS5I&google_cver=1

43 B
632 B

20ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENSOLJupKtl-8kIN8RsiS5I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDqxaqlAhjEyuWZATAB&v=APEucNWjaqmwWFq6fAkVM-unO-m-cm6n5VQbygQ6TZcarkax8azh5vsB4CseDdy4-XFgr7GStikNFaUgdghq0dmo-6MfKJ9ErOfPIu2kWLeoLpi9ryYbjhR6ntDyuG9ofweFPcV1PK5zarzjtb4juhgi3EHamFrG1oiIPkbdum05NEvjNQhQ4yE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENSOLJupKtl-8kIN8RsiS5I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B1DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENOnqWiKXb0wic6mzkrjkeA&google_cver=1

43 B
1 KB

23ms
22ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENOnqWiKXb0wic6mzkrjkeA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDqxaqlAhjEyuWZATAB&v=APEucNWjaqmwWFq6fAkVM-unO-m-cm6n5VQbygQ6TZcarkax8azh5vsB4CseDdy4-XFgr7GStikNFaUgdghq0dmo-6MfKJ9ErOfPIu2kWLeoLpi9ryYbjhR6ntDyuG9ofweFPcV1PK5zarzjtb4juhgi3EHamFrG1oiIPkbdum05NEvjNQhQ4yE

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:05 GMT
AN-X-Request-Uuid: 514302ae-7f61-49a6-bf66-1a776406d6ef
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENOnqWiKXb0wic6mzkrjkeA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1DD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 May 2023 15:50:06 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7d451e3d-800f-45c5-bafd-884309d8a3f0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3MDc1MjQ5MDcxMzYzMTkyOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0335 0
20 B 120ms
120ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8268915935900&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0335 0
20 B 120ms
119ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8268915935900&version=m202301230201&ct=76&x=1&cor=2352389826938446300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0335 84 KB
35 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3Mfx0ULF54OAfJMdPibszAHCd5ogR3WJdVmHRjbpHgGNuPwP1pC4ESdt7I_dZFP64NlVSBleh12FFurRxeDJgW8Rivw&cry=1&dbm_d=AKAmf-BNLOTcHGas1kD4B2RlJ4-HZwP6hamkkOfHpaIX8GaFtaRx3xDthaXIsVzjm3gdpf_jPMmrCD2iNOmtA1iHS7fYPUweATpdOpwjR0dLLD_7dQoq8JYA_GubTVlKX6b9fHthgoncckmwURSfNgA6yq_3yw6M_kk_2x90j68HvT6LLRek3475hYVtaTKLN5z9lEVXb26uA_N2tYa-Fn6Xh0CfKXkyncbBb4qLmLqtzR3Zjo1ix56SlmvKx6AQDkoToHuQiLoMgJTe3rVSjRB10IxyA3xDzIQh0mnlMnxIWE34xlUb6hjVswcmh5FTROUeOIs77jssEpEjdzpK7jTmazBJ6ushVc6RHdpQtv2ZdEzAqZ3jWMxAXXPGf8GMKEwU3F2CZVyyhuIWthIoYmvttQ1PhVoOqdBDzflEuXWPKWVlAuTwtRzbnEO7ywphdYV8t5zh7FWg2qJD1IntmkF_x0mdWq85Yfpndu61YXz5iRSgQxPwARniIn_9zRpaueCNh2BW-v4prtuXzxQQLsuAHLoFxT5o4rl2ZeVvptP2oJN-vaBXK1eoqRtwEoYauiVx6Y06hBq3QKT_6LMr5b7AkXUd1m9c5qOFcnhgc8twPCjIrkox8yOhoTJ5SG0edDvL6VqOZKnqr3x5xooEKoO9S3GeWCBa8CVLlNuhEyC8Z--HbVgIcJIrCEveiSVlEJMox5634evza3uG-SRsk9JTJx69oLjs-giAtBjWm-Dxu80raabi7uh4-VSquhN-EWAiuvJk5dzSxDT-sMjM9KtxWulwB-q9DmXnwMBDRZirvAGFDJTDIzc1sGtGpQUnls1ot3-AHmREBBBnVdQ_RD5QO_Nl8BjSdN1P2iMdqzHQbCkrWgo6iK19J8sgMPuboHkECLdi2_jm41XRuAuaqgmM8DctH6Eyj9yA6YNPcKrXCkMPGJrKwvKm-8pfEqRO-Czfa6F_SaRO255LPgdYsm-qQpCakSY3uIjGKAGuu8X3nIqwbrO2Q1_I9lx09CWQ_YVSYLJ8TS4ztEhEF7enAW9sgbu7j6cnCXfI8QTVSQqIua8jddBlNK26LdzDvp_DAVZgotnruib_nWaVYNxYq0RZaRjh8fqU-scSaEKfcHJUn4ZUKy8cYrxs-Abj9xcBe7LE5kn4WFHDCPiPG0E9tHjC1gyI0od2K3PrsQd-OOAcgG85SFFHhs0IvYR4dkMHLCXCik2OPyqylCF87ORZCe0XUupyhFWC8bhZsXpgqYIKX7hc67WaEUBS1unPZs_dYI76N55wEbfERAHTXUhcBBY0Bq2YDCAbDKFX6Zcl1jLc0Mrv4TTYfjHtlYIv4Celsnwz3J2O4RBHj9bVKsigReQPhO3jhtG6WP6A5TMxwLHE5U_E9hZ-_lYUM_wSIiWe-qn_iFh-iAkwVgqMMZrWfEU-pJVe5WjUwtZjrWupKW-xqOZhFgnKtv4rFjl2aP-xqGOT-P91m7qKkPq726UPfl5GZZf26LgySDcSNM_k3_yMXBTrnbAb-81oba5Brq0MX1iVPKdnPn8eoX9HdpRGzklehqnE9KCZ5y6fEa1p3mh_Ues9-SKfYcHvOQJIJx-0-df781e3cOPjyH6CF4RqXMx4LJkbCchf3jQtQizK-mIQLloEEevdIWsg1qhxX7-ijcaN0Vv6GTJiURIbvRy2usicQZVepaw_ekAVZQK_Z4QgIVlTpw-ZIzWHjB_q-qi-aA2KLjzdIkW0S0Q0d6s6ZvLCBj9R6zO-UYgir75ge66L_E79FKQLMREi0p5WDmfCFvew_w8gvh36PDG-lYEBWhBGM9fS48btnsKt2BI7eciJrfSu_IhFl4iSel5vGUY54ssyPkiwPOWhjtP7sH8JE83YB3jWF6ItezuRQRvg6gbp-4ZxaCdP9y03b3g-okj8HrZcV_6vUlIom4PIhWXofIE5P0pZ1fsXUm1kyyn66lZXNiMYbFygBOkeoT8GohhWN6TeHN6uHuvQ7_tlJzWL2K3BropAvdzvE9vicNDuyN8O15IMyb-z5HiNK10Pl0_ysO8_MTuxs-G4e8EOVMsMiVLkcXkzJru21srkGn_5viXs7fQQSLQeTyWs5_OZa44rPHBtZsee4j4Ca5YAYyCl4YyWVANAEOqggEjWPFEXfKJp-pKjfQqYpWX_IPG1T2yrZs67jTu2hjv1DpoGms_kGmkqaLiJbf11oFE6ogaRHv6di5IhnBtWyQp2tQUlnrQ1AV2_ulU9QQmvwk4uJad8x4oX37z7VVwFXIhaGtVZ9o1EKowTBIDaQQ0WtvPa1W1qgqeTQXFVy-86GKt8ipnuaIPZPrXUKBDqjY-Q2zHUiQZtY4rQbpQfFgu0KWqRTLWLI1Pq3Ebig-SC0UJyblvlcIT0Cs0D58himwkiZGh6Q5Vh0_n8s55_bItBi1q0V0VT0HbiR-kFoGH9Skbt7VD3XO9NvLvsUs5a-aBmNg57d09BNfjC-dmsGr74Keo99p_510jHLHDJgXWwRfRIMMvxId6duK1VvWPqfEKII69rmx6CvHTzXPkm6u8Pk-UrF3Zmr4JzYDycoVseOEXzeYJoPCWym7q23WyVnRmemLcmdWlMLr1fgko-h7lFyvYMXJI2AKp5m77cMS8D6Dp0dHB607SYhdY1rrQNlP1dR4l3GyfLFEq460tWZbemiN8L16XnOQmU15BllHmqLUxL9rs6DRmzqR2yU-3NI8FZtC_xu5jBSioSz8gqO2h1wMzKa_QJGaYmcawq4lWihYNzjiW8ux3q1D8yMh4xVjneGYJ_HbhNlGxXs5GT65pY6Ko5aFyQlsxGyzleQR6IWNJSr3fHjMMGYeqeMKJsK44CG6an9PPZc-2Npzp6ityF96Hwa98H4SesrxUbJBESejTnn4YmsaKYd8SRO8aTm5eu8uuZ612H_EB3uhftUgRkfPCj6RyhDFTNqabBD72XGTrNQeIUTokxFC3EbrN9aFBmloHKbYQd1QOIlAo_RLQU02l-KtYhzEBlAhP7jaJgaBwybioZGOKn4-NPwOv_MY-eurIGsuavHsQOaz6sCLrbZBB-OBqXMcaZENybjocZP3FvxqR74lkV8lRpK-ypkYOfJqlvGmK1HxjqBcVAgseP1DiHudR5qWCt49JNg6k8KUpLo-qXN_1-xFYs_gkOjmgqmKsd_2VIUayFzZivqujf1ozM5ZW0_vhMVJJOO2yXXrR_TXxJK6hAHK3ZnOZ01SdyPfetkZibAxvv6blXy33AGHqG3BlR7QtpiUaiqr69PJqpzTLA_c8GABoNNBuUBN8aopA_dxo5IsDmOIzR7wSPMYIUr02Y_1j2xqsvddtDeAX7ffjMortNUbTA8QXsY5QExZMz1BU01usJOXjFYcYrkqGZaBSgC36dNwhdW3dVLOgJojBh-tm1Iu1vYrYkpxZfUDN1ZBQ0qLh3GExqa41Pi6hgRCvjWYj9lSTCHF--g7b2xxUiZK80R55g1wW_icD8dtjGV82oz4UGdbrzGGs9n6MP9vxmDd0v8A8RkhGQ7OPjgY4-xAttoEGw607Rdx1QFu-orA9DaGym9VQDt2Y0k9oWJvmxJv72rbjGIFayUfMA1z0FD8giu-U9ZtSCb9hRbR88knFGdvvEU3qUVg7jP3rwcQ7hclNhWOtfAIii&cid=CAQSOwBygQiDDri9Ow9-GgbyWCWCC9DflCv0Z03eh4iNwCQlPnngndfOmU_XTBe2UCVtso7VQlGVG0jepDkBGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fg37.com.br%2F&ds=l&xdt=1&iif=1&cor=2352389826938446300&adk=3690638929&idt=264&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84061db469b393b3daa8200032128db105fc82046df6d2635f8c0b4536b05470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36083
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F2E 0
20 B 122ms
122ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9230631093014&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F2E 0
20 B 122ms
121ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9230631093014&version=m202301230201&ct=76&x=1&cor=12552198611907960000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7F2E 84 KB
35 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApPMslGR_vZQsCbX2BIunPHwj-ekcFrYRemw3_Bi6X1qgNiEWDtVkYhrsLEn4PYph8yyyI4wVsdPXAMo2Yyad7C-D8jQ&cry=1&dbm_d=AKAmf-Cq_951DhEw7oyXz83_5OiMdQoXh3LOaK_2m4WoKh87TygYIfz6iwp3Nw041h-7R1jR5f_3sfw1wy_4p0J9dniul2DYA868VWc2ppL-KdHAgDGcQqwcN80tM0ueG2y7SEMPLI95Uuj6myjX3nVoG1-GoTsfMGW2OExXymWrMQw3gCqLdCLTHpR3hj_Hd9_AuHKp5nptyXITAi_z741ERMsExfKhaf9I9MnZBkhlXM95Q5CUSCb4ZnZ_XaDpzpvSXYNUKszWgRAnwYzOCxRJ1ibj1AWKeNZ3uMKRYXIrktQDPl1jIYthn7p-02y5lKJfPtk4ZNjrdO5ULOmhiHro0n5cNfuKBKg9PjGLsI6-g8ri5t0mcgubLac2kpxBKX-pikgRr01edaCi__ZIdGBsCAu_KM4njIkvtEnvEn4GYLzNbIziSo0JpGs2AJhMTAwiwmowNFO1EJXzVEVIaMJlxD0kkiZZ8AjcMCr24hjPEhz3bx7MI2p4HpwMmPirMu1zVZoKfegOp76ow0mSRVI_5fM98rDdh-9AoA8dU7KP8cz7JIuvkIgver5mCTzx5YykjT3XtGC5iHxcboC2RISDawblFKmV6cQdTgQWnuiY9jjbsxXNiRg1P4WfOj9b7g8V7Gh8Cv3pgaGklN5sjWb1ki3cjbbtRpQ7rFVmaj6i1CUOobbkDo5L2PSkJ4nPk_y0mx6EzX0poBQf2pvQVlBaCVdZUGQ66nJ0agblgAMyQOc0OHwN0grlR4IfXGwLpYQkzGjtFxrMYEJG1w3FqEghr-VYSj7xb6BULbw63fmzSuyfkgbyyZAgwHXRaejTkqCtTPqfTJUzjXnCI9abk0jf6-xh__7O1rReS0HV1_iVBg2Dtbg4mKzsUW2ObfA8K7t1LW1OFiX8xlrYXB5Og7O75a1FcbEYaLWEUVrpVimkAB1WcHQKykFPcTgHlKljR9gPG3JlH0_yEYD3XSZABM6YzHhtHR_jxmTKxCVe6FdM33CYYsPtW3cmioeL2EqbNYmdKH0W9MOGizcfMSPpUQlhkgBEhlplALUVuM-ECR-vWi1O2RZbCNA-goVQ-zbcsJeETG2xkU21HWWfVySPQamApVci0hKL_vNryupDH3MTY1Vr1vimxQ2nK-5cKVuunbHTT_UzK2HduB4ydK16YysaGqy924I1t8Y7bqB3shsekaZFqiKgrUnv-xZhe6VSpcehyLSm9Tf2uVZdF6LJcStHhKmWFl99kU63es6QdnMgzHE7IoydmE39w9BSSJNNbaulhMvwtcFakIdVMMmSuwBNcpzDXrO2iZn5mpRu3j20_7ux5y9uOUvYdwufEg54N_CtZxzIPhUQ70Kwofq24qIpPBXR-12lv8-LDsHvhbeGtalzUkRcYZKa1q7yO9Nk8vDplsRxqfq-X9dmRYU4P_iQAhAfdRVRpz4kpXzbwceK4xGPpeyABuUP_xiXPS5T8Plv4b8-WjeBDVW6H5qIiTDnbT1zpEmNkjbUdbPcXMPhaNq33sZiPLV0gDzrmzFJaLEdGCCRLvVE0_p4adMLXVBPDnvGGZeeQOvxfgtFX8iP9MXyVx7-lNgPtjBpGZXxqz7rymCFePF4OO6RFMyB4gr8PIVyAD21jRPAFv1cUVxS8J_YdociWY6eajqDOwdaUti5KOIuf_ci4TNRUzfK2RsQHjgRVhqpqbCnxgE_0TrTiZ0b11srS_WNLKunSb1lvowpuk3OZQxN3R5IKx-qc5vAgvsmYzgOOa56W7AXEayePMQWl1TfpqZAdQg3KoCER3uXuPMBKamniPMPWXv60hrmHjvEeOlVuAPyICb-aW_8EXKvj5n8FCb9TKryUhObkGThqrqMfVOTYuKiw-BDpH35ZYZQu1VVAbbuezNK56cUQ7iLW9_UI8BIrp9J-GAP-f9YcxY2MbdA-aXHTxzIq12_MMUiv_ZAAz6kxMgqqd7k7z5bbqu14IlVHEhjjWBMnFN6bUSr-M03p4Wni6KtoUmv7W_1uk8BTWHxahF1h6vzEqrkhlprxP07KnuGp1bo-aTrebctgAg3vaPF623B4s_cOFKqS8UClZ1MdqHrsgHB-krCIatKEYsg36nc_MqymGGVeKVDDMAEa76SJsxBuI3rgZZLGU2AGYkzr1CwVbIDUFuCdQ1887wuFx_CnjUSLislgz-N7Q0BYVz1zAYqR5-yvd0sQlEJe7yYfdGLK-VvTaPj9dwgngCy0umGKqGsdmyWVqTp7rZYeGwLg06cODzVxd5_iuA8M6Hfo2sPGLDFe9N1fRzAHkUaj7Lcg9i-CKZA9fnIs3AGR3saihRXEzuYkGwbH7tvu-dkNJeDWdshY9LDDeddMFo19cYz1QVHeaLmqTOvoHn7Dpe4fzUrrIuZQ5S2-k6J73uEwqpb-1X7c7DQHtUq32ej7GAzMLjXoRNaWr50wgVs-vtYyu4BUW0oWmd3RXEW1IdlaKcgjt5ctxDV3LHTa3w45QsDfIQgk2DBst_WwtWvJYrkgCDWlVO0C9oymp_qd-R_wYzHxCUrXWlR8hTxQAD2tszQzDDxpTKdjF8ZpGrfaIsfBvygC0TDCYjlpcL0M7O5rv0sifgkFaoIDpL5Cff7QteJs303t0t-1evigqt2IcKPk9zuiLVvWNxtjG1Pqo6Yp2yhj6GwdzxAZe2H2_3zpKxSrQCv-qpMbwu_6LoHL6OgxMTm8t9PsOVyAreBY4RJiQAzxsLYo6TMeFk5PyUxDa-Uc6uWBBuSE770TjBknGhmm6dJndnVItG3iIEaR71SREwaOqmCWEdH81ZyZoNF-uh7KoZ1jiIrhluVqr73LSFx93-OCsgt7KbNb0ma5mIjionq8HbFiPEgntRQgSa0lgEu3t87tz-N2AJfRD_qlss8PsfI67IwOAthRdnvPVZenKPcKpKaLHb_dwDElENeVt1TXURI2EgYpvaZSMDa2PuxC4qwjVEnvjf-ie-Ngz55J34MjSlB35kIFi7J6R71SAUowNszabZXqkG0biV64G0xo1EtO_pqH-Pnvh_-mL9TMNCyZAX7GGoGvQ3mR9M4u7P3zOuMeM8iziFkXX8MNK9CXgd-Wv4PTSHAvSr2sCdkwkO8H5TDA_oMFGqUvHEK3spRouiPtKZR0jBsoqfXhTOrMijCyFoCjBuVNKIux4tHX_CbG8ObcVvfKCjXIi6RxMOTWg2YCev-E6oZuv9OSjwoMeb72EAi71WS4Sv-B53xNIBOhEPKqVNbkUgeVEMZyFo5GhM8jLOrQEUo_3WCX8k2p2wXk6ocVEdaKLi5aVSC-fgaTy99NXEAQr1wuWVGxvaCA3nq7udaxIYPnLS1rFcUexlU3JyUiz5nI48zz8iWNPpyLfGAYkz0sjph1w-NbZXZUKeu4oppmbyUnmltECteDDbSzrqLICr5G_NPjq11Sr9OB5wha1zYWSXj-7JEYanLM7Zv7NRBaOHyM9Yagj7WV0nPZNogQf9GUp7D3SYPyX30FQW4G3S9VA1FXbLzodgHUHow32lwzumRG5za8jcLYAS_w7qNgPDn7Pi1DkwmAuAM2ZnBX1D7AIUL2m9V7eWdIPvP66iteYfCTkgY_YylHMQK5XE9UoA2YcIAU_vBGv_xceCgPdKRsc3apuzY28_AGLj5IcrzyMnzx9IU&cid=CAQSOwBygQiDDri9Ow9-GgbyWCWCC9DflCv0Z03eh4iNwCQlPnngndfOmU_XTBe2UCVtso7VQlGVG0jepDkBGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fg37.com.br%2F&ds=l&xdt=1&iif=1&cor=12552198611907960000&adk=1033480531&idt=265&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90bf31d845ce435bd2e03aac949e5267dac8e942f70374b1c4ff6cc5e4e51462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35894
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B87 0
20 B 121ms
120ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1649905864245&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B87 0
20 B 120ms
120ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1649905864245&version=m202301230201&ct=76&x=1&cor=17737131163380316000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5B87 74 KB
35 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUTwS3pgxF-oPTEpN5VrapJeZ0c39ABvBjgcrSt7hMduxX-gQ5lfJjWTl6vtwjnplukHTqOHy_v1H0vMb2eH_c7S_fmw&cry=1&dbm_d=AKAmf-ANV30h5EX5X-N6YGUHudM1E2ojpXg9-OMlISFVcoUr1rOJd2iKL2KLnezjNCgzgu6PkndnYYRCZVG_EO8FEybLzGkbWPHmipKJus_GC61tZ2qFucTq8ILP1MBL2jpZgtkBpPTFLLjZL_tuhZE4I8mtEz8tMrDEO9NUqfLkODZBX-3dHI0d5a7UoPh_sxH3hqm46sgCJuygUwW6BwCQ_eNNaA0AKmfm7VhWeuhJkailxjPPshBEn4U68asZOBTQF976AwgHQsn7p85-LDxgy8BnGp9G6A1xorsmmPIqcoExXRjKMazQPr-y9Q7f2GsVtoye__yYAxclXphD-6Hn8WZlhDLDCTVnEbM-cX_vcLQAvAarcNT4Y_peIp-PQeZYF0EzzLM-eLqOBkenCeqhNih1Rq_yrg4SqMPgPYTruWscZf3tzUFQkISuDpRPafUMySSW937VCt-ltCSPIUzDkzHTA7EMWdkOlc5BvZy7LV3P8uZ3u7qIXx3daoS1279wH4xZFa2A2DCFPVLdNhAyJpep23o4ekml-53RcIVBqlWCNMIjT6ZE-2prm0JuyPNCtVDe_-_DYczfw0_Upo9RbbmGO-LF9vQd2wlkqASWIYUhJyJVyZtLmPlH_qLOqBFrSixETnhXjgUisPvQIEuHaLckPKvPUFYIAghwfeGMRmFLdAS27pVuGnExQNxOabl3ZZlu1JA-tJQ_H0QbDGECZUK4KF9pIt29pMQ-3ypF9xGsW1h8TwE1NWKZeUGdXZ1HqEhs0yy56euABBcFmAJ7SSgan6F705a_oRwp9bXv9si9KBb91-7T8VSqNAGutGmXM72c0GHlCgYSScSu7rSuUuUVDgscUCEpevXWU_2cVEVIWEEeCBM7dFp6A5zvoKvLVWSs9Dk2Tp8ZW6SBXYKfRzAhbIHt84Z1eNSedqmAeMh3qhaamXGNPMGc8u8zNq6PfZCdsmU6OxTActOw7QyBYU7QYB73RYh5aGz7HW6hfYV--XaxM258_x2HmBqltl4lMWx8LPZ8ZlaVvnoTPisCqE7E12kanRNR21au9M1TKmSPjd5a4HcQnVAopOC_jxcfJV5HYuz_kB3lmAYdVOc1hPi0vThSJw_iavkcnpPG99APxlshFvUxXpO57vgCxk2dIgvE3Eu1XkgEDolFMKkrQi4rww8spxFgNQ4GllvDt7bW7HErPu5or8m0oPRgBi5GXwf7SULldxVH-Qqugz-1c6a70C7dn_JZGwuYvww2FEKwk4_u1TF4s1vlMDoLTJh2YaKnt5Eg-HOgG0r2OruLBj4KtQx8zK1vclQ8_jZOUBoGQFM58UarhosMYFuvF4WmpbrhL5yuHX0cz5BCMG8kzROsCQDlY-veu5X6OnnH_9kn77CqN_d-TEIdE7twM_Ov--5ifZ5Lj5YUPcaVLPkz8bs9XN5Rgv2njtIMYldWXjOYoCtkp2Yv9TS_rAZM3bTZ5EyjmNC8n-j4j26FXmZUUb98FG4rmGHJjHV7KYifcSuelI_j9kqmCaCu35KDS89pYxK1rGSbpxnrg0SwjMZ5QuXyCFu9RGFuCrPUbLHpEc2oFwQgSIfBu5Av3TyWlTgiAKE5bNZRh5Lf1sa8VoETpdQQeDaWO-jJRxVZ423izhOR4gIRdXeNpkATYGT-dJdcJqT6Awd52OTliTIhE1PeuMiKBsiHWQ6GrEEFS6VNgfbmHtXpMY8OLQ18LceinwtNiU-cjUNe_mhsyjLYCCJOc4TVQoFkG-w7ubKYl_e0pEeQ5RdThb6ZpJvUL6aEuooiYFs8-nnSOnvv3qpyZ_1-qpEG9xOdF0Bz8RnOmEGHnse-OY1WBNgP0TQCH4MU1jfPvVlNY6dbwcLZ6vXiXcoCs7IaMkPTGPNq1HLeGxKNfZv0KFPxcr-7wueD6Rp1mRMMq4ZPdxAeghzOhMSCPq22Rl3a0Uo1xp2oT1QvuqoJf4pJikjuD6Nf4GEtRZGs_JNdLzNUf1Dn9e6BXCQIKwhePLFUKRDrTNHCTcroa5-i0EOfGChwfOT652QuvRAtRKmnhNDbTPHqh6tX975J9LY7gPtn5nYnpFxe7cUA97tYVFthOqy6GplZfO3UFgSYVbYZL3G2ykGpTXaynKE221bcEIqUfqf4nHpj2vGWzgyr8HxEooHvpcdEwtoQTN2_7-jPaylfSjs6vD0QreHqkBXGIoHdMhoFzzWVH8cu3pMRMov9M-2ZEdWQKZW9r-zrPVOL8rwDu8VoldNxyssHugwcM1V6JMYG-93ow8DyL8XoZN3R68XJk-nfOacCT8Q6oXn-tJAALUkVzu1g0PiQyQJBdp0D2r0lK_QJmh5RLDG5ePaXaXvvTWsN8oBsHyVHT39JCGccD76huTgeb4H4OHZpt3iPeI9OGG5zZQEjDmuApC3dalGXjny2EtcoBk1q3C2okascokekGZVdYmBJWbSvpHvfC6ghVN21FxOqo8f8475L1bQhduTC29JvF7SmrNSxLRI3Yfl7Dy-nrkU2m7czLeFoBlNqm56VaR12lr9xN2SVh9b2f6OZ9CDBZBKBnZdg3z76SqaBzTjMF1E8MFhK1hHjSaqhOnZm3kPpDbsygoBnIkM_pnShyPA8WSqvpiRoWsLU2y_HOaJI5X8EebCqtMfAIRSbNbRCKNmiyTeexS82L5JYYbai1q_WCXIL3W3XYhx1bQmemiiZOH4ZCosJ0ytOgqYKrErRXJR4KIxJRqHjpBFXOI7bCxwvuurMD7pvvul0gQR8s0CJMrx9GeUiR170_K96toAicjHsrsZHwE9kZi7IxspYxNMejparolB4SE736jUUmXwgobL_I3X_rVPmP2UG-fGaPTrMJVzBWYGLhZznT2vxxM9ehNpQNe8xzkexixcF1d12Ha93j8AwWNZcv9Ph8axZc8soZVw7va1ISSAslYjku-mOTy94i2EaPUvu9R8YXuaaXDd7DlUgX_zVrmhBaXT2pZtg3-DMIE5wPtnh-0DdPHINSh-4yBDC1Z9GiTW7GsbKZIede1Wlv0pAkeBsn_NiQTFFG0zh_PusYV518E7_xxAMq7bErmZEOh0jeewPO81RjGS9H2iKD1_Hidh3sNxCqasV7Og0is3p5hjUsst1hsRoxUwihmu_j0bjZZNVeKk6YxS9PFrawpmxu7NvoV34gqu9IpXHZX19IU_JxX5BTi43UDs9Uv_Rb09Hl_b8C0Ng19TIzkAUBB_Klj9Gx6Iz10Ac4H6y5a0uKV4W_eJ64HJQ8ZpDuxUQfYI2kpXotIy4q1DjsmNJVUz-9nJFYPYQiYtAHjZtuY90pzXwVC-gf5mFZ-jxG83EoOHBTV1PTVNZIbuob6Q9HjLOOt8avmY2w1QrEkMAuUSG_vF4r1WyqdzwEA-WJkHC_lowzZdstObswrc9m1fpedAv-5-2hlx-eLwemt3UU-WHpMncPeATiS4aLGQ2M5cL5qBAT3RBA7RkA-oEGX7lmQ_mh33089nfJBWTiDnkpDZi9wUn9ZLh-q09vftFmHMI7M_EQSrZLAzobD0pj_WE4QfURYA6rw&cid=CAQSOwBygQiDm6uhnbolthNc__YktTyUYybSHvyTt_gRZ7BpsxH7iMu4GnIQT4drduamhUI2WpyNGAbCvRhFGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fg37.com.br%2F&ds=l&xdt=1&iif=1&cor=17737131163380316000&adk=2228999115&idt=111&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b682c968688b945a54df07ead9b07dd939579c3f962ebe737901e9c0f381ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3442124017&pi=t.aa~a.237511901~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=3&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0&nras=2&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2TgFHOqYfA&p=https%3A//g37.com.br&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35660
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1128384/68656984/ Frame 9C92 244 KB
74 KB 125ms
32ms Script
application/javascript 52.17.96.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1128384/68656984/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=26643843&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=18537685671&bidurl=https://g37.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ilDeKgbpk9j9Uk4s14Tup3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cd7jS4GZKJvqle8Gp8wYxlpYoav6wWeHbrnklFG8eK2y_FDZgggs4EIdfn9p_6wWei6n0aMe8A-PVQRXWSRowGjVBBd4xsDmN7tSaqF4eE7mbQBpWAqcFRjwAYz0ZSvSt5MV0hRdKy2jTGUoAjX3-yDIue-tU5JNR1r9bJdpjlGsn6PbE&dbm_d=AKAmf-DkJHVKOnwzWTMhYYBu5qtlxkBJ-cKFH6hfizvSSv7xbJggS2FG4zzAQvZ_b9kPIBo6sFlOKa3jA7GreI4WNYiu2VgvcimhQj-_k_ybht67-dMQvWUlafJh8ZTNFUaW8n64rpgbrlUpe29g7JxglI8QX4mjC5mIKpvzmbd7qHG5Q_soHZUD5xA-xoriSCsqExhepbBpAb_7e0YZHj6dQbWNROLDVTUO94wYO59xKp06ACsHOhCG__ALK5A7Tswq5CTsl68uKrbwQcLu9h_iKdyuAJNzmtltYUnhZPfFAQanWBF0_2qqueJliV6rtJzqG7foTEz-GHGZJqPnorjjxR_5tdlWhMc-A4qvPtYdqApzL6alQCYLu4taDTgYzEmPNE2VQhV-JmJJga6f9n_VDNfEKmaGPdmXwjJSQTbceKYulf0x17s1E5TBSbzFpQNcZWzrKlloW1S-u5CxiAVq6aCZzEzVQs4QQr9tR3Y3GeipCxgFZQpzw5ovzGCHObYBfF5B3a14E9uBkaYR2psncZNwXfb22dXzvKZzZ_tLPy3o2iiHN6s2s_Fn3SxYmAg6wS6BM3UnFnryIHUqP529PMin8GQEnbdQs7TWiBRJ0NH3xlvAQtRm9RF4hFrCLzdPM4bjt1dveokfLlFX9s-101gd59C5YpVsRW4qm4teUn4rLseUVBjDp2_v3OlNT2ExxfxqlWRsXWJGBUuvFZY6UU-EaOQnFRggke6i7FsKfVGmfYjVifzeFyRFw0C3o-B2iQxSp_Vz7sjPmkNliD_Hxic9hv-X6Q8Vku-i80zgG6haB-NGKuyAVl9NnIUwAwlevvcxq2qODST4IrffEJ-yxGJA66XoHjqYClM9C_NI7sDstjjYE9C8JWE0V_Oue3Mrn39cyNKSW1HjVyqvY6FKEgfV6NQz0AQWPfuvHOLaXs8c9N5WNnhrQJXDjMUf1syNgdhOz9ZC6xFnZg4sn6FMswWgkQWapC2kpP07BCv6oRUqVXiz2Ca1w_1v_ZHUsOxMrHD6LfcZC5UuLCKrU4Zj_7CDeZ7lKIDxPUDIb_beO8lRErhAsAOxXnP96-R_cy4M3N9d44tBCUQFVbSKMnRiM8x4sxE8LpKVcYbyS7wjP4F3Cl4H_SRjwK9hAFaYO6TwtC7dv4Ugp0-3Wv7sI8QOgZbdsGr1dDSJQptabFGcXKNwzIai3QhPauvt96n27HtrFOOqbpPZtDwT3rX3dpYRlCAEmdLkGrDvvhxn8uMMoG7_wRfFqMQf3WYf5OsrVw0uH9AIPqYizCrxsTb68e_TCPIPJmBc08INjHqYK9xAYUnG0UPoz5ATiwm-iOC-2EehSmw6wVCoNAFyv2p1judjMS1rQ2wmGMJojY96ToyhxFZt9pu_ut6EmhwiKVYOA2eXMWiQKCpc7qtqhfZ2jMIBRiVpc40l7MM2hny1cm_p5sQ7AVpXG3tgOV7hPI7E6qk4_lE8zUnQJgNrgIpT8mP2WQ7rWp72c1eHRJLaLur514FGG3xxH0taabIkEV_LiARLypZcQIDVjSOnxRAkcf4gbWYBn3tzGDQ361APn8WvleacFdmNBVfzu1skCtnLGfZyF2cvz76mSQAcJwcFXdSXfRCveGhdQhyWj-7MZGOZo8t9rbEUkvSmmPFIP88MvLjWfhHJ4TRrhOSp1PLsM4bOfsjzf9bXA4NLEYBas4zA8Z47ocbnWCqRtJT13JKi8LWudmmsl_AmihIBjxT0uNNeVFw1hcslnDhB_BUwxRs3gpbJwf4sJapWkkR8Dv0vZJAAYJqndw46cNzQkbm2F9uizdPlh6PNZEsvlqR-2PaajKksQjArSNgVP5qKdd0bzeRoroUO8gKyqyQSLva5Rl6VlyOtpdtCXnC6642Rvaea67CsPAupSwsUClz9SW5Ww4qGDow8zz5sVwAfJs7DY1kxQZDptBeA3mt_fdBCBKsAEas7FckRRUR2F6m97tzqNq6MMip_-FH72EsDSgzJnfHHS8Z46y7QxvIa6VHDpK8eVZshtyEwr_SdrKY7dtZBQf1O86Rnp_AyUbnPn7SOUYnI_dUHGbJ_REUPv93MBVcE1HVSzlNonJbrWk5Bm3ISanMoTD9zfZB3YH87PnCSJAz09ca8XGLN7w6yXHp0LuHHqA6N3fIRfHGFTvXnApOTbkfBZFhkxaFhwnD0w09VmfYWX5F0pXsUvNpUeOmeScGz4suUn7H-hgZYy__EJmnrO249295f8P2wfBh2hsXWAG67PnTMYFLkoP15GdlxQDn_Tuu4GuJHJnOgmwXjT1eSQpawarEmuq_IwokhEWMhC1zXpXluNqxWMeONCfUmI55Pgkp2y-XPDqKxYe_tz-n9WAl1rY2gDVUq5YVf4kLK3xF1QhDE6Lv2sktOxjZMwSpEs_svNkl9ZouD79s9yxqv5Zeojt_lX5T342rml3QCWz6xeTgwYAd0YrWJ8-ezqp2XJMGFBfFo9XRQZRbhQWl0WOABezWAJqh3OM5tfnUEhGWB5XG8C7bLLXW--FDg0sGWmN6AODad0TEvpqtTLekIfZhFmUpzWCKNKQlHDPkp1uJWov3P6jdrNdHj_l8LeqYF2cuzl3NtJB0MpFTsopqTsJGbTU8fWIQumbqrfrVsG0CHbef75fiGKU6mkCq2kyhWL2831OcBOEdbuQmDQQLXYnIwT-6EQmh7ld362nf-24Ek9cOOmlvFhumWNS_obr9_u6IYwn2yT7RSMq_xwHEc1ZGI54JwKk1Lw0VBS2BYaPwyIN4sDq6OliZ-FrldSb_KfxrknyYAJ7s1Gu2mEM7DGXaAq4pKQWq3nfO8XUX3u9ucta9HMAaFb2Sxr6wKl5SYAYt_DNgJUoApyCXCu6QQUuexTai7WqWDbYU2iBRdpIx_YAagnPTOIaakQBlWGU0gC7dMTJ68KOI_MPm30WiQ3V0t_bJIuWmZkQKuQ5b9NNOAgynwDO1SUmHW8yCPHdKbhONQr8-9C6u22mDPCDFAWPptjGRcSHX2ngyWRj9VKm3Nv7ubOJlVo6DLRzJXL4RvnDS1vB3Mt4s6jqGFcv3Z4MQfOVJurpkt8-Yf4CIy8k04Race6aH5JyW7p4vAKehtLhiVEN0uQQrkrrUjtWFh7w0OKqyt7f0xk_IGMTNnkFtWXEGoJUvpCiwdKWyhHBsTBYJuOxM7C6YR02qdyWht4rJsmeeDhhDNeakGlGWQKALCvQdB66EEs3M8KPIYCMdlrEeGdHBkaQtQBds5vgjnchZPYSschwKryhH76l4h_3BCBpY0hgTbvrsqOHHhgCnA1rwxX2m3nD3UONlTakm9mB_x0R1kd3O-MEEY8kK9Ejpg8fzLyKHK4vxeu_8KSP3UldtO0Ld1dYXAhtknucPao_qm1MKqF3dckMfpW7VPyl2zOuIMqZZollmcc1pQBHgTNlsHTgq0Fb9DW7d3IOuzEqEml8OoFow3rwbsAfbprQVYG0LQTPdMfG5TFdL_Jsnm9yLZoqlp1OLrXaT2I5bIWMTtCRFmSAl148YqfFP178rx4c9YqXuCWJaungq9oIGZSLLIL696pxQg-vX5ct18vgQ3Q79g5S2IVyXzmpZwlR9QVX9OhpAU49iBn_IxZJApdFQonPFHEuRasJ_5zIJqo29wC2C2doQVJRapFyhrRzvQ-JeJ4y6g9IXFV86npM92apx8C6N4WXQ&cid=CAQSOwBygQiDDri9Ow9-GgbyWCWCC9DflCv0Z03eh4iNwCQlPnngndfOmU_XTBe2UCVtso7VQlGVG0jepDkBGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fg37.com.br%2F&ds=l&xdt=1&iif=1&cor=4181980834106756600&adk=943508955&idt=168&cac=0&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.96.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-96-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9fcf45ae617bf507ff5e58f75e62a19a02fd4449277ff7f7a21c81c40778f130

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/ Frame 9C92 28 KB
11 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cd7jS4GZKJvqle8Gp8wYxlpYoav6wWeHbrnklFG8eK2y_FDZgggs4EIdfn9p_6wWei6n0aMe8A-PVQRXWSRowGjVBBd4xsDmN7tSaqF4eE7mbQBpWAqcFRjwAYz0ZSvSt5MV0hRdKy2jTGUoAjX3-yDIue-tU5JNR1r9bJdpjlGsn6PbE&dbm_d=AKAmf-DkJHVKOnwzWTMhYYBu5qtlxkBJ-cKFH6hfizvSSv7xbJggS2FG4zzAQvZ_b9kPIBo6sFlOKa3jA7GreI4WNYiu2VgvcimhQj-_k_ybht67-dMQvWUlafJh8ZTNFUaW8n64rpgbrlUpe29g7JxglI8QX4mjC5mIKpvzmbd7qHG5Q_soHZUD5xA-xoriSCsqExhepbBpAb_7e0YZHj6dQbWNROLDVTUO94wYO59xKp06ACsHOhCG__ALK5A7Tswq5CTsl68uKrbwQcLu9h_iKdyuAJNzmtltYUnhZPfFAQanWBF0_2qqueJliV6rtJzqG7foTEz-GHGZJqPnorjjxR_5tdlWhMc-A4qvPtYdqApzL6alQCYLu4taDTgYzEmPNE2VQhV-JmJJga6f9n_VDNfEKmaGPdmXwjJSQTbceKYulf0x17s1E5TBSbzFpQNcZWzrKlloW1S-u5CxiAVq6aCZzEzVQs4QQr9tR3Y3GeipCxgFZQpzw5ovzGCHObYBfF5B3a14E9uBkaYR2psncZNwXfb22dXzvKZzZ_tLPy3o2iiHN6s2s_Fn3SxYmAg6wS6BM3UnFnryIHUqP529PMin8GQEnbdQs7TWiBRJ0NH3xlvAQtRm9RF4hFrCLzdPM4bjt1dveokfLlFX9s-101gd59C5YpVsRW4qm4teUn4rLseUVBjDp2_v3OlNT2ExxfxqlWRsXWJGBUuvFZY6UU-EaOQnFRggke6i7FsKfVGmfYjVifzeFyRFw0C3o-B2iQxSp_Vz7sjPmkNliD_Hxic9hv-X6Q8Vku-i80zgG6haB-NGKuyAVl9NnIUwAwlevvcxq2qODST4IrffEJ-yxGJA66XoHjqYClM9C_NI7sDstjjYE9C8JWE0V_Oue3Mrn39cyNKSW1HjVyqvY6FKEgfV6NQz0AQWPfuvHOLaXs8c9N5WNnhrQJXDjMUf1syNgdhOz9ZC6xFnZg4sn6FMswWgkQWapC2kpP07BCv6oRUqVXiz2Ca1w_1v_ZHUsOxMrHD6LfcZC5UuLCKrU4Zj_7CDeZ7lKIDxPUDIb_beO8lRErhAsAOxXnP96-R_cy4M3N9d44tBCUQFVbSKMnRiM8x4sxE8LpKVcYbyS7wjP4F3Cl4H_SRjwK9hAFaYO6TwtC7dv4Ugp0-3Wv7sI8QOgZbdsGr1dDSJQptabFGcXKNwzIai3QhPauvt96n27HtrFOOqbpPZtDwT3rX3dpYRlCAEmdLkGrDvvhxn8uMMoG7_wRfFqMQf3WYf5OsrVw0uH9AIPqYizCrxsTb68e_TCPIPJmBc08INjHqYK9xAYUnG0UPoz5ATiwm-iOC-2EehSmw6wVCoNAFyv2p1judjMS1rQ2wmGMJojY96ToyhxFZt9pu_ut6EmhwiKVYOA2eXMWiQKCpc7qtqhfZ2jMIBRiVpc40l7MM2hny1cm_p5sQ7AVpXG3tgOV7hPI7E6qk4_lE8zUnQJgNrgIpT8mP2WQ7rWp72c1eHRJLaLur514FGG3xxH0taabIkEV_LiARLypZcQIDVjSOnxRAkcf4gbWYBn3tzGDQ361APn8WvleacFdmNBVfzu1skCtnLGfZyF2cvz76mSQAcJwcFXdSXfRCveGhdQhyWj-7MZGOZo8t9rbEUkvSmmPFIP88MvLjWfhHJ4TRrhOSp1PLsM4bOfsjzf9bXA4NLEYBas4zA8Z47ocbnWCqRtJT13JKi8LWudmmsl_AmihIBjxT0uNNeVFw1hcslnDhB_BUwxRs3gpbJwf4sJapWkkR8Dv0vZJAAYJqndw46cNzQkbm2F9uizdPlh6PNZEsvlqR-2PaajKksQjArSNgVP5qKdd0bzeRoroUO8gKyqyQSLva5Rl6VlyOtpdtCXnC6642Rvaea67CsPAupSwsUClz9SW5Ww4qGDow8zz5sVwAfJs7DY1kxQZDptBeA3mt_fdBCBKsAEas7FckRRUR2F6m97tzqNq6MMip_-FH72EsDSgzJnfHHS8Z46y7QxvIa6VHDpK8eVZshtyEwr_SdrKY7dtZBQf1O86Rnp_AyUbnPn7SOUYnI_dUHGbJ_REUPv93MBVcE1HVSzlNonJbrWk5Bm3ISanMoTD9zfZB3YH87PnCSJAz09ca8XGLN7w6yXHp0LuHHqA6N3fIRfHGFTvXnApOTbkfBZFhkxaFhwnD0w09VmfYWX5F0pXsUvNpUeOmeScGz4suUn7H-hgZYy__EJmnrO249295f8P2wfBh2hsXWAG67PnTMYFLkoP15GdlxQDn_Tuu4GuJHJnOgmwXjT1eSQpawarEmuq_IwokhEWMhC1zXpXluNqxWMeONCfUmI55Pgkp2y-XPDqKxYe_tz-n9WAl1rY2gDVUq5YVf4kLK3xF1QhDE6Lv2sktOxjZMwSpEs_svNkl9ZouD79s9yxqv5Zeojt_lX5T342rml3QCWz6xeTgwYAd0YrWJ8-ezqp2XJMGFBfFo9XRQZRbhQWl0WOABezWAJqh3OM5tfnUEhGWB5XG8C7bLLXW--FDg0sGWmN6AODad0TEvpqtTLekIfZhFmUpzWCKNKQlHDPkp1uJWov3P6jdrNdHj_l8LeqYF2cuzl3NtJB0MpFTsopqTsJGbTU8fWIQumbqrfrVsG0CHbef75fiGKU6mkCq2kyhWL2831OcBOEdbuQmDQQLXYnIwT-6EQmh7ld362nf-24Ek9cOOmlvFhumWNS_obr9_u6IYwn2yT7RSMq_xwHEc1ZGI54JwKk1Lw0VBS2BYaPwyIN4sDq6OliZ-FrldSb_KfxrknyYAJ7s1Gu2mEM7DGXaAq4pKQWq3nfO8XUX3u9ucta9HMAaFb2Sxr6wKl5SYAYt_DNgJUoApyCXCu6QQUuexTai7WqWDbYU2iBRdpIx_YAagnPTOIaakQBlWGU0gC7dMTJ68KOI_MPm30WiQ3V0t_bJIuWmZkQKuQ5b9NNOAgynwDO1SUmHW8yCPHdKbhONQr8-9C6u22mDPCDFAWPptjGRcSHX2ngyWRj9VKm3Nv7ubOJlVo6DLRzJXL4RvnDS1vB3Mt4s6jqGFcv3Z4MQfOVJurpkt8-Yf4CIy8k04Race6aH5JyW7p4vAKehtLhiVEN0uQQrkrrUjtWFh7w0OKqyt7f0xk_IGMTNnkFtWXEGoJUvpCiwdKWyhHBsTBYJuOxM7C6YR02qdyWht4rJsmeeDhhDNeakGlGWQKALCvQdB66EEs3M8KPIYCMdlrEeGdHBkaQtQBds5vgjnchZPYSschwKryhH76l4h_3BCBpY0hgTbvrsqOHHhgCnA1rwxX2m3nD3UONlTakm9mB_x0R1kd3O-MEEY8kK9Ejpg8fzLyKHK4vxeu_8KSP3UldtO0Ld1dYXAhtknucPao_qm1MKqF3dckMfpW7VPyl2zOuIMqZZollmcc1pQBHgTNlsHTgq0Fb9DW7d3IOuzEqEml8OoFow3rwbsAfbprQVYG0LQTPdMfG5TFdL_Jsnm9yLZoqlp1OLrXaT2I5bIWMTtCRFmSAl148YqfFP178rx4c9YqXuCWJaungq9oIGZSLLIL696pxQg-vX5ct18vgQ3Q79g5S2IVyXzmpZwlR9QVX9OhpAU49iBn_IxZJApdFQonPFHEuRasJ_5zIJqo29wC2C2doQVJRapFyhrRzvQ-JeJ4y6g9IXFV86npM92apx8C6N4WXQ&cid=CAQSOwBygQiDDri9Ow9-GgbyWCWCC9DflCv0Z03eh4iNwCQlPnngndfOmU_XTBe2UCVtso7VQlGVG0jepDkBGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fg37.com.br%2F&ds=l&xdt=1&iif=1&cor=4181980834106756600&adk=943508955&idt=168&cac=0&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c637f20aa2c06194694dfbdce826e0c2dc27be6768a7f796c9196e35e67e6c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4084
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10900
x-xss-protection: 0
server: cafe
etag: 15736755800806341048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:42:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/elements/html/ Frame 9C92 11 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:42:19 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9C92 0
0 150ms
67ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1hce7BoVVZseaFGj6pX9dkZTN5QOtXc4EqS3jnXYbdUOpySKnKu0vjhMv4YXsz6JX5AzgfY3fXHhMo7I0NHHJkVNlbErL3wHzODKn7ChRhf11fcO967G1VWiIVQVIPam_4poFY74-9ZlCuHpRtPNlSbGpQ4JrBbYFKicNSxgR7f9F40A8w0iTy-vCqxPq_i3f9WG_Zf5hg1HTOrMuh1RlwTMjle7BOeB1A1EJcnXjTaYZ9EElQGDbHom_4dSv2t4bABWV96Qi6rnRDXYwb7j0yq8PTAmIP-_YMWZJvq9TrR-HMQVFC14hSgHcnX8BMo20I0BY4HnSqQRXf_9RDqDDH9e0I-7qwxQokceaQc8wSnnqiNMUg5IRvqzMrMQtKu015X5jI4V-gCQaZ4tUHeIv2FdCnXh6qRUCwmZE5CR8kPFN5QwIn3BXBW5D8DNPqSsyX_DmJORnJmitroxfIXi8ybwape8lKRCwVYoboAvjwBrnrBClM9zj8ZOYP38gbJqEyeVQVaoJbiuIu_K_ACM2RBsEQ6bHvf42drEhArqXjtI6ApDl9gnL0ZQTcuneTda_rIbRbJ0nDTqLW431IgkIsNK9tGi-tL7EswP_RYkj9g8YkRlyTZeLxVF2bMXIxgbgc9VH0wD5p_JH03mTHzc2EUZMt5oAbSUqmxt3hdpBallLbNMXkTBnW4y5NMKv3JVlxE7xuuZIobhRKkj2gT0b2yCITVqJZnYlIQS0x7QJ4y00995QqiXXoTbW4QUNgOa8lT7Fhg3GA85Eb2q1isdC2ANtTiWGuYqNlZPytfBEVmCJFZItfJGBFcS5G2stKWXrp9Wd0dOsCChBSkMwoJw3gtaXo4n2WOvQx7QYRIf5hG62w-rTP22qU242fWZVF_KhzThleuBnX2_TnCmiEKgyVqxmQ0TY6k24Vw4FuJ0hKciEEMkcyP1K0M3ZmcVbiOBTiQ2GniK6xnBlc4iDJuuEqla5WmT-Kr-tiC8EZ2zMohpFDwhy_nJH_2mxKl4Q_vwx0ORf6wa2TBuH6ylyiIfBtLHCVofAVMUPHpiyvQGmz4HMymmgn3RTkz9gM63L53VPYHVLKJaTWd9Dc3H8rczhOByXegzCxQyVRePW2Oijz4_WksYIPBhBrQg_CUzzXU_g88iXEnAS4nlFPxkinI66Zc35UoCdUHT690DObTuosCJYyjij55zJ-JPS_iRs_eKbpldetSpF2gJvyhi1HViVt5Qqc1As1NTMdFvi0JRp583kbFuDGE7jrpbLsE3TytOXyLuIoPz3tY3kqPlTsPSBXW0T4gsjtQFv5qyTYrCWCTLWVdIoy3mXxLewNIU3xHwL2DW-t2Gm0IvRKjrUGiNWXAFJjA&sai=AMfl-YSOnvRvcSMLqY_f4Ru4yo3TOiVrB8knROtnKYsDxvSy7-r0uo2xQdjzzXr8mcvzOSVEkmqoGqDCASfwq72-HfXxgg8CYabTSyAOASFjiYTZBqWunSiaL_Bw0WkaFrKex3yyhTptZTSdS8t-9o9viZuzMckbgnLT9HyJEz5UCtEcdX_T5_pa5Nh3AzI47qy9VsnR21OmKpBI2Ebl2Z2-XtWy2F4SvZFN8NGYK3yoDxTY3Og0N_llpXJkUNqs6fxzCkf7JQrNHXE0W5f7i6KwkdbSy7DzwA&sig=Cg0ArKJSzE8jvp9Ao_A_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230504.24518&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 09 May 2023 15:50:06 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:06 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9C92 41 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 May 2024 09:20:28 GMT

GET
H2 200 4828765939756761540
s0.2mdn.net/simgad/ Frame 9C92 52 KB
53 KB 100ms
20ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4828765939756761540

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16bc13ebf0fda0f7019c9730740e635c7c167f428ee01bed78e1a29939b0e2f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:18:30 GMT
x-content-type-options: nosniff
age: 513095
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53351
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 12:39:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 May 2024 17:18:30 GMT

GET
H2 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4BBE 707 KB
226 KB 41ms
28ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 501323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 20:34:43 GMT
expires: Thu, 02 May 2024 20:34:43 GMT
last-modified: Wed, 03 May 2023 20:32:04 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 May 2023 15:50:06 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 45ms
40ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=g37.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
28ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=g37.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame F7F2 38 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 15:13:08 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD6D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
31ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:06 GMT
expires: Tue, 09 May 2023 15:50:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0BF3 0
0 66ms
65ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsWJJrWtaZLq_CcvstOUP8s66yAnD6e_WbK22xsK4EMCNtwEQASCZroF3YJEEoAGUz7HkKMgBAakCUtqRRtPoij6oAwHIA8MEqgTcAU_QnqxN4I9M5rW1f1G1cmLWBKEJb6W3eG5kGmAUryBVW74KPSDPdey4vzjX-to5PRlKHl9opJMiF1dH3-k_q8SEv3OsglayklRyFPXZC08P3_fMwhd5V0RgjPEVoG6xi5XD_s0i-CVHzFEKHxT2n8s8u6jzjv1CGywZwKq78Ibwg65cRNxT0slGWg4k3E9RQoGU157Wpw9lVfLPGxDH-rtuJZoBt-yMiFYD5l9VzavTZaVNWiZl_UCUeiXczA-qVICL_xrJxDXVcdoZfgcINlgenGC6QK7BbH-RgaHABPepuOSRBJIFBAgEGAGSBQQIBRgEoAZmgAeUh4LEA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIfUAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwqIFAHQFQGAFwGyFxwKGggAEhRwdWItOTYxNTM0NTQwODc0Mzc3NBgA&sigh=gvPw4Io0T5U&uach_m=[UACH]&cid=CAQSOwBygQiDtO4L1-6EV8XgZKXVlRmk_JapAb0AIrsfQPESZAZ2R59qo4-XIrOpSRRa50dplkINQkiMM3XQGAE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 09 May 2023 15:50:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C4A 143 B
166 B 24ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:10:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0335 106 KB
37 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
Origin: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 09:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 May 2023 09:27:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/elements/html/ Frame 0335 11 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3Mfx0ULF54OAfJMdPibszAHCd5ogR3WJdVmHRjbpHgGNuPwP1pC4ESdt7I_dZFP64NlVSBleh12FFurRxeDJgW8Rivw&cry=1&dbm_d=AKAmf-BNLOTcHGas1kD4B2RlJ4-HZwP6hamkkOfHpaIX8GaFtaRx3xDthaXIsVzjm3gdpf_jPMmrCD2iNOmtA1iHS7fYPUweATpdOpwjR0dLLD_7dQoq8JYA_GubTVlKX6b9fHthgoncckmwURSfNgA6yq_3yw6M_kk_2x90j68HvT6LLRek3475hYVtaTKLN5z9lEVXb26uA_N2tYa-Fn6Xh0CfKXkyncbBb4qLmLqtzR3Zjo1ix56SlmvKx6AQDkoToHuQiLoMgJTe3rVSjRB10IxyA3xDzIQh0mnlMnxIWE34xlUb6hjVswcmh5FTROUeOIs77jssEpEjdzpK7jTmazBJ6ushVc6RHdpQtv2ZdEzAqZ3jWMxAXXPGf8GMKEwU3F2CZVyyhuIWthIoYmvttQ1PhVoOqdBDzflEuXWPKWVlAuTwtRzbnEO7ywphdYV8t5zh7FWg2qJD1IntmkF_x0mdWq85Yfpndu61YXz5iRSgQxPwARniIn_9zRpaueCNh2BW-v4prtuXzxQQLsuAHLoFxT5o4rl2ZeVvptP2oJN-vaBXK1eoqRtwEoYauiVx6Y06hBq3QKT_6LMr5b7AkXUd1m9c5qOFcnhgc8twPCjIrkox8yOhoTJ5SG0edDvL6VqOZKnqr3x5xooEKoO9S3GeWCBa8CVLlNuhEyC8Z--HbVgIcJIrCEveiSVlEJMox5634evza3uG-SRsk9JTJx69oLjs-giAtBjWm-Dxu80raabi7uh4-VSquhN-EWAiuvJk5dzSxDT-sMjM9KtxWulwB-q9DmXnwMBDRZirvAGFDJTDIzc1sGtGpQUnls1ot3-AHmREBBBnVdQ_RD5QO_Nl8BjSdN1P2iMdqzHQbCkrWgo6iK19J8sgMPuboHkECLdi2_jm41XRuAuaqgmM8DctH6Eyj9yA6YNPcKrXCkMPGJrKwvKm-8pfEqRO-Czfa6F_SaRO255LPgdYsm-qQpCakSY3uIjGKAGuu8X3nIqwbrO2Q1_I9lx09CWQ_YVSYLJ8TS4ztEhEF7enAW9sgbu7j6cnCXfI8QTVSQqIua8jddBlNK26LdzDvp_DAVZgotnruib_nWaVYNxYq0RZaRjh8fqU-scSaEKfcHJUn4ZUKy8cYrxs-Abj9xcBe7LE5kn4WFHDCPiPG0E9tHjC1gyI0od2K3PrsQd-OOAcgG85SFFHhs0IvYR4dkMHLCXCik2OPyqylCF87ORZCe0XUupyhFWC8bhZsXpgqYIKX7hc67WaEUBS1unPZs_dYI76N55wEbfERAHTXUhcBBY0Bq2YDCAbDKFX6Zcl1jLc0Mrv4TTYfjHtlYIv4Celsnwz3J2O4RBHj9bVKsigReQPhO3jhtG6WP6A5TMxwLHE5U_E9hZ-_lYUM_wSIiWe-qn_iFh-iAkwVgqMMZrWfEU-pJVe5WjUwtZjrWupKW-xqOZhFgnKtv4rFjl2aP-xqGOT-P91m7qKkPq726UPfl5GZZf26LgySDcSNM_k3_yMXBTrnbAb-81oba5Brq0MX1iVPKdnPn8eoX9HdpRGzklehqnE9KCZ5y6fEa1p3mh_Ues9-SKfYcHvOQJIJx-0-df781e3cOPjyH6CF4RqXMx4LJkbCchf3jQtQizK-mIQLloEEevdIWsg1qhxX7-ijcaN0Vv6GTJiURIbvRy2usicQZVepaw_ekAVZQK_Z4QgIVlTpw-ZIzWHjB_q-qi-aA2KLjzdIkW0S0Q0d6s6ZvLCBj9R6zO-UYgir75ge66L_E79FKQLMREi0p5WDmfCFvew_w8gvh36PDG-lYEBWhBGM9fS48btnsKt2BI7eciJrfSu_IhFl4iSel5vGUY54ssyPkiwPOWhjtP7sH8JE83YB3jWF6ItezuRQRvg6gbp-4ZxaCdP9y03b3g-okj8HrZcV_6vUlIom4PIhWXofIE5P0pZ1fsXUm1kyyn66lZXNiMYbFygBOkeoT8GohhWN6TeHN6uHuvQ7_tlJzWL2K3BropAvdzvE9vicNDuyN8O15IMyb-z5HiNK10Pl0_ysO8_MTuxs-G4e8EOVMsMiVLkcXkzJru21srkGn_5viXs7fQQSLQeTyWs5_OZa44rPHBtZsee4j4Ca5YAYyCl4YyWVANAEOqggEjWPFEXfKJp-pKjfQqYpWX_IPG1T2yrZs67jTu2hjv1DpoGms_kGmkqaLiJbf11oFE6ogaRHv6di5IhnBtWyQp2tQUlnrQ1AV2_ulU9QQmvwk4uJad8x4oX37z7VVwFXIhaGtVZ9o1EKowTBIDaQQ0WtvPa1W1qgqeTQXFVy-86GKt8ipnuaIPZPrXUKBDqjY-Q2zHUiQZtY4rQbpQfFgu0KWqRTLWLI1Pq3Ebig-SC0UJyblvlcIT0Cs0D58himwkiZGh6Q5Vh0_n8s55_bItBi1q0V0VT0HbiR-kFoGH9Skbt7VD3XO9NvLvsUs5a-aBmNg57d09BNfjC-dmsGr74Keo99p_510jHLHDJgXWwRfRIMMvxId6duK1VvWPqfEKII69rmx6CvHTzXPkm6u8Pk-UrF3Zmr4JzYDycoVseOEXzeYJoPCWym7q23WyVnRmemLcmdWlMLr1fgko-h7lFyvYMXJI2AKp5m77cMS8D6Dp0dHB607SYhdY1rrQNlP1dR4l3GyfLFEq460tWZbemiN8L16XnOQmU15BllHmqLUxL9rs6DRmzqR2yU-3NI8FZtC_xu5jBSioSz8gqO2h1wMzKa_QJGaYmcawq4lWihYNzjiW8ux3q1D8yMh4xVjneGYJ_HbhNlGxXs5GT65pY6Ko5aFyQlsxGyzleQR6IWNJSr3fHjMMGYeqeMKJsK44CG6an9PPZc-2Npzp6ityF96Hwa98H4SesrxUbJBESejTnn4YmsaKYd8SRO8aTm5eu8uuZ612H_EB3uhftUgRkfPCj6RyhDFTNqabBD72XGTrNQeIUTokxFC3EbrN9aFBmloHKbYQd1QOIlAo_RLQU02l-KtYhzEBlAhP7jaJgaBwybioZGOKn4-NPwOv_MY-eurIGsuavHsQOaz6sCLrbZBB-OBqXMcaZENybjocZP3FvxqR74lkV8lRpK-ypkYOfJqlvGmK1HxjqBcVAgseP1DiHudR5qWCt49JNg6k8KUpLo-qXN_1-xFYs_gkOjmgqmKsd_2VIUayFzZivqujf1ozM5ZW0_vhMVJJOO2yXXrR_TXxJK6hAHK3ZnOZ01SdyPfetkZibAxvv6blXy33AGHqG3BlR7QtpiUaiqr69PJqpzTLA_c8GABoNNBuUBN8aopA_dxo5IsDmOIzR7wSPMYIUr02Y_1j2xqsvddtDeAX7ffjMortNUbTA8QXsY5QExZMz1BU01usJOXjFYcYrkqGZaBSgC36dNwhdW3dVLOgJojBh-tm1Iu1vYrYkpxZfUDN1ZBQ0qLh3GExqa41Pi6hgRCvjWYj9lSTCHF--g7b2xxUiZK80R55g1wW_icD8dtjGV82oz4UGdbrzGGs9n6MP9vxmDd0v8A8RkhGQ7OPjgY4-xAttoEGw607Rdx1QFu-orA9DaGym9VQDt2Y0k9oWJvmxJv72rbjGIFayUfMA1z0FD8giu-U9ZtSCb9hRbR88knFGdvvEU3qUVg7jP3rwcQ7hclNhWOtfAIii&cid=CAQSOwBygQiDDri9Ow9-GgbyWCWCC9DflCv0Z03eh4iNwCQlPnngndfOmU_XTBe2UCVtso7VQlGVG0jepDkBGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fg37.com.br%2F&ds=l&xdt=1&iif=1&cor=2352389826938446300&adk=3690638929&idt=264&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:42:19 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/ Frame 0335 28 KB
11 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c637f20aa2c06194694dfbdce826e0c2dc27be6768a7f796c9196e35e67e6c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10900
x-xss-protection: 0
server: cafe
etag: 15736755800806341048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:42:01 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7F2E 106 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
Origin: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 09:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 May 2023 09:27:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/elements/html/ Frame 7F2E 11 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApPMslGR_vZQsCbX2BIunPHwj-ekcFrYRemw3_Bi6X1qgNiEWDtVkYhrsLEn4PYph8yyyI4wVsdPXAMo2Yyad7C-D8jQ&cry=1&dbm_d=AKAmf-Cq_951DhEw7oyXz83_5OiMdQoXh3LOaK_2m4WoKh87TygYIfz6iwp3Nw041h-7R1jR5f_3sfw1wy_4p0J9dniul2DYA868VWc2ppL-KdHAgDGcQqwcN80tM0ueG2y7SEMPLI95Uuj6myjX3nVoG1-GoTsfMGW2OExXymWrMQw3gCqLdCLTHpR3hj_Hd9_AuHKp5nptyXITAi_z741ERMsExfKhaf9I9MnZBkhlXM95Q5CUSCb4ZnZ_XaDpzpvSXYNUKszWgRAnwYzOCxRJ1ibj1AWKeNZ3uMKRYXIrktQDPl1jIYthn7p-02y5lKJfPtk4ZNjrdO5ULOmhiHro0n5cNfuKBKg9PjGLsI6-g8ri5t0mcgubLac2kpxBKX-pikgRr01edaCi__ZIdGBsCAu_KM4njIkvtEnvEn4GYLzNbIziSo0JpGs2AJhMTAwiwmowNFO1EJXzVEVIaMJlxD0kkiZZ8AjcMCr24hjPEhz3bx7MI2p4HpwMmPirMu1zVZoKfegOp76ow0mSRVI_5fM98rDdh-9AoA8dU7KP8cz7JIuvkIgver5mCTzx5YykjT3XtGC5iHxcboC2RISDawblFKmV6cQdTgQWnuiY9jjbsxXNiRg1P4WfOj9b7g8V7Gh8Cv3pgaGklN5sjWb1ki3cjbbtRpQ7rFVmaj6i1CUOobbkDo5L2PSkJ4nPk_y0mx6EzX0poBQf2pvQVlBaCVdZUGQ66nJ0agblgAMyQOc0OHwN0grlR4IfXGwLpYQkzGjtFxrMYEJG1w3FqEghr-VYSj7xb6BULbw63fmzSuyfkgbyyZAgwHXRaejTkqCtTPqfTJUzjXnCI9abk0jf6-xh__7O1rReS0HV1_iVBg2Dtbg4mKzsUW2ObfA8K7t1LW1OFiX8xlrYXB5Og7O75a1FcbEYaLWEUVrpVimkAB1WcHQKykFPcTgHlKljR9gPG3JlH0_yEYD3XSZABM6YzHhtHR_jxmTKxCVe6FdM33CYYsPtW3cmioeL2EqbNYmdKH0W9MOGizcfMSPpUQlhkgBEhlplALUVuM-ECR-vWi1O2RZbCNA-goVQ-zbcsJeETG2xkU21HWWfVySPQamApVci0hKL_vNryupDH3MTY1Vr1vimxQ2nK-5cKVuunbHTT_UzK2HduB4ydK16YysaGqy924I1t8Y7bqB3shsekaZFqiKgrUnv-xZhe6VSpcehyLSm9Tf2uVZdF6LJcStHhKmWFl99kU63es6QdnMgzHE7IoydmE39w9BSSJNNbaulhMvwtcFakIdVMMmSuwBNcpzDXrO2iZn5mpRu3j20_7ux5y9uOUvYdwufEg54N_CtZxzIPhUQ70Kwofq24qIpPBXR-12lv8-LDsHvhbeGtalzUkRcYZKa1q7yO9Nk8vDplsRxqfq-X9dmRYU4P_iQAhAfdRVRpz4kpXzbwceK4xGPpeyABuUP_xiXPS5T8Plv4b8-WjeBDVW6H5qIiTDnbT1zpEmNkjbUdbPcXMPhaNq33sZiPLV0gDzrmzFJaLEdGCCRLvVE0_p4adMLXVBPDnvGGZeeQOvxfgtFX8iP9MXyVx7-lNgPtjBpGZXxqz7rymCFePF4OO6RFMyB4gr8PIVyAD21jRPAFv1cUVxS8J_YdociWY6eajqDOwdaUti5KOIuf_ci4TNRUzfK2RsQHjgRVhqpqbCnxgE_0TrTiZ0b11srS_WNLKunSb1lvowpuk3OZQxN3R5IKx-qc5vAgvsmYzgOOa56W7AXEayePMQWl1TfpqZAdQg3KoCER3uXuPMBKamniPMPWXv60hrmHjvEeOlVuAPyICb-aW_8EXKvj5n8FCb9TKryUhObkGThqrqMfVOTYuKiw-BDpH35ZYZQu1VVAbbuezNK56cUQ7iLW9_UI8BIrp9J-GAP-f9YcxY2MbdA-aXHTxzIq12_MMUiv_ZAAz6kxMgqqd7k7z5bbqu14IlVHEhjjWBMnFN6bUSr-M03p4Wni6KtoUmv7W_1uk8BTWHxahF1h6vzEqrkhlprxP07KnuGp1bo-aTrebctgAg3vaPF623B4s_cOFKqS8UClZ1MdqHrsgHB-krCIatKEYsg36nc_MqymGGVeKVDDMAEa76SJsxBuI3rgZZLGU2AGYkzr1CwVbIDUFuCdQ1887wuFx_CnjUSLislgz-N7Q0BYVz1zAYqR5-yvd0sQlEJe7yYfdGLK-VvTaPj9dwgngCy0umGKqGsdmyWVqTp7rZYeGwLg06cODzVxd5_iuA8M6Hfo2sPGLDFe9N1fRzAHkUaj7Lcg9i-CKZA9fnIs3AGR3saihRXEzuYkGwbH7tvu-dkNJeDWdshY9LDDeddMFo19cYz1QVHeaLmqTOvoHn7Dpe4fzUrrIuZQ5S2-k6J73uEwqpb-1X7c7DQHtUq32ej7GAzMLjXoRNaWr50wgVs-vtYyu4BUW0oWmd3RXEW1IdlaKcgjt5ctxDV3LHTa3w45QsDfIQgk2DBst_WwtWvJYrkgCDWlVO0C9oymp_qd-R_wYzHxCUrXWlR8hTxQAD2tszQzDDxpTKdjF8ZpGrfaIsfBvygC0TDCYjlpcL0M7O5rv0sifgkFaoIDpL5Cff7QteJs303t0t-1evigqt2IcKPk9zuiLVvWNxtjG1Pqo6Yp2yhj6GwdzxAZe2H2_3zpKxSrQCv-qpMbwu_6LoHL6OgxMTm8t9PsOVyAreBY4RJiQAzxsLYo6TMeFk5PyUxDa-Uc6uWBBuSE770TjBknGhmm6dJndnVItG3iIEaR71SREwaOqmCWEdH81ZyZoNF-uh7KoZ1jiIrhluVqr73LSFx93-OCsgt7KbNb0ma5mIjionq8HbFiPEgntRQgSa0lgEu3t87tz-N2AJfRD_qlss8PsfI67IwOAthRdnvPVZenKPcKpKaLHb_dwDElENeVt1TXURI2EgYpvaZSMDa2PuxC4qwjVEnvjf-ie-Ngz55J34MjSlB35kIFi7J6R71SAUowNszabZXqkG0biV64G0xo1EtO_pqH-Pnvh_-mL9TMNCyZAX7GGoGvQ3mR9M4u7P3zOuMeM8iziFkXX8MNK9CXgd-Wv4PTSHAvSr2sCdkwkO8H5TDA_oMFGqUvHEK3spRouiPtKZR0jBsoqfXhTOrMijCyFoCjBuVNKIux4tHX_CbG8ObcVvfKCjXIi6RxMOTWg2YCev-E6oZuv9OSjwoMeb72EAi71WS4Sv-B53xNIBOhEPKqVNbkUgeVEMZyFo5GhM8jLOrQEUo_3WCX8k2p2wXk6ocVEdaKLi5aVSC-fgaTy99NXEAQr1wuWVGxvaCA3nq7udaxIYPnLS1rFcUexlU3JyUiz5nI48zz8iWNPpyLfGAYkz0sjph1w-NbZXZUKeu4oppmbyUnmltECteDDbSzrqLICr5G_NPjq11Sr9OB5wha1zYWSXj-7JEYanLM7Zv7NRBaOHyM9Yagj7WV0nPZNogQf9GUp7D3SYPyX30FQW4G3S9VA1FXbLzodgHUHow32lwzumRG5za8jcLYAS_w7qNgPDn7Pi1DkwmAuAM2ZnBX1D7AIUL2m9V7eWdIPvP66iteYfCTkgY_YylHMQK5XE9UoA2YcIAU_vBGv_xceCgPdKRsc3apuzY28_AGLj5IcrzyMnzx9IU&cid=CAQSOwBygQiDDri9Ow9-GgbyWCWCC9DflCv0Z03eh4iNwCQlPnngndfOmU_XTBe2UCVtso7VQlGVG0jepDkBGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fg37.com.br%2F&ds=l&xdt=1&iif=1&cor=12552198611907960000&adk=1033480531&idt=265&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:42:19 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/ Frame 7F2E 28 KB
11 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c637f20aa2c06194694dfbdce826e0c2dc27be6768a7f796c9196e35e67e6c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10900
x-xss-protection: 0
server: cafe
etag: 15736755800806341048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:42:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/ Frame 5B87 28 KB
11 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUTwS3pgxF-oPTEpN5VrapJeZ0c39ABvBjgcrSt7hMduxX-gQ5lfJjWTl6vtwjnplukHTqOHy_v1H0vMb2eH_c7S_fmw&cry=1&dbm_d=AKAmf-ANV30h5EX5X-N6YGUHudM1E2ojpXg9-OMlISFVcoUr1rOJd2iKL2KLnezjNCgzgu6PkndnYYRCZVG_EO8FEybLzGkbWPHmipKJus_GC61tZ2qFucTq8ILP1MBL2jpZgtkBpPTFLLjZL_tuhZE4I8mtEz8tMrDEO9NUqfLkODZBX-3dHI0d5a7UoPh_sxH3hqm46sgCJuygUwW6BwCQ_eNNaA0AKmfm7VhWeuhJkailxjPPshBEn4U68asZOBTQF976AwgHQsn7p85-LDxgy8BnGp9G6A1xorsmmPIqcoExXRjKMazQPr-y9Q7f2GsVtoye__yYAxclXphD-6Hn8WZlhDLDCTVnEbM-cX_vcLQAvAarcNT4Y_peIp-PQeZYF0EzzLM-eLqOBkenCeqhNih1Rq_yrg4SqMPgPYTruWscZf3tzUFQkISuDpRPafUMySSW937VCt-ltCSPIUzDkzHTA7EMWdkOlc5BvZy7LV3P8uZ3u7qIXx3daoS1279wH4xZFa2A2DCFPVLdNhAyJpep23o4ekml-53RcIVBqlWCNMIjT6ZE-2prm0JuyPNCtVDe_-_DYczfw0_Upo9RbbmGO-LF9vQd2wlkqASWIYUhJyJVyZtLmPlH_qLOqBFrSixETnhXjgUisPvQIEuHaLckPKvPUFYIAghwfeGMRmFLdAS27pVuGnExQNxOabl3ZZlu1JA-tJQ_H0QbDGECZUK4KF9pIt29pMQ-3ypF9xGsW1h8TwE1NWKZeUGdXZ1HqEhs0yy56euABBcFmAJ7SSgan6F705a_oRwp9bXv9si9KBb91-7T8VSqNAGutGmXM72c0GHlCgYSScSu7rSuUuUVDgscUCEpevXWU_2cVEVIWEEeCBM7dFp6A5zvoKvLVWSs9Dk2Tp8ZW6SBXYKfRzAhbIHt84Z1eNSedqmAeMh3qhaamXGNPMGc8u8zNq6PfZCdsmU6OxTActOw7QyBYU7QYB73RYh5aGz7HW6hfYV--XaxM258_x2HmBqltl4lMWx8LPZ8ZlaVvnoTPisCqE7E12kanRNR21au9M1TKmSPjd5a4HcQnVAopOC_jxcfJV5HYuz_kB3lmAYdVOc1hPi0vThSJw_iavkcnpPG99APxlshFvUxXpO57vgCxk2dIgvE3Eu1XkgEDolFMKkrQi4rww8spxFgNQ4GllvDt7bW7HErPu5or8m0oPRgBi5GXwf7SULldxVH-Qqugz-1c6a70C7dn_JZGwuYvww2FEKwk4_u1TF4s1vlMDoLTJh2YaKnt5Eg-HOgG0r2OruLBj4KtQx8zK1vclQ8_jZOUBoGQFM58UarhosMYFuvF4WmpbrhL5yuHX0cz5BCMG8kzROsCQDlY-veu5X6OnnH_9kn77CqN_d-TEIdE7twM_Ov--5ifZ5Lj5YUPcaVLPkz8bs9XN5Rgv2njtIMYldWXjOYoCtkp2Yv9TS_rAZM3bTZ5EyjmNC8n-j4j26FXmZUUb98FG4rmGHJjHV7KYifcSuelI_j9kqmCaCu35KDS89pYxK1rGSbpxnrg0SwjMZ5QuXyCFu9RGFuCrPUbLHpEc2oFwQgSIfBu5Av3TyWlTgiAKE5bNZRh5Lf1sa8VoETpdQQeDaWO-jJRxVZ423izhOR4gIRdXeNpkATYGT-dJdcJqT6Awd52OTliTIhE1PeuMiKBsiHWQ6GrEEFS6VNgfbmHtXpMY8OLQ18LceinwtNiU-cjUNe_mhsyjLYCCJOc4TVQoFkG-w7ubKYl_e0pEeQ5RdThb6ZpJvUL6aEuooiYFs8-nnSOnvv3qpyZ_1-qpEG9xOdF0Bz8RnOmEGHnse-OY1WBNgP0TQCH4MU1jfPvVlNY6dbwcLZ6vXiXcoCs7IaMkPTGPNq1HLeGxKNfZv0KFPxcr-7wueD6Rp1mRMMq4ZPdxAeghzOhMSCPq22Rl3a0Uo1xp2oT1QvuqoJf4pJikjuD6Nf4GEtRZGs_JNdLzNUf1Dn9e6BXCQIKwhePLFUKRDrTNHCTcroa5-i0EOfGChwfOT652QuvRAtRKmnhNDbTPHqh6tX975J9LY7gPtn5nYnpFxe7cUA97tYVFthOqy6GplZfO3UFgSYVbYZL3G2ykGpTXaynKE221bcEIqUfqf4nHpj2vGWzgyr8HxEooHvpcdEwtoQTN2_7-jPaylfSjs6vD0QreHqkBXGIoHdMhoFzzWVH8cu3pMRMov9M-2ZEdWQKZW9r-zrPVOL8rwDu8VoldNxyssHugwcM1V6JMYG-93ow8DyL8XoZN3R68XJk-nfOacCT8Q6oXn-tJAALUkVzu1g0PiQyQJBdp0D2r0lK_QJmh5RLDG5ePaXaXvvTWsN8oBsHyVHT39JCGccD76huTgeb4H4OHZpt3iPeI9OGG5zZQEjDmuApC3dalGXjny2EtcoBk1q3C2okascokekGZVdYmBJWbSvpHvfC6ghVN21FxOqo8f8475L1bQhduTC29JvF7SmrNSxLRI3Yfl7Dy-nrkU2m7czLeFoBlNqm56VaR12lr9xN2SVh9b2f6OZ9CDBZBKBnZdg3z76SqaBzTjMF1E8MFhK1hHjSaqhOnZm3kPpDbsygoBnIkM_pnShyPA8WSqvpiRoWsLU2y_HOaJI5X8EebCqtMfAIRSbNbRCKNmiyTeexS82L5JYYbai1q_WCXIL3W3XYhx1bQmemiiZOH4ZCosJ0ytOgqYKrErRXJR4KIxJRqHjpBFXOI7bCxwvuurMD7pvvul0gQR8s0CJMrx9GeUiR170_K96toAicjHsrsZHwE9kZi7IxspYxNMejparolB4SE736jUUmXwgobL_I3X_rVPmP2UG-fGaPTrMJVzBWYGLhZznT2vxxM9ehNpQNe8xzkexixcF1d12Ha93j8AwWNZcv9Ph8axZc8soZVw7va1ISSAslYjku-mOTy94i2EaPUvu9R8YXuaaXDd7DlUgX_zVrmhBaXT2pZtg3-DMIE5wPtnh-0DdPHINSh-4yBDC1Z9GiTW7GsbKZIede1Wlv0pAkeBsn_NiQTFFG0zh_PusYV518E7_xxAMq7bErmZEOh0jeewPO81RjGS9H2iKD1_Hidh3sNxCqasV7Og0is3p5hjUsst1hsRoxUwihmu_j0bjZZNVeKk6YxS9PFrawpmxu7NvoV34gqu9IpXHZX19IU_JxX5BTi43UDs9Uv_Rb09Hl_b8C0Ng19TIzkAUBB_Klj9Gx6Iz10Ac4H6y5a0uKV4W_eJ64HJQ8ZpDuxUQfYI2kpXotIy4q1DjsmNJVUz-9nJFYPYQiYtAHjZtuY90pzXwVC-gf5mFZ-jxG83EoOHBTV1PTVNZIbuob6Q9HjLOOt8avmY2w1QrEkMAuUSG_vF4r1WyqdzwEA-WJkHC_lowzZdstObswrc9m1fpedAv-5-2hlx-eLwemt3UU-WHpMncPeATiS4aLGQ2M5cL5qBAT3RBA7RkA-oEGX7lmQ_mh33089nfJBWTiDnkpDZi9wUn9ZLh-q09vftFmHMI7M_EQSrZLAzobD0pj_WE4QfURYA6rw&cid=CAQSOwBygQiDm6uhnbolthNc__YktTyUYybSHvyTt_gRZ7BpsxH7iMu4GnIQT4drduamhUI2WpyNGAbCvRhFGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fg37.com.br%2F&ds=l&xdt=1&iif=1&cor=17737131163380316000&adk=2228999115&idt=111&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c637f20aa2c06194694dfbdce826e0c2dc27be6768a7f796c9196e35e67e6c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10900
x-xss-protection: 0
server: cafe
etag: 15736755800806341048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:42:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/elements/html/ Frame 5B87 11 KB
4 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230504/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 14:42:19 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5B87 0
0 70ms
67ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuA35jf2sz9MFdON6lJYeoP81dYqGRJLzMc-urpPvxRbeka8wPysxhDTq-6gIGv382a4JqXuviOCHmW8XPhs0cnv9BDdWngaxpBlR_RxqgxLGmFHs0cucXDXRW8FDNwrZeZg2kfzusVeVACj-ghSPTIuTEDSCuvxBTZYwn8_rQpsS9-FBkkpAIQR7fUcO2A5Evig3hEfCGRaie9wXA1IAuLOtyggfHiYIM-_jt-8Jls_OEe3h-MkWPX6vLwiT_zOb_aWjyNlkaz5ECnCXmoxVi6zVDTnGEW71_YHOivOc2RdFBK6JDWHnzua4qySgp6CpWgK4BpVkzJkWxXJQNVPVrXENrKaL_h4puKcvoN2PraC8Xl4_Mtm7XIYmUKGIhBUJ2_0Jr3mTj-8DYfHdWzEnmldF7Lpr7oa2gbjDH9tUq5UEIPfwU6zkLCK8WSuAlIDqWzyI4WnQ3bEG1Zlj8GyUhe4XNjP8gtx36BVLlqnhZfh63_FgWQaPE07IVGwkQ8QhRn2d87tnNlWMLGhXBe_jNI6D9jWDIEtNgVupTlz9YDnJhyKg4rLPlM4GSE_j57wgxuYyTCF0UwmUwJdoTZ2ZSV7apu3wvrandCKAYOoDOyzwd6V5s8GOWomDUKs5V9nV1ySh9lWnbcDp7QVQVfkjICLKll2RClcuP7WIhbCP9SdzgbDuy02tE-yaUvKX0IAOM_-Sw5fXzby9xH90k-mG6cX2pNcfSebWzrDKD-N5bHlma7j8d6vErLOu1O1nR0jgil5KxOdxxdWkctjOMqtN-AM5lNs-1qaR6t5JEFFZWOp5pcM14oVczmEPfC9d-MrfWHJNsead6yLNXwRIs53lBbxklmI6kVRU_djPPzUYy1lcf2ttHhW53slThgTU5tDTHtSN37UySUz3kaRNSgI3JNL4S9f8IWmBGMVUKeEQYtBUtzmH6OUa266qDJYIN64NjwNBlB6-Fe7KIzHlaKk8YM4BsDqepSqtMD3WjkjS9Wcrp42q8RQZxF-jk26el6EBzP26OKqPblJOPX5E7PsnXu1fNods7cDoR-oQLbtsxvjvFU01YJcf8RM3-HJa_k-_flYCSgHgVIew6MNBcNxQSHA6SG_uXTr_kllQnuyLYFeypyEVHuzgPXFKkv3NkmuJ8st0jbBmXwRUb5hzuWTKKM7FJ4L9rm2fd6SCftCsN_39gC1i9eKmROJIt13j96PgPpEQ&sai=AMfl-YQ8L2aEi-noz03vqlu5wCeo6zdnNC5YcZuKDcu6JRA7pcBAh2r7Bz9lO0BAEksfAQ5U88LeKdS-e4AzoaYbV51mFhWcj3Td65en-q275TQPuOKEWWXDk0IReWrVa5wSwSq5PyzFrxfaTsrBzEpL-4oTkbEYBSEqp8domwaLJmj3eRME-VqLeGtVeXMOj8iwDTizyZJlwzxAl84Rrbe4ZMRy0pCdwqReUAWNBFarstIrJqTMBcn0Q7qPN3Rrrh62PTJT&sig=Cg0ArKJSzEqW7JEZ8Uq2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230504.52288&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 09 May 2023 15:50:06 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:06 GMT

GET
H2 404 ca
choices.truste.com/ Frame 5B87 0
0 171ms
113ms Script
text/html 13.32.121.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=goldbach03&aid=goldbach03&cid=20767375&js=st0&admarker=dynamic%22type=%E2%80%9Ctext/javascript%22
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUTwS3pgxF-oPTEpN5VrapJeZ0c39ABvBjgcrSt7hMduxX-gQ5lfJjWTl6vtwjnplukHTqOHy_v1H0vMb2eH_c7S_fmw&cry=1&dbm_d=AKAmf-ANV30h5EX5X-N6YGUHudM1E2ojpXg9-OMlISFVcoUr1rOJd2iKL2KLnezjNCgzgu6PkndnYYRCZVG_EO8FEybLzGkbWPHmipKJus_GC61tZ2qFucTq8ILP1MBL2jpZgtkBpPTFLLjZL_tuhZE4I8mtEz8tMrDEO9NUqfLkODZBX-3dHI0d5a7UoPh_sxH3hqm46sgCJuygUwW6BwCQ_eNNaA0AKmfm7VhWeuhJkailxjPPshBEn4U68asZOBTQF976AwgHQsn7p85-LDxgy8BnGp9G6A1xorsmmPIqcoExXRjKMazQPr-y9Q7f2GsVtoye__yYAxclXphD-6Hn8WZlhDLDCTVnEbM-cX_vcLQAvAarcNT4Y_peIp-PQeZYF0EzzLM-eLqOBkenCeqhNih1Rq_yrg4SqMPgPYTruWscZf3tzUFQkISuDpRPafUMySSW937VCt-ltCSPIUzDkzHTA7EMWdkOlc5BvZy7LV3P8uZ3u7qIXx3daoS1279wH4xZFa2A2DCFPVLdNhAyJpep23o4ekml-53RcIVBqlWCNMIjT6ZE-2prm0JuyPNCtVDe_-_DYczfw0_Upo9RbbmGO-LF9vQd2wlkqASWIYUhJyJVyZtLmPlH_qLOqBFrSixETnhXjgUisPvQIEuHaLckPKvPUFYIAghwfeGMRmFLdAS27pVuGnExQNxOabl3ZZlu1JA-tJQ_H0QbDGECZUK4KF9pIt29pMQ-3ypF9xGsW1h8TwE1NWKZeUGdXZ1HqEhs0yy56euABBcFmAJ7SSgan6F705a_oRwp9bXv9si9KBb91-7T8VSqNAGutGmXM72c0GHlCgYSScSu7rSuUuUVDgscUCEpevXWU_2cVEVIWEEeCBM7dFp6A5zvoKvLVWSs9Dk2Tp8ZW6SBXYKfRzAhbIHt84Z1eNSedqmAeMh3qhaamXGNPMGc8u8zNq6PfZCdsmU6OxTActOw7QyBYU7QYB73RYh5aGz7HW6hfYV--XaxM258_x2HmBqltl4lMWx8LPZ8ZlaVvnoTPisCqE7E12kanRNR21au9M1TKmSPjd5a4HcQnVAopOC_jxcfJV5HYuz_kB3lmAYdVOc1hPi0vThSJw_iavkcnpPG99APxlshFvUxXpO57vgCxk2dIgvE3Eu1XkgEDolFMKkrQi4rww8spxFgNQ4GllvDt7bW7HErPu5or8m0oPRgBi5GXwf7SULldxVH-Qqugz-1c6a70C7dn_JZGwuYvww2FEKwk4_u1TF4s1vlMDoLTJh2YaKnt5Eg-HOgG0r2OruLBj4KtQx8zK1vclQ8_jZOUBoGQFM58UarhosMYFuvF4WmpbrhL5yuHX0cz5BCMG8kzROsCQDlY-veu5X6OnnH_9kn77CqN_d-TEIdE7twM_Ov--5ifZ5Lj5YUPcaVLPkz8bs9XN5Rgv2njtIMYldWXjOYoCtkp2Yv9TS_rAZM3bTZ5EyjmNC8n-j4j26FXmZUUb98FG4rmGHJjHV7KYifcSuelI_j9kqmCaCu35KDS89pYxK1rGSbpxnrg0SwjMZ5QuXyCFu9RGFuCrPUbLHpEc2oFwQgSIfBu5Av3TyWlTgiAKE5bNZRh5Lf1sa8VoETpdQQeDaWO-jJRxVZ423izhOR4gIRdXeNpkATYGT-dJdcJqT6Awd52OTliTIhE1PeuMiKBsiHWQ6GrEEFS6VNgfbmHtXpMY8OLQ18LceinwtNiU-cjUNe_mhsyjLYCCJOc4TVQoFkG-w7ubKYl_e0pEeQ5RdThb6ZpJvUL6aEuooiYFs8-nnSOnvv3qpyZ_1-qpEG9xOdF0Bz8RnOmEGHnse-OY1WBNgP0TQCH4MU1jfPvVlNY6dbwcLZ6vXiXcoCs7IaMkPTGPNq1HLeGxKNfZv0KFPxcr-7wueD6Rp1mRMMq4ZPdxAeghzOhMSCPq22Rl3a0Uo1xp2oT1QvuqoJf4pJikjuD6Nf4GEtRZGs_JNdLzNUf1Dn9e6BXCQIKwhePLFUKRDrTNHCTcroa5-i0EOfGChwfOT652QuvRAtRKmnhNDbTPHqh6tX975J9LY7gPtn5nYnpFxe7cUA97tYVFthOqy6GplZfO3UFgSYVbYZL3G2ykGpTXaynKE221bcEIqUfqf4nHpj2vGWzgyr8HxEooHvpcdEwtoQTN2_7-jPaylfSjs6vD0QreHqkBXGIoHdMhoFzzWVH8cu3pMRMov9M-2ZEdWQKZW9r-zrPVOL8rwDu8VoldNxyssHugwcM1V6JMYG-93ow8DyL8XoZN3R68XJk-nfOacCT8Q6oXn-tJAALUkVzu1g0PiQyQJBdp0D2r0lK_QJmh5RLDG5ePaXaXvvTWsN8oBsHyVHT39JCGccD76huTgeb4H4OHZpt3iPeI9OGG5zZQEjDmuApC3dalGXjny2EtcoBk1q3C2okascokekGZVdYmBJWbSvpHvfC6ghVN21FxOqo8f8475L1bQhduTC29JvF7SmrNSxLRI3Yfl7Dy-nrkU2m7czLeFoBlNqm56VaR12lr9xN2SVh9b2f6OZ9CDBZBKBnZdg3z76SqaBzTjMF1E8MFhK1hHjSaqhOnZm3kPpDbsygoBnIkM_pnShyPA8WSqvpiRoWsLU2y_HOaJI5X8EebCqtMfAIRSbNbRCKNmiyTeexS82L5JYYbai1q_WCXIL3W3XYhx1bQmemiiZOH4ZCosJ0ytOgqYKrErRXJR4KIxJRqHjpBFXOI7bCxwvuurMD7pvvul0gQR8s0CJMrx9GeUiR170_K96toAicjHsrsZHwE9kZi7IxspYxNMejparolB4SE736jUUmXwgobL_I3X_rVPmP2UG-fGaPTrMJVzBWYGLhZznT2vxxM9ehNpQNe8xzkexixcF1d12Ha93j8AwWNZcv9Ph8axZc8soZVw7va1ISSAslYjku-mOTy94i2EaPUvu9R8YXuaaXDd7DlUgX_zVrmhBaXT2pZtg3-DMIE5wPtnh-0DdPHINSh-4yBDC1Z9GiTW7GsbKZIede1Wlv0pAkeBsn_NiQTFFG0zh_PusYV518E7_xxAMq7bErmZEOh0jeewPO81RjGS9H2iKD1_Hidh3sNxCqasV7Og0is3p5hjUsst1hsRoxUwihmu_j0bjZZNVeKk6YxS9PFrawpmxu7NvoV34gqu9IpXHZX19IU_JxX5BTi43UDs9Uv_Rb09Hl_b8C0Ng19TIzkAUBB_Klj9Gx6Iz10Ac4H6y5a0uKV4W_eJ64HJQ8ZpDuxUQfYI2kpXotIy4q1DjsmNJVUz-9nJFYPYQiYtAHjZtuY90pzXwVC-gf5mFZ-jxG83EoOHBTV1PTVNZIbuob6Q9HjLOOt8avmY2w1QrEkMAuUSG_vF4r1WyqdzwEA-WJkHC_lowzZdstObswrc9m1fpedAv-5-2hlx-eLwemt3UU-WHpMncPeATiS4aLGQ2M5cL5qBAT3RBA7RkA-oEGX7lmQ_mh33089nfJBWTiDnkpDZi9wUn9ZLh-q09vftFmHMI7M_EQSrZLAzobD0pj_WE4QfURYA6rw&cid=CAQSOwBygQiDm6uhnbolthNc__YktTyUYybSHvyTt_gRZ7BpsxH7iMu4GnIQT4drduamhUI2WpyNGAbCvRhFGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fg37.com.br%2F&ds=l&xdt=1&iif=1&cor=17737131163380316000&adk=2228999115&idt=111&cac=0&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-11.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5B87 41 KB
15 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 May 2024 09:20:28 GMT

GET
H3 200 13493263136626259997
s0.2mdn.net/simgad/ Frame 5B87 90 KB
90 KB 22ms
19ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13493263136626259997

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f59ec81e5e0a803ed4f869232393eed1ecd16f360377c8e3c82e97943b4aed89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 07:04:29 GMT
x-content-type-options: nosniff
age: 290737
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92473
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 11:17:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 May 2024 07:04:29 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 5B87 0
338 B 106ms
30ms Image
text/plain 52.215.61.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=ux5k5l91h&campaignid=20767375&advertiserid=8316070&placementid=229773732&adid=526947258&creativeid=170418443&siteid=4677882
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3442124017&pi=t.aa~a.237511901~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=3&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0&nras=2&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2TgFHOqYfA&p=https%3A//g37.com.br&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.61.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-61-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by: beacon-n018-dub-prod.krxd.net
date: Tue, 09 May 2023 15:50:06 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1683647406
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E87E 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Wed, 10 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9C92 0
0 58ms
57ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1hce7BoVVZseaFGj6pX9dkZTN5QOtXc4EqS3jnXYbdUOpySKnKu0vjhMv4YXsz6JX5AzgfY3fXHhMo7I0NHHJkVNlbErL3wHzODKn7ChRhf11fcO967G1VWiIVQVIPam_4poFY74-9ZlCuHpRtPNlSbGpQ4JrBbYFKicNSxgR7f9F40A8w0iTy-vCqxPq_i3f9WG_Zf5hg1HTOrMuh1RlwTMjle7BOeB1A1EJcnXjTaYZ9EElQGDbHom_4dSv2t4bABWV96Qi6rnRDXYwb7j0yq8PTAmIP-_YMWZJvq9TrR-HMQVFC14hSgHcnX8BMo20I0BY4HnSqQRXf_9RDqDDH9e0I-7qwxQokceaQc8wSnnqiNMUg5IRvqzMrMQtKu015X5jI4V-gCQaZ4tUHeIv2FdCnXh6qRUCwmZE5CR8kPFN5QwIn3BXBW5D8DNPqSsyX_DmJORnJmitroxfIXi8ybwape8lKRCwVYoboAvjwBrnrBClM9zj8ZOYP38gbJqEyeVQVaoJbiuIu_K_ACM2RBsEQ6bHvf42drEhArqXjtI6ApDl9gnL0ZQTcuneTda_rIbRbJ0nDTqLW431IgkIsNK9tGi-tL7EswP_RYkj9g8YkRlyTZeLxVF2bMXIxgbgc9VH0wD5p_JH03mTHzc2EUZMt5oAbSUqmxt3hdpBallLbNMXkTBnW4y5NMKv3JVlxE7xuuZIobhRKkj2gT0b2yCITVqJZnYlIQS0x7QJ4y00995QqiXXoTbW4QUNgOa8lT7Fhg3GA85Eb2q1isdC2ANtTiWGuYqNlZPytfBEVmCJFZItfJGBFcS5G2stKWXrp9Wd0dOsCChBSkMwoJw3gtaXo4n2WOvQx7QYRIf5hG62w-rTP22qU242fWZVF_KhzThleuBnX2_TnCmiEKgyVqxmQ0TY6k24Vw4FuJ0hKciEEMkcyP1K0M3ZmcVbiOBTiQ2GniK6xnBlc4iDJuuEqla5WmT-Kr-tiC8EZ2zMohpFDwhy_nJH_2mxKl4Q_vwx0ORf6wa2TBuH6ylyiIfBtLHCVofAVMUPHpiyvQGmz4HMymmgn3RTkz9gM63L53VPYHVLKJaTWd9Dc3H8rczhOByXegzCxQyVRePW2Oijz4_WksYIPBhBrQg_CUzzXU_g88iXEnAS4nlFPxkinI66Zc35UoCdUHT690DObTuosCJYyjij55zJ-JPS_iRs_eKbpldetSpF2gJvyhi1HViVt5Qqc1As1NTMdFvi0JRp583kbFuDGE7jrpbLsE3TytOXyLuIoPz3tY3kqPlTsPSBXW0T4gsjtQFv5qyTYrCWCTLWVdIoy3mXxLewNIU3xHwL2DW-t2Gm0IvRKjrUGiNWXAFJjA&sai=AMfl-YSOnvRvcSMLqY_f4Ru4yo3TOiVrB8knROtnKYsDxvSy7-r0uo2xQdjzzXr8mcvzOSVEkmqoGqDCASfwq72-HfXxgg8CYabTSyAOASFjiYTZBqWunSiaL_Bw0WkaFrKex3yyhTptZTSdS8t-9o9viZuzMckbgnLT9HyJEz5UCtEcdX_T5_pa5Nh3AzI47qy9VsnR21OmKpBI2Ebl2Z2-XtWy2F4SvZFN8NGYK3yoDxTY3Og0N_llpXJkUNqs6fxzCkf7JQrNHXE0W5f7i6KwkdbSy7DzwA&sig=Cg0ArKJSzE8jvp9Ao_A_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=348&vt=11&dtpt=346&dett=2&cstd=0&cisv=r20230504.24518&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 09 May 2023 15:50:06 GMT

GET
DATA 200
OK truncated
/ Frame 0BF3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30df90c50d0df36e8fffda3427a581bb4a7b3c98f7fc77253fe04da4ecb065f5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 9C92
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1128384/68656984/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=26643843&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=18537685671&bidurl=http...
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}

1 KB
1 KB

19ms
19ms

Script
application/javascript

2600:9000:223f:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}
Requested by: Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 20:43:28 GMT
x-amz-version-id: qG0gavlQiEpwK9AKo.qb12YTK3AnJXCR
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 68799
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 08 May 2023 20:43:25 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: DJmY6Ne9yEoBj79Cr0kNDwxk5kf4B3wDjCRToWjlhpqvKXKj3xDCfA==

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: nginx
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 3BFF 91 KB
23 KB 95ms
23ms Script
application/javascript 2600:9000:223f:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 19872830
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ZdNEKBct0GGVPKEKDm4OS1wolqDaeJVAbd8kpiAc0pIQWImgBb8Twg==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9EDC 1 KB
643 B 19ms
18ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Wed, 10 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9C92 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90cf15e694a6e80e7ba440863094d7f1678397cec7b51ea20ab5085c26cbd32c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4178 22 KB
8 KB 31ms
30ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 296951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 May 2023 05:20:55 GMT
expires: Sun, 05 May 2024 05:20:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5B87 0
0 58ms
58ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuA35jf2sz9MFdON6lJYeoP81dYqGRJLzMc-urpPvxRbeka8wPysxhDTq-6gIGv382a4JqXuviOCHmW8XPhs0cnv9BDdWngaxpBlR_RxqgxLGmFHs0cucXDXRW8FDNwrZeZg2kfzusVeVACj-ghSPTIuTEDSCuvxBTZYwn8_rQpsS9-FBkkpAIQR7fUcO2A5Evig3hEfCGRaie9wXA1IAuLOtyggfHiYIM-_jt-8Jls_OEe3h-MkWPX6vLwiT_zOb_aWjyNlkaz5ECnCXmoxVi6zVDTnGEW71_YHOivOc2RdFBK6JDWHnzua4qySgp6CpWgK4BpVkzJkWxXJQNVPVrXENrKaL_h4puKcvoN2PraC8Xl4_Mtm7XIYmUKGIhBUJ2_0Jr3mTj-8DYfHdWzEnmldF7Lpr7oa2gbjDH9tUq5UEIPfwU6zkLCK8WSuAlIDqWzyI4WnQ3bEG1Zlj8GyUhe4XNjP8gtx36BVLlqnhZfh63_FgWQaPE07IVGwkQ8QhRn2d87tnNlWMLGhXBe_jNI6D9jWDIEtNgVupTlz9YDnJhyKg4rLPlM4GSE_j57wgxuYyTCF0UwmUwJdoTZ2ZSV7apu3wvrandCKAYOoDOyzwd6V5s8GOWomDUKs5V9nV1ySh9lWnbcDp7QVQVfkjICLKll2RClcuP7WIhbCP9SdzgbDuy02tE-yaUvKX0IAOM_-Sw5fXzby9xH90k-mG6cX2pNcfSebWzrDKD-N5bHlma7j8d6vErLOu1O1nR0jgil5KxOdxxdWkctjOMqtN-AM5lNs-1qaR6t5JEFFZWOp5pcM14oVczmEPfC9d-MrfWHJNsead6yLNXwRIs53lBbxklmI6kVRU_djPPzUYy1lcf2ttHhW53slThgTU5tDTHtSN37UySUz3kaRNSgI3JNL4S9f8IWmBGMVUKeEQYtBUtzmH6OUa266qDJYIN64NjwNBlB6-Fe7KIzHlaKk8YM4BsDqepSqtMD3WjkjS9Wcrp42q8RQZxF-jk26el6EBzP26OKqPblJOPX5E7PsnXu1fNods7cDoR-oQLbtsxvjvFU01YJcf8RM3-HJa_k-_flYCSgHgVIew6MNBcNxQSHA6SG_uXTr_kllQnuyLYFeypyEVHuzgPXFKkv3NkmuJ8st0jbBmXwRUb5hzuWTKKM7FJ4L9rm2fd6SCftCsN_39gC1i9eKmROJIt13j96PgPpEQ&sai=AMfl-YQ8L2aEi-noz03vqlu5wCeo6zdnNC5YcZuKDcu6JRA7pcBAh2r7Bz9lO0BAEksfAQ5U88LeKdS-e4AzoaYbV51mFhWcj3Td65en-q275TQPuOKEWWXDk0IReWrVa5wSwSq5PyzFrxfaTsrBzEpL-4oTkbEYBSEqp8domwaLJmj3eRME-VqLeGtVeXMOj8iwDTizyZJlwzxAl84Rrbe4ZMRy0pCdwqReUAWNBFarstIrJqTMBcn0Q7qPN3Rrrh62PTJT&sig=Cg0ArKJSzEqW7JEZ8Uq2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=360&vt=11&dtpt=359&dett=2&cstd=0&cisv=r20230504.52288&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 09 May 2023 15:50:06 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 0BF3 29 KB
29 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 235416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 22:26:30 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9C92 43 B
216 B 327ms
101ms Image
image/gif 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1128384&asId=46ebc884-7e3f-d1c9-26f6-4233fad8f535&tv=%7Bc:c8it8h,pingTime:-3,time:220,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:38%7D,%7Bpiv:0,vs:o,r:l,t:220%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:221,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B212~1%5D,as:%5B212~160.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDM8W49+11%7C121%7C13%7C14%7C15%7C161%7C17%7C18%7C191%7C192%7C1a%7C1b*.1128384-68656984%7C1b1%7C1c1%7C1d1%7C1e1%7C1f1%7C1g%7C1h,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:40%7D&br=c
Requested by: Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9C92 43 B
215 B 317ms
103ms Image
image/gif 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1128384&asId=46ebc884-7e3f-d1c9-26f6-4233fad8f535&tv=%7Bc:c8it8r,pingTime:-6,time:230,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:230,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B212~1%5D,as:%5B212~160.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B10~0%5D,as:%5B10~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDM8W49+11%7C121%7C13%7C14%7C15%7C161%7C17%7C18%7C191%7C192%7C1a%7C1b*.1128384-68656984%7C1b1%7C1c1%7C1d1%7C1e1%7C1f1%7C1g%7C1h,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:40%7D&tpiLookup=ao:g37.com.br*&br=c
Requested by: Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html Show response
s0.2mdn.net/sadbundle/2380149043134789473/ Frame 6856 6 KB
2 KB 20ms
19ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d013bf51ebba259cbf4af6907ac4ad3c5e96c86f44a445c573dcfc61954f70b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 244111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2263
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 06 May 2023 20:01:35 GMT
expires: Sun, 05 May 2024 20:01:35 GMT
last-modified: Mon, 16 May 2022 09:51:42 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0335 0
0 66ms
66ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXYwZZdkE6kMSu4y83zXu-ldq8bTR3VfsKKTscxdF1lCO7uW0mCnSIgEFGirhuLUOzPkmw_51KCd2__dJaEEKAep1mCEuoiq87faj6gyg4ouxB5EfnMXVjTpOXqy-8c1IqG_QHtVrTw8admdvtr_n6ssgvO-rrP3gQXgqb7hSacKZuKjYnQKYNSRaqhf-HC-YUkki3WywNnKJCZbM4JOmeT1yZgp_MemnaVciYfD4E_M5GUA7mq16322SbPbXwEdUjD7qHHehG7O0dzNfgBZOujmgrt9UwE0VwaQs_eYn567PW7qX88-0ncKFT7FKbDEhVAZXIQv-xanCloHUYjNhJQL0FDMvAwmLo8Z35mKVOETXutEOSknk_CNvYD6vGugIsAI9de-3O-lkhb-4oyEHceAGrsbwn019u8N1QdAy_TsMKJa5uqtZ-wQ-rEeSHrku7DplPEaPXEhqTINUFCz12JM48r4l-L6-pBpkF7ptymhKzMMwg0UTQ8JxUXaWSf9_6EIj6hi0f6nfoAd706KCyGJYpeMZqTCx7HFUgDwYwN6N8kdOkG2UpN7HMLMwwxDSR76ZOMnwiivd-Qun04OV5KN8zj-2V-KBm9a4rwlaFi5CxBaFre7EjqOLSD25oeGnJaj0fznVS7WHeYgDwd5YIzVNVfAaNj4sdk6ANcp6H7pG0N13XsGBHapr80356rUqvYrAKZvA8f42KzFWhx_RmABZvDvFZFj94gxAUqObXborq4vHYSj6e8neN7aNiJGcaV3FuY9o2T-Aoktja1ofyEmFhNDsgWJvKdA-1x1S69BCci4y-_z8Mz7MgMBhIJStHXjTaxc0j3Ex3gHPX3pRXDGN3Qdil8ux8UWhmO-ZxpYmIFg7YiaM92xvT7ugBi3KjHlQrn1z39WWJyGk3myaC_ipN9vpf1__GkR0usA34qFVia8mYuR5BT-HlrHi2M_RfN5tMoR5xi4sBpgmyuxfy48HW7_w4d7IprrsXke4To30oe-lmoqmAaoFzxey0lukgzdQH6tZNgM6lODTuw4McupsJy2GozwfAAsWZmaNU1fJkjQ4WFBiMwVblqKrm_Y7XtowzKYUsLNv2kB1Mxh0kAbOVTY8QAw7ecTq-5F3sdyU09yMg9jliXJ_W-Rxi-_eV3hUhe9yLnzgey1dC5k13GoSQdPGcoRpTaAl2eWrXIX493BmmssjAdZZglmeMCcbuURbAr4cuhD2QqlQicgoBpdt-61iFXaWi9RwedcK461nITa0iCY8YSid2h6YIvBpB65wqxR1vSj5YMtmFDax1KpcWW2pU&sai=AMfl-YRnXr1lGqCNOuinWrd7qG9jq6L6TRYkGcWA7M6zRPSFHWKvI9SeqNSAhAerv-lhVgzT6yTz0u968bWv5U6y93mzHlBkvXXMiw7jmII8AW5M_2iBRyv-y3pt0B5R4aZck_hsybaBMMH8i2NGCePtoivLwk36fyAbXjnXLGvepWAnDO9g5XWeniD7P2QNQWbUqEW1k-fEazcOimyeRwFIZ76JJJFqercZBLEd4wE5NGcWumF6m2XonSVPIAjIweorWKf3iC5XhAuxwujB1Yc66b2CZzZwOQ4&sig=Cg0ArKJSzKXAuRBjBrwsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=489&cbvp=1&cstd=485&cisv=r20230504.22902&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 09 May 2023 15:50:06 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:06 GMT

GET
H3 200 PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html Show response
s0.2mdn.net/sadbundle/2380149043134789473/ Frame DB88 6 KB
2 KB 20ms
19ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d013bf51ebba259cbf4af6907ac4ad3c5e96c86f44a445c573dcfc61954f70b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 244111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2263
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 06 May 2023 20:01:35 GMT
expires: Sun, 05 May 2024 20:01:35 GMT
last-modified: Mon, 16 May 2022 09:51:42 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7F2E 0
0 67ms
66ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlVbEZOldKTq0itiWUgF5G61vFGHihdT2UBZQk1qQLXH3cqZ86Ry_i7FQ50-SLyPeouAn7RGRtwtglDV-g48VQQOCkUbbt9WToy_6TfMJO5k_6VQzPaFlC5XLBRFsXY2eUj9Qzb0saQkn9c5wBRjemqg0Q9wlUzEvkVOUog2D8WW7Zzx0Wl47EAARhILeYyz4WKNWTUxsobysGPiYwUudOStCpw-7I7gUcV34A05JgBKlO7LzqBnKkn0CiUYLWwx1d8oWgLPDc-_oZekyZsSfXbdUQSfIge50Ckp4hJqgRj8fDA0LxlFaQ4C1ugg6QnltOVbE1nwZNnP5tDFM1w7ZFHtWlsH-S9-h4xrOL773bzwl3F_0_zKOdK-PNwSoPKSSiE4UNStiR2DX1XQaofzJLXyrDXSFTpsJUlTRN0PUCZhqOf8NTU9cSgr5UHonEuv532jsbNY7tFqdwVWJbCPJM-EmcckoheJ3GKegG7P2AkdhkO4AoO_4bNvI68_Du74aEtXYcEi_z3L6vdvxDoQ4eskYbkXVEREHczugPSCmQMECQyAVgbccxCvltQBFQXgb89ljRLhatmoFR1VWJtwmQJ8R47rsQFupstV7Xw2bBslzDYuqAle5q_tJn7piLOpLhoNReXmP6hFENhZ90cUBzCat8b-m1OXpVQjOW05TDfkH4TV_Ew4eQvrNUbukleRD1eVgvJ0XFVim585Vhn7zEkL6mdo7oIQ_u5moRv_gks8g37NNNMjlHfjXU_r7KLzP6ghB0lPiD6RcGua-DOh_55whZFVby_FJ1OZTbtM_DNk-5trBgyl5B6dU5rAiHdMv90t-tVqMYHzh8_JXbS4dNax46cFNTj203G6UDQL9-24B1ZG8L0tL0ls254X1TPwE5Kf9W2yVLTt5QoCALJ3-euizWwNt3Ftbb68glEh0Ps50N9oqDKKG5fv4V-DN73aM18dDm8cxvKOgSuGvdyigjpWVMoXVMeC0cWDxFJ3C0sNZWCWQOmv0RB49PsmD4mA4hOJx9ywLObHrvsLiwmLNyFN6Ys4qv6DI6Agf172e18wFOBGrY-oIPPNDX6usv643IVpM7xWlzAVkTjJIbqQRjcdtzR46rF4rNstgzts9NNIr2ejU7p0zp3L6h3RTxTvh8SgFoc00cHxRa72nkfhcm3Jn5dW1mGBvof5Pol4S877ZM1UuyKcI7WGon_tHnWzGXUmQ3Bh8C7JnHdeacaFbX2icm4RlAofNyKW-PanPsW9bJV7nsFAl3pH3KWs03-hu8p-OROeTKZGnr6H7oYWckxgK3q1vc&sai=AMfl-YSTsBor4Rvox8XL7SIW1a5bZJICzaWWkNW7Yvj3fuMySl3zEmQugmBhwguqtiAzig6kjWKYiBoqoAtZiKvutp8Po2C_NnQ-OM6TZpZtiT49-5FvcQMh343hc7ei7By47MOVEvm5nKOFoPDYnmU1G5kMZHwPa-vI5cHKenYqp1N9MFdVxwU8NCKb8VvxVRNaBACZCFaV_frYq4QxBIQ736ncAI1oo7HbJga0U9NP_GldFTHRm4FHmXbgobiyUrilIBc7OItYjYMqFWDhJrwG1bc3bbXWD2w&sig=Cg0ArKJSzIlTXZtIOeELEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=453&cbvp=1&cstd=451&cisv=r20230504.60565&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 09 May 2023 15:50:06 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 09 May 2023 15:50:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 132D 1 KB
643 B 19ms
19ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Wed, 10 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5B87 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d788b3835da0a9aa6fd32675c61fdf290028fe3e97bbccc8370a8e9812061d37

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E87E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBY66_r7G6WtbxDKXabAMGo&google_cver=1&google_push=ATf1kGPwRQDMW9ftxEgGnINmwBcZXqIBXtWDzO4QoQibfvPXN1QwV8Ar72gpzaDJ-QC9kbPrLfhcgOkQGFpfSB0pk1b7-hHF4KFBt...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM4ODQ0NjE3NjM0NDc5NjIxNg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENz3kXNFkVppXxGAzmVT1jc&google_cver=1

43 B
398 B

73ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENz3kXNFkVppXxGAzmVT1jc&google_cver=1
Requested by: Host: g37.com.br
URL: https://g37.com.br/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENz3kXNFkVppXxGAzmVT1jc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame E87E 35 B
464 B 114ms
20ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENiKkhjB1U463TjqPM-MUsc&google_cver=1&google_push=ATf1kGPChSkZbSwXe19J1IEHtc7OCgsVb7qoocjOkP-tWnZtsPAJlnv7trB8grJp5h1HqkUpARTML0jJI12OnCGG6Ba84XhwYhsnh69bcXlezAp9mngjIz5Nx41UGbua6TgtQ1gpekv8JN0eptlXEyCHQyRFSkQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E87E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMkC-MUZWjXgc6IuXmN7Eyk&google_push=ATf1kGMq3AFgsCYajSTf0POQ7jM_HWjE_NxdUK46QU92BI0v6uR1ABngyn...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMkC-MUZWjXgc6IuXmN7Eyk&google_push=ATf1kGMq3AFgsCYajSTf0POQ7jM_HWjE_NxdUK46QU92BI0v6uR1ABngynjMY_K1K-mlOzE-YyjDHiMKHVGAROPazbkN1iCu-sX1B8q8Lm6-p8uXhzt0hwHPI3TdbELDSwPqj-OkdVDUedRgutSKSU108tlx6Iw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21045-AMS
pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1683647407.721723,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMkC-MUZWjXgc6IuXmN7Eyk&google_push=ATf1kGMq3AFgsCYajSTf0POQ7jM_HWjE_NxdUK46QU92BI0v6uR1ABngynjMY_K1K-mlOzE-YyjDHiMKHVGAROPazbkN1iCu-sX1B8q8Lm6-p8uXhzt0hwHPI3TdbELDSwPqj-OkdVDUedRgutSKSU108tlx6Iw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E87E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJzTjhb9FIQTHsow2KNDBB4&google_cver=1&google_push=ATf1kGM8OYArWqIr__xCgXEEgyT2vU4ljM09clMBCcR-gUpmzKVS_I5Q_wv7sbIsduMdWuf2L-C4p81m56LOfAb3o2IYstUk_ffjLF...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1DA4CFC031A45298F0B3F7769AADDBE&google_push=ATf1kGM8OYArWqIr__xCgXEEgyT2vU4ljM09clMBCcR-gUpmzKVS_I5Q_wv7sbIsduMdWuf2L-C4p81m56LOfAb...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1DA4CFC031A45298F0B3F7769AADDBE&google_push=ATf1kGM8OYArWqIr__xCgXEEgyT2vU4ljM09clMBCcR-gUpmzKVS_I5Q_wv7sbIsduMdWuf2L-C4p81m56LOfAb3o2IYstUk_ffjLFeN8wZ8iLpxAj_ABxaakVXUfTCPejQvpLRMqR5W7vQ351uAlIsCEpqenTE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 May 2023 15:50:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1DA4CFC031A45298F0B3F7769AADDBE&google_push=ATf1kGM8OYArWqIr__xCgXEEgyT2vU4ljM09clMBCcR-gUpmzKVS_I5Q_wv7sbIsduMdWuf2L-C4p81m56LOfAb3o2IYstUk_ffjLFeN8wZ8iLpxAj_ABxaakVXUfTCPejQvpLRMqR5W7vQ351uAlIsCEpqenTE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 May 2023 15:50:06 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame E87E 43 B
363 B 48ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEBxmD_83qu_vLhwceHcHjw8&google_cver=1&google_push=ATf1kGPb9A9Yorx_BDb2ru-JSQVYnktorWA9078ZXuIxSO5ZgRiFOHb2ZpSVYFHs4-Uf00x3H0rIW_R7tH4x2jWyMgLNWgIe9LcWdIkxyniajAPKah5lD-IzjGMAc5LhiiDqcOud-ciq-5JTsAWh3C4yDrdomeI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:05 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 331282
expires: Tue, 09 May 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E87E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELEv64KnNnCqK4eMHIwNyBU&google_cver=1&google_push=ATf1kGM-dokJChW8jo8sSzsrv9IdL8HRwuStrTTyZrMw4OM8vURYzBEQfabLHpdHQOanakHokJs5n25u...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELEv64KnNnCqK4eMHIwNyBU&google_cver=1&google_push=ATf1kGM-dokJChW8jo8sSzsrv9IdL8HRwuStrTTyZrMw4OM8vURYzBEQfabLHpdHQOanakHokJs...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjcxNjg5MTQ2NjU4MzYyOTU5OQ&google_push=ATf1kGM-dokJChW8jo8sSzsrv9IdL8HRwuStrTTyZrMw4OM8vURYzBEQfabLHpdHQOanakHokJs5n2...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjcxNjg5MTQ2NjU4MzYyOTU5OQ&google_push=ATf1kGM-dokJChW8jo8sSzsrv9IdL8HRwuStrTTyZrMw4OM8vURYzBEQfabLHpdHQOanakHokJs5n25u_bML3MlQj1CZQlWP4fHTF-M-V46rAin_PBaVUlwEJ_X4iq84S-UEGS61Sa8ghj5Seg_d-VW5Y19-9ks

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjcxNjg5MTQ2NjU4MzYyOTU5OQ&google_push=ATf1kGM-dokJChW8jo8sSzsrv9IdL8HRwuStrTTyZrMw4OM8vURYzBEQfabLHpdHQOanakHokJs5n25u_bML3MlQj1CZQlWP4fHTF-M-V46rAin_PBaVUlwEJ_X4iq84S-UEGS61Sa8ghj5Seg_d-VW5Y19-9ks
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E87E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yaGd1P3ESnuD7wqMWjC4CA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yaGd1P3ESnuD7wqMWjC4CA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMQRrPklrfP5svEijvo3WI9lDAyWMpCeDjh6n8scTd5piiFerO5t2DwIThIrycN1knur6yhQwmKRKWKHnjiYYI4p6h4M41SWce7Sbhp7KwCP6WzkdDSu-Ci4_Pinx3wtXWIk6JwVULZftvfrLp5WxCH8rc

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yaGd1P3ESnuD7wqMWjC4CA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMQRrPklrfP5svEijvo3WI9lDAyWMpCeDjh6n8scTd5piiFerO5t2DwIThIrycN1knur6yhQwmKRKWKHnjiYYI4p6h4M41SWce7Sbhp7KwCP6WzkdDSu-Ci4_Pinx3wtXWIk6JwVULZftvfrLp5WxCH8rc
date: Tue, 09 May 2023 15:50:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E87E 0
12 B 28ms
27ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9WTxIztRqSSn56VxQBpRqEbK3htLBgv2JZy8NlyYRWLNSnB9d-PeGzxLlvASHLVCKQx83

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C4A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
28ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:06 GMT
expires: Tue, 09 May 2023 15:50:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9C92 43 B
215 B 226ms
104ms Image
image/gif 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1128384&asId=46ebc884-7e3f-d1c9-26f6-4233fad8f535&tv=%7Bc:c8it9Y,pingTime:-2,time:325,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1034,beZ:1036,mfA:1038,cmA:1040,inA:1040,inZ:1045,prA:1046,prZ:1065,si:1073,poA:1075,poZ:1103,cmZ:1103,mfZ:1103,loA:1264,loZ:1267,ltA:1359,ltZ:1359%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:38%7D,%7Bpiv:0,vs:o,r:l,t:220%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:325,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B212~1%5D,as:%5B212~160.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B105~0%5D,as:%5B105~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDM8W49+11%7C121%7C13%7C14%7C15%7C161%7C17%7C18%7C191%7C192%7C1a%7C1b*.1128384-68656984%7C1b1%7C1c1%7C1d1%7C1e1%7C1f1%7C1g%7C1h,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:40,sinceFw:284,readyFired:false%7D&br=c
Requested by: Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6856 236 KB
63 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 May 2023 15:50:06 GMT

GET
H3 200 PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.js Show response
s0.2mdn.net/sadbundle/2380149043134789473/ Frame 6856 78 KB
13 KB 20ms
19ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bdfd55f160a24894ef439dd29a29dd53bb08d9d38e170d148532471d0355ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 08:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13349
x-xss-protection: 0
last-modified: Mon, 16 May 2022 09:51:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 May 2024 08:18:10 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DB88 236 KB
63 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 May 2023 15:50:06 GMT

GET
H3 200 PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.js Show response
s0.2mdn.net/sadbundle/2380149043134789473/ Frame DB88 78 KB
13 KB 20ms
20ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bdfd55f160a24894ef439dd29a29dd53bb08d9d38e170d148532471d0355ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 08:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13349
x-xss-protection: 0
last-modified: Mon, 16 May 2022 09:51:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 May 2024 08:18:10 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0335 41 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 May 2024 09:20:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 52A0 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Wed, 10 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0335 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9205478139a1cf4128e7fda06960ba1efc3ee9984b134ba9d8c1cc4598847f49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4BBE 79 KB
17 KB 379ms
378ms XHR
text/xml 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=1632435488339177&sz=640x480&url=https%3A%2F%2Fg37.com.br%2F&iu=%2F21715141650%2C22664157990%2Fg37.com.br%2Fdesktop_slider&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26dk_refresh%3Dtrue%26index%3D1%26hostname%5B%5D%3Dg37%26hostname%5B%5D%3Dcom%26hostname%5B%5D%3Dbr%26hostname%5B%5D%3Dg37.com.br%26pathname%5B%5D%3D%2F%26placement_name%3Dslider%26%26secom%3D1%26tier%3D3&vpa=click&vpmute=0&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=864416872&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&media_url=https%3A%2F%2Ftags.denakop.com%2Fassets%2Fblack.mp4&sid=00D59EAC-1A11-4792-8A7C-7478249D352F&nel=0&eid=44740339%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&top=https%3A%2F%2Fg37.com.br%2F&loc=https%3A%2F%2Fg37.com.br%2F&dt=1683647406765&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&scor=1498664923654163&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88ed89e32107857eb9e3231319fa152608f56294d1457de839a27370c0a287d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17254
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7F2E 41 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 May 2024 09:20:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 904C 1 KB
643 B 19ms
18ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Wed, 10 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 997B 22 KB
8 KB 33ms
32ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 296951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 May 2023 05:20:55 GMT
expires: Sun, 05 May 2024 05:20:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9EDC 0
103 B 137ms
23ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKDxxtUUAdBIfqlelsYXzx0&google_cver=1&google_push=ATf1kGNrcGiq2GtxlJPGJG4sgW8wgrqmDsVDYL4zORZiI_VH_JFxocdRizPYFSd3p7AA8_rhm_xzCUfvx_n1FXkWkAiyBbDgzXf1
Requested by: Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EDC
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESELmGP4lsiHGtv-2RiUS7V0g&c_param1=ATf1kGObQbW6f-RPTs3nJMvQRUrjB2WFtWpZ_1psl8p5B3Ev9fws5OJHSbzCb-j0UXKWIcfBJ4Fc4dsb4rDzZh3h61H-OdKoeso&gdpr=%%GDPR%%&a...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGObQbW6f-RPTs3nJMvQRUrjB2WFtWpZ_1psl8p5B3Ev9fws5OJHSbzCb-j0UXKWIcfBJ4Fc4dsb4rDzZh3h61H-OdKoeso

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGObQbW6f-RPTs3nJMvQRUrjB2WFtWpZ_1psl8p5B3Ev9fws5OJHSbzCb-j0UXKWIcfBJ4Fc4dsb4rDzZh3h61H-OdKoeso

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGObQbW6f-RPTs3nJMvQRUrjB2WFtWpZ_1psl8p5B3Ev9fws5OJHSbzCb-j0UXKWIcfBJ4Fc4dsb4rDzZh3h61H-OdKoeso
date: Tue, 09 May 2023 15:50:06 GMT
server: nginx/1.23.2
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 9EDC 43 B
350 B 63ms
20ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOl4fn_-og65ulJQIPyb54M&google_cver=1&google_push=ATf1kGNHntitlRMyT6ik05qlnvzj2DO36_ELss7rb8fzKinte7zJBWMnUIN0OfTxbOsyT-vPpNbH7N99HrJrdoY9azJHpoVGg_m3
Requested by: Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: v296s8rfg7f3iu2p2m5o32f1eomk4sed

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EDC
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEP1JyP5kyLMtDXHjZPct6V8&google_cver=1&google_push=ATf1kGM4Wl137UAJm9yDASzlJhok7bQKrYZrmFqPye2lRXFJoh1NobKFH2hnIX_3V6fNpltuBa97UzOUBFUSc...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEP1JyP5kyLMtDXHjZPct6V8&google_push=ATf1kGM4Wl137UAJm9yDASzlJhok7bQKrYZrmFqPye2lRXFJoh1NobKFH2hnIX_3V6fNpltuBa97UzOUBFUSc...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGM4Wl137UAJm9yDASzlJhok7bQKrYZrmFqPye2lRXFJoh1NobKFH2hnIX_3V6fNpltuBa97UzOUBFUScdPc12ArDSv89aoN&google_hm=djNsRXhfUWVUY3cwQ0tt...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGM4Wl137UAJm9yDASzlJhok7bQKrYZrmFqPye2lRXFJoh1NobKFH2hnIX_3V6fNpltuBa97UzOUBFUScdPc12ArDSv89aoN&google_hm=djNsRXhfUWVUY3cwQ0ttOUxmbE0=

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:07 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGM4Wl137UAJm9yDASzlJhok7bQKrYZrmFqPye2lRXFJoh1NobKFH2hnIX_3V6fNpltuBa97UzOUBFUScdPc12ArDSv89aoN&google_hm=djNsRXhfUWVUY3cwQ0ttOUxmbE0=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 236
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EDC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yaGd1P3ESnuD7wqMWjC4CA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yaGd1P3ESnuD7wqMWjC4CA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOz07B4oB47YJ53WU6V4huMNiEhsN6qHmaCmTEPFmtyjNJ2P2v9HS5uacdLIf4XtJTBfUp2od9_9e8fLyjEDayt9MqjqJgp

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yaGd1P3ESnuD7wqMWjC4CA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOz07B4oB47YJ53WU6V4huMNiEhsN6qHmaCmTEPFmtyjNJ2P2v9HS5uacdLIf4XtJTBfUp2od9_9e8fLyjEDayt9MqjqJgp
date: Tue, 09 May 2023 15:50:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EDC
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEE6o-cjmhAItkYZp8vdYTFY&google_cver=1&google_push=ATf1kGMUtIziKZngXobMXvKHL5lLqYR__XWZ9-rnOo42Vi6OWvbameqfeljHutlfMetO5uBGuAeulKoOOycOIPLlqJovDd...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEE6o-cjmhAItkYZp8vdYTFY&google_cver=1&google_push=ATf1kGMUtIziKZngXobMXvKHL5lLqYR__XWZ9-rnOo42Vi6OWvbameqfeljHutlfMetO5uBGuAeulKoOOycOIPLl...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=df1JIjaiQLGWAYj9frAMWQ&google_push=ATf1kGMUtIziKZngXobMXvKHL5lLqYR__XWZ9-rnOo42Vi6OWvbameqfeljHutlfMetO5uBGuAeulKoOOycOIPL...

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=df1JIjaiQLGWAYj9frAMWQ&google_push=ATf1kGMUtIziKZngXobMXvKHL5lLqYR__XWZ9-rnOo42Vi6OWvbameqfeljHutlfMetO5uBGuAeulKoOOycOIPLlqJovDdxGjM4

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=df1JIjaiQLGWAYj9frAMWQ&google_push=ATf1kGMUtIziKZngXobMXvKHL5lLqYR__XWZ9-rnOo42Vi6OWvbameqfeljHutlfMetO5uBGuAeulKoOOycOIPLlqJovDdxGjM4
access-control-allow-origin: *
date: Tue, 09 May 2023 15:50:06 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 9EDC
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEEd7DfXqimGZ2plDP4_wtA4?ext-param=ATf1kGMuRsmL1QpKKrvt8NosEGJNJviN3HdoQEj7eTcHJ4PtmllgSEcTFulk95aCgAB32ENZhaWvHaR9h6nsWlteD6xjsUvnpJBBHA&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESEEd7DfXqimGZ2plDP4_wtA4?redir-setuniq=1&ext-param=ATf1kGMuRsmL1QpKKrvt8NosEGJNJviN3HdoQEj7eTcHJ4PtmllgSEcTFulk95aCgAB32ENZhaWvHaR9h6nsWlteD6xjsUvnpJBBHA&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEd7DfXqimGZ2plDP4_wtA4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

63ms
63ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 23 Apr 2024 15:50:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9EDC 0
12 B 31ms
31ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIb78R_LyMCJFN0oespMmiKdillfNiKW6at-EXoU3EUvCeY3JmzXz6Av6tFGDEGynqoAtcqA

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 7F2E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0833b4aafc9a9e79375911acdfef6ec08d6dd67e66729da732587a3c4a2ced1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 132D
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHHBy3a77STtlLHADzzSEec&google_cver=1&google_push=ATf1kGOHKSCkAATXSeOPGU3lyA65KUQl87K_9NiodzTohwVqA8tdAEqASx...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOHKSCkAATXSeOPGU3lyA65KUQl87K_9NiodzTohwVqA8tdAEqASxCZ6jJi7uLJO9rqaCnw1xefzYgI5DrQq4TZLNVJApObOg&google_hm=soos8x8FWH...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOHKSCkAATXSeOPGU3lyA65KUQl87K_9NiodzTohwVqA8tdAEqASxCZ6jJi7uLJO9rqaCnw1xefzYgI5DrQq4TZLNVJApObOg&google_hm=soos8x8FWHkWzCF07Y6ITg

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOHKSCkAATXSeOPGU3lyA65KUQl87K_9NiodzTohwVqA8tdAEqASxCZ6jJi7uLJO9rqaCnw1xefzYgI5DrQq4TZLNVJApObOg&google_hm=soos8x8FWHkWzCF07Y6ITg
pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 132D 0
104 B 61ms
23ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDaszoQpvypFkjQ3kDVaJWk&google_cver=1&google_push=ATf1kGOuX_mE4X5V6lCk1Q8Dh500KLq6qoD3l_LKfsPsS3E_bg6rhKiCMuV_FL7sdbOB-nch64MCctyhs9UeiD1IP7lRGjP57vkVffk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3442124017&pi=t.aa~a.237511901~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=3&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0&nras=2&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2TgFHOqYfA&p=https%3A//g37.com.br&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 132D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECCdwv4s4wtyPbsOb2jaUFc&google_cver=1&google_push=ATf1kGPEYdfyAtvZvx_EfRByANLrKuWnQ-ZFyjrpHxBTW1JUwUJGrPXlrJJt5-ar-KU01xCsx5oHqFvpvGBBrVKF...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPEYdfyAtvZvx_EfRByANLrKuWnQ-ZFyjrpHxBTW1JUwUJGrPXlrJJt5-ar-KU01xCsx5oHqFvpvGBBrVKF7E_RY2A4mp49oFs

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPEYdfyAtvZvx_EfRByANLrKuWnQ-ZFyjrpHxBTW1JUwUJGrPXlrJJt5-ar-KU01xCsx5oHqFvpvGBBrVKF7E_RY2A4mp49oFs

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 May 2023 15:50:06 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x30 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPEYdfyAtvZvx_EfRByANLrKuWnQ-ZFyjrpHxBTW1JUwUJGrPXlrJJt5-ar-KU01xCsx5oHqFvpvGBBrVKF7E_RY2A4mp49oFs
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 May 2023 15:50:05 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 132D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHC1FfMZXoHp-5ppMSBBIHg&google_cver=1&google_push=ATf1kGMJEb-A0AxyToju4ACCrPRu1T42UyLnxXSDhhiezu6gRvn8wuB513R50mIMKR_rNUwuje97jdck3N2ZT2zpLkIm8PNX3hRVo...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHC1FfMZXoHp-5ppMSBBIHg&google_cver=1&google_push=ATf1kGMJEb-A0AxyToju4ACCrPRu1T42UyLnxXSDhhiezu6gRvn8wuB513R50mIMKR_rNUwuje97jdck3N2ZT2zpLkIm8PNX3hR...

43 B
416 B

198ms
178ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHC1FfMZXoHp-5ppMSBBIHg&google_cver=1&google_push=ATf1kGMJEb-A0AxyToju4ACCrPRu1T42UyLnxXSDhhiezu6gRvn8wuB513R50mIMKR_rNUwuje97jdck3N2ZT2zpLkIm8PNX3hRVow&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMJEb-A0AxyToju4ACCrPRu1T42UyLnxXSDhhiezu6gRvn8wuB513R50mIMKR_rNUwuje97jdck3N2ZT2zpLkIm8PNX3hRVow%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c4b18a72ad92c1c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 272
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHC1FfMZXoHp-5ppMSBBIHg&google_cver=1&google_push=ATf1kGMJEb-A0AxyToju4ACCrPRu1T42UyLnxXSDhhiezu6gRvn8wuB513R50mIMKR_rNUwuje97jdck3N2ZT2zpLkIm8PNX3hRVow&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMJEb-A0AxyToju4ACCrPRu1T42UyLnxXSDhhiezu6gRvn8wuB513R50mIMKR_rNUwuje97jdck3N2ZT2zpLkIm8PNX3hRVow%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c4b18a57f782c1c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 132D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIcoXi7fnZwsxh33pmEod04&google_push=ATf1kGMAyqzxliDmpP_tDT6gM4fYX_Raeun6byhH4AWwb-9_0O3rF5hRo9...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIcoXi7fnZwsxh33pmEod04&google_push=ATf1kGMAyqzxliDmpP_tDT6gM4fYX_Raeun6byhH4AWwb-9_0O3rF5hRo9htSSHTak3cz-To41VHCAnIruQN3FJg943I0ez1pyJMn5o

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21045-AMS
pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1683647407.891816,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIcoXi7fnZwsxh33pmEod04&google_push=ATf1kGMAyqzxliDmpP_tDT6gM4fYX_Raeun6byhH4AWwb-9_0O3rF5hRo9htSSHTak3cz-To41VHCAnIruQN3FJg943I0ez1pyJMn5o
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 132D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECXzgc9JilR7Xcoe8OrcN1w&google_cver=1&google_push=ATf1kGOczln7ZkkTsBYqnQ1AjbQbTy9qDixr6kzkmgUI_2jylUQzoQD73896XRk2wHUzpv2-FcTzH0ao5N7Zj3-PvNpmJppTnRL0SQY
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1DA4CFC031A45298F0B3F7769AADDBE&google_push=ATf1kGOczln7ZkkTsBYqnQ1AjbQbTy9qDixr6kzkmgUI_2jylUQzoQD73896XRk2wHUzpv2-FcTzH0ao5N7Zj3-...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1DA4CFC031A45298F0B3F7769AADDBE&google_push=ATf1kGOczln7ZkkTsBYqnQ1AjbQbTy9qDixr6kzkmgUI_2jylUQzoQD73896XRk2wHUzpv2-FcTzH0ao5N7Zj3-PvNpmJppTnRL0SQY

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 May 2023 15:50:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1DA4CFC031A45298F0B3F7769AADDBE&google_push=ATf1kGOczln7ZkkTsBYqnQ1AjbQbTy9qDixr6kzkmgUI_2jylUQzoQD73896XRk2wHUzpv2-FcTzH0ao5N7Zj3-PvNpmJppTnRL0SQY
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 May 2023 15:50:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 132D
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGLbGpStGDbrcRZzW3a1aa8&google_cver=1&google_push=ATf1kGN-p1CeWAGyHN9mZv3C29zarfeOPXEj6bOZatmhuYlHd6CewpGOjUMtAKpWPI4LJ0SqqGKBdla4lzQQbTtX17-6...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGLbGpStGDbrcRZzW3a1aa8&google_cver=1&google_push=ATf1kGN-p1CeWAGyHN9mZv3C29zarfeOPXEj6bOZatmhuYlHd6CewpGOjUMtAKpWPI4LJ0SqqGKBdla4lzQQbT...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGN-p1CeWAGyHN9mZv3C29zarfeOPXEj6bOZatmhuYlHd6CewpGOjUMtAKpWPI4LJ0SqqGKBdla4lzQQbTtX17-6yWEuHNWDdY4&google_hm=lJVbSXD9RNSLMwFRxAC-...

170 B
188 B

35ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGN-p1CeWAGyHN9mZv3C29zarfeOPXEj6bOZatmhuYlHd6CewpGOjUMtAKpWPI4LJ0SqqGKBdla4lzQQbTtX17-6yWEuHNWDdY4&google_hm=lJVbSXD9RNSLMwFRxAC-zw==

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGN-p1CeWAGyHN9mZv3C29zarfeOPXEj6bOZatmhuYlHd6CewpGOjUMtAKpWPI4LJ0SqqGKBdla4lzQQbTtX17-6yWEuHNWDdY4&google_hm=lJVbSXD9RNSLMwFRxAC-zw==
date: Tue, 09 May 2023 15:50:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 132D 0
12 B 28ms
27ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JY1yFQRnYNdmVd8Pnv5BiCR_uuWeDRf0nLOgeLlL0QSCeOuqD-Dm7r6guB05jicI9Rvycs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame 4178 38 KB
15 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 15:13:08 GMT

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame B34E 38 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9615345408743774&output=html&h=250&adk=127878119&adf=3538715075&pi=t.aa~a.3096195683~rp.4&w=305&fwrn=4&fwrnh=100&lmt=1683647156&rafmt=1&to=qs&pwprc=1438434363&format=305x250&url=https%3A%2F%2Fg37.com.br%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683647405022&bpp=2&bdt=3123&idt=-M&shv=r20230504&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3950ad6e050e751a-22df208792df0074%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w&gpic=UID%3D00000bf8aef6618f%3AT%3D1683647404%3ART%3D1683647404%3AS%3DALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg&prev_fmts=0x0%2C305x250%2C305x250%2C305x250&nras=5&correlator=5511825866770&frm=20&pv=1&ga_vid=1340732611.1683647404&ga_sid=1683647404&ga_hid=139216161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=3913&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44773810%2C44759875%2C31071756%2C31074431%2C44788442%2C44790154&oid=2&pvsid=3673824616139106&tmod=524419618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=AZUYaEP2fs&p=https%3A//g37.com.br&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 15:13:08 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AAB0 22 KB
8 KB 31ms
30ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 296951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 May 2023 05:20:55 GMT
expires: Sun, 05 May 2024 05:20:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52A0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEC8cs6aSlGzYe0MoXxUixkU&google_cver=1&google_push=ATf1kGOgNMF5Dw6Ycb2f9c7IZZcX19YZvmdFo4SL1hDW7mHf8yG_V56rbM5blULxHS7jpqvNKWAjNYCFbMa-X_gL...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ysFkWmuuQwChPtfp9D_W7g&google_push=ATf1kGOgNMF5Dw6Ycb2f9c7IZZcX19YZvmdFo4SL1hDW7mHf8yG_V56rbM5blULxHS7jpqvNKWAjNYCFbMa-X_gL2zuSEJ-H...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ysFkWmuuQwChPtfp9D_W7g&google_push=ATf1kGOgNMF5Dw6Ycb2f9c7IZZcX19YZvmdFo4SL1hDW7mHf8yG_V56rbM5blULxHS7jpqvNKWAjNYCFbMa-X_gL2zuSEJ-Hy4Wd

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 May 2023 15:50:07 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x16 config_version:"79"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ysFkWmuuQwChPtfp9D_W7g&google_push=ATf1kGOgNMF5Dw6Ycb2f9c7IZZcX19YZvmdFo4SL1hDW7mHf8yG_V56rbM5blULxHS7jpqvNKWAjNYCFbMa-X_gL2zuSEJ-Hy4Wd
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 May 2023 15:50:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52A0
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFxILGYtWwBihcEP7MORPXw&google_cver=1&google_push=ATf1kGNk3ZCfEPNko5UDjXL8J17PoBwkh8PNnTvw20ZaJdE4UPy08xLCw1SDJBm2RpJnm82p3bQThU3L2Ja13f...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMTIxMDU1MTA2MTM3OTIxOQ%3D%3D&google_push=ATf1kGNk3ZCfEPNko5UDjXL8J17PoBwkh8PNnTvw20ZaJdE4UPy08xLCw1SDJBm2RpJnm82p3bQThU3L2Ja13fRp0K...

170 B
188 B

35ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMTIxMDU1MTA2MTM3OTIxOQ%3D%3D&google_push=ATf1kGNk3ZCfEPNko5UDjXL8J17PoBwkh8PNnTvw20ZaJdE4UPy08xLCw1SDJBm2RpJnm82p3bQThU3L2Ja13fRp0KPU7CHM11QyEA

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMTIxMDU1MTA2MTM3OTIxOQ%3D%3D&google_push=ATf1kGNk3ZCfEPNko5UDjXL8J17PoBwkh8PNnTvw20ZaJdE4UPy08xLCw1SDJBm2RpJnm82p3bQThU3L2Ja13fRp0KPU7CHM11QyEA
Date: Tue, 09 May 2023 15:50:07 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52A0
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO94M_8dxcXMAYanmM_tZ8M&google_cver=1&google_push=ATf1kGNJYjvVpRVhzId9lCA25JEB8_nrnzK5fAwBlKU7aaMNH1_a7ukcgzskn-fYH2EsaQs4nU7pXFySDLz03XC2uwKzl0k...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNJYjvVpRVhzId9lCA25JEB8_nrnzK5fAwBlKU7aaMNH1_a7ukcgzskn-fYH2EsaQs4nU7pXFySDLz03XC2uwKzl0kKithoiw&google_hm=eS0ydHAxRGVGRTJwSGNF...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNJYjvVpRVhzId9lCA25JEB8_nrnzK5fAwBlKU7aaMNH1_a7ukcgzskn-fYH2EsaQs4nU7pXFySDLz03XC2uwKzl0kKithoiw&google_hm=eS0ydHAxRGVGRTJwSGNFUG14OFhocVYwM21PVXRkYS41S35B

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 May 2023 15:50:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNJYjvVpRVhzId9lCA25JEB8_nrnzK5fAwBlKU7aaMNH1_a7ukcgzskn-fYH2EsaQs4nU7pXFySDLz03XC2uwKzl0kKithoiw&google_hm=eS0ydHAxRGVGRTJwSGNFUG14OFhocVYwM21PVXRkYS41S35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52A0
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENk4AQzR2ukoCAUkLrHnhKs&google_cver=1&google_push=ATf1kGOgsbrNfsJu8kqXvkuvdSK3ju-S07fD3kakw_UF2J0SlCCkcUiFtinnGBJ8vfNDMtN0eYFZtCkCuvUvrSJjl...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENk4AQzR2ukoCAUkLrHnhKs&google_cver=1&google_push=ATf1kGOgsbrNfsJu8kqXvkuvdSK3ju-S07fD3kakw_UF2J0SlCCkcUiFtinnGBJ8vfNDMtN0eYFZtCkCuvUvrSJjl...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOgsbrNfsJu8kqXvkuvdSK3ju-S07fD3kakw_UF2J0SlCCkcUiFtinnGBJ8vfNDMtN0eYFZtCkCuvUvrSJjl51l6ij5a_ZOYg&google_hm=Gng2qGZHDt5RukUpQcie...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOgsbrNfsJu8kqXvkuvdSK3ju-S07fD3kakw_UF2J0SlCCkcUiFtinnGBJ8vfNDMtN0eYFZtCkCuvUvrSJjl51l6ij5a_ZOYg&google_hm=Gng2qGZHDt5RukUpQcieoMPJ

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 May 2023 15:50:07 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOgsbrNfsJu8kqXvkuvdSK3ju-S07fD3kakw_UF2J0SlCCkcUiFtinnGBJ8vfNDMtN0eYFZtCkCuvUvrSJjl51l6ij5a_ZOYg&google_hm=Gng2qGZHDt5RukUpQcieoMPJ
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52A0
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGPi0cm3lppFGWwaRJ37aWLf_aEXV2qlgFlJ5GNaB95Za40kXpMibCQFmM5d_Y7tcWT4SSM7q2lN9otHi7axUVzg9VXyXKsQkQ&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-55a9daad-5186-40e4-b294-b122d47bf882-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPi0cm3lppFGWwaRJ37a...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPi0cm3lppFGWwaRJ37aWLf_aEXV2qlgFlJ5GNaB95Za40kXpMibCQFmM5d_Y7tcWT4SSM7q2lN9otHi7axUVzg9VXyXKsQkQ&google_hm=A1Wp2q1RhkDkspSxItR7-II

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPi0cm3lppFGWwaRJ37aWLf_aEXV2qlgFlJ5GNaB95Za40kXpMibCQFmM5d_Y7tcWT4SSM7q2lN9otHi7axUVzg9VXyXKsQkQ&google_hm=A1Wp2q1RhkDkspSxItR7-II

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPi0cm3lppFGWwaRJ37aWLf_aEXV2qlgFlJ5GNaB95Za40kXpMibCQFmM5d_Y7tcWT4SSM7q2lN9otHi7axUVzg9VXyXKsQkQ&google_hm=A1Wp2q1RhkDkspSxItR7-II
date: Tue, 09 May 2023 15:50:07 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX55a9daad518640e4b294b122d47bf882003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52A0
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEMWurYKb1vlUiGwY3MN-05Y&google_cver=1&google_push=ATf1kGPdx3spgDgnO3_M-uLy489xfVRmdblw8K8RDH0ISHaF-k_dhiVslXBuFcFf_9uQd--6TqvtS...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGPdx3spgDgnO3_M-uLy489xfVRmdblw8K8RDH0ISHaF-k_dhiVslXBuFcFf_9uQd--6TqvtSpW4BXaRQicSagY2ifF3YL7QNg&google_hm=WkZwcnI4Q...

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGPdx3spgDgnO3_M-uLy489xfVRmdblw8K8RDH0ISHaF-k_dhiVslXBuFcFf_9uQd--6TqvtSpW4BXaRQicSagY2ifF3YL7QNg&google_hm=WkZwcnI4Q281dWtBQUxIdUFTc0FBQUFB

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Tue, 09 May 2023 15:50:07 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEMWurYKb1vlUiGwY3MN-05Y&google_push=ATf1kGPdx3spgDgnO3_M-uLy489xfVRmdblw8K8RDH0ISHaF-k_dhiVslXBuFcFf_9uQd--6TqvtSpW4BXaRQicSagY2ifF3YL7QNg&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZFprr8Co5ukAALHuASsAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad146"}
X-SO-Key: ZFprr8Co5ukAALHuASsAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad146
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGPdx3spgDgnO3_M-uLy489xfVRmdblw8K8RDH0ISHaF-k_dhiVslXBuFcFf_9uQd--6TqvtSpW4BXaRQicSagY2ifF3YL7QNg&google_hm=WkZwcnI4Q281dWtBQUxIdUFTc0FBQUFB
Cache-Control: private
X-SO-HostName: m-ad146.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 0
X-SO-LB-Hostname: a-tgng40018.dc2p.scaleout.jp
X-SO-IP: 37.48.94.22

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 52A0 0
361 B 90ms
21ms Image
text/plain 3.74.91.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEBYEYTNizngE5-O9HiQ_moQ&google_cver=1&google_push=ATf1kGMkNEOmdmrYcsVa4XF6sgPBgPcx1n8kFWxQxU9ilsCAuZel_632Chku_xTDx6V09ktDe6OY6AqoRiIxZrryanxw7AMyYEjLxg
Requested by: Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.91.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-91-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:07 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 52A0 0
12 B 30ms
29ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRYZkFp7mr9nOCdZkqg46rjTfU8z_u0BV_R6Ok8_x79oP_Ye-csV45umBRB0vBMj9KqxHKRg

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C197 22 KB
8 KB 37ms
33ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 296952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 May 2023 05:20:55 GMT
expires: Sun, 05 May 2024 05:20:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 904C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEK4JqmvBCizN0wlljfN9bZ8&google_cver=1&google_push=ATf1kGNhY4MFsHPVaLvLvqlh46pRVDycfHDZAUZavZa425IHCA_FP0AylZCW5rVi_099UZ0PS5atoYz3vpsr2xMaFks9FTXssac&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK4JqmvBCizN0wlljfN9bZ8&google_cver=1&google_push=ATf1kGNhY4MFsHPVaLvLvqlh46pRVDycfHDZAUZavZa425IHCA_FP0AylZCW5rVi_099UZ0PS5atoYz3vpsr2xMaFks9FTXssac...

43 B
391 B

178ms
178ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK4JqmvBCizN0wlljfN9bZ8&google_cver=1&google_push=ATf1kGNhY4MFsHPVaLvLvqlh46pRVDycfHDZAUZavZa425IHCA_FP0AylZCW5rVi_099UZ0PS5atoYz3vpsr2xMaFks9FTXssac&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNhY4MFsHPVaLvLvqlh46pRVDycfHDZAUZavZa425IHCA_FP0AylZCW5rVi_099UZ0PS5atoYz3vpsr2xMaFks9FTXssac%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c4b18a76b342c1c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 718
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK4JqmvBCizN0wlljfN9bZ8&google_cver=1&google_push=ATf1kGNhY4MFsHPVaLvLvqlh46pRVDycfHDZAUZavZa425IHCA_FP0AylZCW5rVi_099UZ0PS5atoYz3vpsr2xMaFks9FTXssac&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNhY4MFsHPVaLvLvqlh46pRVDycfHDZAUZavZa425IHCA_FP0AylZCW5rVi_099UZ0PS5atoYz3vpsr2xMaFks9FTXssac%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c4b18a5d80f2c1c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 904C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEAh5spvkZj-W-uOA1pm36zo&google_cver=1&google_push=ATf1kGMXUjjXaz_ukEkpf386cAYR_1CZHUX_yfodtEpIV-FmonD-yB8araSRzKHFgbXifiyt0PPIqOh84J1wsHr2JvhsL4LRgkG3
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1DA4CFC031A45298F0B3F7769AADDBE&google_push=ATf1kGMXUjjXaz_ukEkpf386cAYR_1CZHUX_yfodtEpIV-FmonD-yB8araSRzKHFgbXifiyt0PPIqOh84J1wsHr...

170 B
188 B

37ms
36ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1DA4CFC031A45298F0B3F7769AADDBE&google_push=ATf1kGMXUjjXaz_ukEkpf386cAYR_1CZHUX_yfodtEpIV-FmonD-yB8araSRzKHFgbXifiyt0PPIqOh84J1wsHr2JvhsL4LRgkG3

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 May 2023 15:50:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1DA4CFC031A45298F0B3F7769AADDBE&google_push=ATf1kGMXUjjXaz_ukEkpf386cAYR_1CZHUX_yfodtEpIV-FmonD-yB8araSRzKHFgbXifiyt0PPIqOh84J1wsHr2JvhsL4LRgkG3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 May 2023 15:50:07 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 904C 0
500 B 428ms
101ms Image
text/plain 69.166.1.12
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGOqQX-kGJpLbUBuRUNKRSDZVzEpRDz3kO4wGsdvJF-wZsoYGyN-3e3ZE-Y7YhD1kihpgGzko48plI27C2NqqqMyh2ot3xlz%26google_hm%3D%5BUID%5D&google_gid=CAESEO9oNBU4ToahIpocZuGUiJI&google_cver=1

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:07 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-171
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 904C
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENk4AQzR2ukoCAUkLrHnhKs&google_cver=1&google_push=ATf1kGPB1SSc24uNb5HSeqeAKULC3JgYQg0jTrZOF0eqSN64gycTsD7HxWSBFFjillCde05wvOYT2KZRrNS0MA9EL...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENk4AQzR2ukoCAUkLrHnhKs&google_cver=1&google_push=ATf1kGPB1SSc24uNb5HSeqeAKULC3JgYQg0jTrZOF0eqSN64gycTsD7HxWSBFFjillCde05wvOYT2KZRrNS0MA9EL...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPB1SSc24uNb5HSeqeAKULC3JgYQg0jTrZOF0eqSN64gycTsD7HxWSBFFjillCde05wvOYT2KZRrNS0MA9ELr3XdGVrdxQ&google_hm=Gng2qGZHDt5RukUpQcieoMPJ

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPB1SSc24uNb5HSeqeAKULC3JgYQg0jTrZOF0eqSN64gycTsD7HxWSBFFjillCde05wvOYT2KZRrNS0MA9ELr3XdGVrdxQ&google_hm=Gng2qGZHDt5RukUpQcieoMPJ

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 May 2023 15:50:07 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPB1SSc24uNb5HSeqeAKULC3JgYQg0jTrZOF0eqSN64gycTsD7HxWSBFFjillCde05wvOYT2KZRrNS0MA9ELr3XdGVrdxQ&google_hm=Gng2qGZHDt5RukUpQcieoMPJ
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 904C
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOxCWuRYBdzFlAObLvqyrQ0&google_cver=1&google_push=ATf1kGM5vtYiNtICi5ILPxB8K7C3rcKpQ5bEb0H-jWI6syK_RHPn4IB9mVp3I5T8n9uxcSpetN__KY6_F0m3...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM5vtYiNtICi5ILPxB8K7C3rcKpQ5bEb0H-jWI6syK_RHPn4IB9mVp3I5T8n9uxcSpetN__KY6_F0m34Q2dg24-JEZcZWE1

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM5vtYiNtICi5ILPxB8K7C3rcKpQ5bEb0H-jWI6syK_RHPn4IB9mVp3I5T8n9uxcSpetN__KY6_F0m34Q2dg24-JEZcZWE1

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM5vtYiNtICi5ILPxB8K7C3rcKpQ5bEb0H-jWI6syK_RHPn4IB9mVp3I5T8n9uxcSpetN__KY6_F0m34Q2dg24-JEZcZWE1
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 904C
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEMWurYKb1vlUiGwY3MN-05Y&google_cver=1&google_push=ATf1kGP2pLg3vaPZYOGmf_Y3HwCIJfxSEG4qTK37QNJCiDsGW3emjb7cj8WDkQ1Lb0nyGBpMC4bVO...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGP2pLg3vaPZYOGmf_Y3HwCIJfxSEG4qTK37QNJCiDsGW3emjb7cj8WDkQ1Lb0nyGBpMC4bVOA-oK02YFEKzeNBZSXtzC_lL&google_hm=WkZwcnI4Q28...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGP2pLg3vaPZYOGmf_Y3HwCIJfxSEG4qTK37QNJCiDsGW3emjb7cj8WDkQ1Lb0nyGBpMC4bVOA-oK02YFEKzeNBZSXtzC_lL&google_hm=WkZwcnI4Q281dVlBQUFQN0JQZ0FBQUFB

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Tue, 09 May 2023 15:50:07 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEMWurYKb1vlUiGwY3MN-05Y&google_push=ATf1kGP2pLg3vaPZYOGmf_Y3HwCIJfxSEG4qTK37QNJCiDsGW3emjb7cj8WDkQ1Lb0nyGBpMC4bVOA-oK02YFEKzeNBZSXtzC_lL&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZFprr8Co5uYAAAP7BPgAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40164"}
X-SO-Key: ZFprr8Co5uYAAAP7BPgAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40164
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGP2pLg3vaPZYOGmf_Y3HwCIJfxSEG4qTK37QNJCiDsGW3emjb7cj8WDkQ1Lb0nyGBpMC4bVOA-oK02YFEKzeNBZSXtzC_lL&google_hm=WkZwcnI4Q281dVlBQUFQN0JQZ0FBQUFB
Cache-Control: private
X-SO-HostName: a-ad40164.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: a-tgng40015.dc2p.scaleout.jp
X-SO-IP: 37.48.94.22

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 904C
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEEd7DfXqimGZ2plDP4_wtA4?ext-param=ATf1kGOixq6I2blBvruWCwvZ0mJbtH45LpDRJ-1FOGVNm0yu5FARMceD_3f0_i8NVQN3VJ3GVcTV4wSmLKlu2WXx1ejUd7-FYDHorQ&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESEEd7DfXqimGZ2plDP4_wtA4?redir-setuniq=1&ext-param=ATf1kGOixq6I2blBvruWCwvZ0mJbtH45LpDRJ-1FOGVNm0yu5FARMceD_3f0_i8NVQN3VJ3GVcTV4wSmLKlu2WXx1ejUd7-FYDHorQ&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEd7DfXqimGZ2plDP4_wtA4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

64ms
64ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 23 Apr 2024 15:50:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 904C 0
12 B 30ms
28ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IAOq1L-QwUUsW8T85Ag5mkyBTSzxKCBo0-wJxGO4QPB0YJ1Qy99_k3ny3CmzKzsMKiPGU87A

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cafe_728x90.jpg
s0.2mdn.net/sadbundle/2380149043134789473/images/ Frame 6856 27 KB
27 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2380149043134789473/images/cafe_728x90.jpg

Requested by

Host: d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
URL: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f127c4ff7b0ef9bde4c4a6a918eff0d924ce021bdf2985d33c55669bca90847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 08:18:11 GMT
x-content-type-options: nosniff
age: 286316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27933
x-xss-protection: 0
last-modified: Mon, 16 May 2022 09:51:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 May 2024 08:18:11 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0335 0
0 59ms
59ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXYwZZdkE6kMSu4y83zXu-ldq8bTR3VfsKKTscxdF1lCO7uW0mCnSIgEFGirhuLUOzPkmw_51KCd2__dJaEEKAep1mCEuoiq87faj6gyg4ouxB5EfnMXVjTpOXqy-8c1IqG_QHtVrTw8admdvtr_n6ssgvO-rrP3gQXgqb7hSacKZuKjYnQKYNSRaqhf-HC-YUkki3WywNnKJCZbM4JOmeT1yZgp_MemnaVciYfD4E_M5GUA7mq16322SbPbXwEdUjD7qHHehG7O0dzNfgBZOujmgrt9UwE0VwaQs_eYn567PW7qX88-0ncKFT7FKbDEhVAZXIQv-xanCloHUYjNhJQL0FDMvAwmLo8Z35mKVOETXutEOSknk_CNvYD6vGugIsAI9de-3O-lkhb-4oyEHceAGrsbwn019u8N1QdAy_TsMKJa5uqtZ-wQ-rEeSHrku7DplPEaPXEhqTINUFCz12JM48r4l-L6-pBpkF7ptymhKzMMwg0UTQ8JxUXaWSf9_6EIj6hi0f6nfoAd706KCyGJYpeMZqTCx7HFUgDwYwN6N8kdOkG2UpN7HMLMwwxDSR76ZOMnwiivd-Qun04OV5KN8zj-2V-KBm9a4rwlaFi5CxBaFre7EjqOLSD25oeGnJaj0fznVS7WHeYgDwd5YIzVNVfAaNj4sdk6ANcp6H7pG0N13XsGBHapr80356rUqvYrAKZvA8f42KzFWhx_RmABZvDvFZFj94gxAUqObXborq4vHYSj6e8neN7aNiJGcaV3FuY9o2T-Aoktja1ofyEmFhNDsgWJvKdA-1x1S69BCci4y-_z8Mz7MgMBhIJStHXjTaxc0j3Ex3gHPX3pRXDGN3Qdil8ux8UWhmO-ZxpYmIFg7YiaM92xvT7ugBi3KjHlQrn1z39WWJyGk3myaC_ipN9vpf1__GkR0usA34qFVia8mYuR5BT-HlrHi2M_RfN5tMoR5xi4sBpgmyuxfy48HW7_w4d7IprrsXke4To30oe-lmoqmAaoFzxey0lukgzdQH6tZNgM6lODTuw4McupsJy2GozwfAAsWZmaNU1fJkjQ4WFBiMwVblqKrm_Y7XtowzKYUsLNv2kB1Mxh0kAbOVTY8QAw7ecTq-5F3sdyU09yMg9jliXJ_W-Rxi-_eV3hUhe9yLnzgey1dC5k13GoSQdPGcoRpTaAl2eWrXIX493BmmssjAdZZglmeMCcbuURbAr4cuhD2QqlQicgoBpdt-61iFXaWi9RwedcK461nITa0iCY8YSid2h6YIvBpB65wqxR1vSj5YMtmFDax1KpcWW2pU&sai=AMfl-YRnXr1lGqCNOuinWrd7qG9jq6L6TRYkGcWA7M6zRPSFHWKvI9SeqNSAhAerv-lhVgzT6yTz0u968bWv5U6y93mzHlBkvXXMiw7jmII8AW5M_2iBRyv-y3pt0B5R4aZck_hsybaBMMH8i2NGCePtoivLwk36fyAbXjnXLGvepWAnDO9g5XWeniD7P2QNQWbUqEW1k-fEazcOimyeRwFIZ76JJJFqercZBLEd4wE5NGcWumF6m2XonSVPIAjIweorWKf3iC5XhAuxwujB1Yc66b2CZzZwOQ4&sig=Cg0ArKJSzKXAuRBjBrwsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=894&vt=11&dtpt=405&dett=3&cstd=485&cisv=r20230504.22902&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 09 May 2023 15:50:07 GMT

GET
H3 200 cafe_728x90.jpg
s0.2mdn.net/sadbundle/2380149043134789473/images/ Frame DB88 27 KB
27 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2380149043134789473/images/cafe_728x90.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f127c4ff7b0ef9bde4c4a6a918eff0d924ce021bdf2985d33c55669bca90847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 08:18:11 GMT
x-content-type-options: nosniff
age: 286316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27933
x-xss-protection: 0
last-modified: Mon, 16 May 2022 09:51:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 May 2024 08:18:11 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7F2E 0
0 59ms
59ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlVbEZOldKTq0itiWUgF5G61vFGHihdT2UBZQk1qQLXH3cqZ86Ry_i7FQ50-SLyPeouAn7RGRtwtglDV-g48VQQOCkUbbt9WToy_6TfMJO5k_6VQzPaFlC5XLBRFsXY2eUj9Qzb0saQkn9c5wBRjemqg0Q9wlUzEvkVOUog2D8WW7Zzx0Wl47EAARhILeYyz4WKNWTUxsobysGPiYwUudOStCpw-7I7gUcV34A05JgBKlO7LzqBnKkn0CiUYLWwx1d8oWgLPDc-_oZekyZsSfXbdUQSfIge50Ckp4hJqgRj8fDA0LxlFaQ4C1ugg6QnltOVbE1nwZNnP5tDFM1w7ZFHtWlsH-S9-h4xrOL773bzwl3F_0_zKOdK-PNwSoPKSSiE4UNStiR2DX1XQaofzJLXyrDXSFTpsJUlTRN0PUCZhqOf8NTU9cSgr5UHonEuv532jsbNY7tFqdwVWJbCPJM-EmcckoheJ3GKegG7P2AkdhkO4AoO_4bNvI68_Du74aEtXYcEi_z3L6vdvxDoQ4eskYbkXVEREHczugPSCmQMECQyAVgbccxCvltQBFQXgb89ljRLhatmoFR1VWJtwmQJ8R47rsQFupstV7Xw2bBslzDYuqAle5q_tJn7piLOpLhoNReXmP6hFENhZ90cUBzCat8b-m1OXpVQjOW05TDfkH4TV_Ew4eQvrNUbukleRD1eVgvJ0XFVim585Vhn7zEkL6mdo7oIQ_u5moRv_gks8g37NNNMjlHfjXU_r7KLzP6ghB0lPiD6RcGua-DOh_55whZFVby_FJ1OZTbtM_DNk-5trBgyl5B6dU5rAiHdMv90t-tVqMYHzh8_JXbS4dNax46cFNTj203G6UDQL9-24B1ZG8L0tL0ls254X1TPwE5Kf9W2yVLTt5QoCALJ3-euizWwNt3Ftbb68glEh0Ps50N9oqDKKG5fv4V-DN73aM18dDm8cxvKOgSuGvdyigjpWVMoXVMeC0cWDxFJ3C0sNZWCWQOmv0RB49PsmD4mA4hOJx9ywLObHrvsLiwmLNyFN6Ys4qv6DI6Agf172e18wFOBGrY-oIPPNDX6usv643IVpM7xWlzAVkTjJIbqQRjcdtzR46rF4rNstgzts9NNIr2ejU7p0zp3L6h3RTxTvh8SgFoc00cHxRa72nkfhcm3Jn5dW1mGBvof5Pol4S877ZM1UuyKcI7WGon_tHnWzGXUmQ3Bh8C7JnHdeacaFbX2icm4RlAofNyKW-PanPsW9bJV7nsFAl3pH3KWs03-hu8p-OROeTKZGnr6H7oYWckxgK3q1vc&sai=AMfl-YSTsBor4Rvox8XL7SIW1a5bZJICzaWWkNW7Yvj3fuMySl3zEmQugmBhwguqtiAzig6kjWKYiBoqoAtZiKvutp8Po2C_NnQ-OM6TZpZtiT49-5FvcQMh343hc7ei7By47MOVEvm5nKOFoPDYnmU1G5kMZHwPa-vI5cHKenYqp1N9MFdVxwU8NCKb8VvxVRNaBACZCFaV_frYq4QxBIQ736ncAI1oo7HbJga0U9NP_GldFTHRm4FHmXbgobiyUrilIBc7OItYjYMqFWDhJrwG1bc3bbXWD2w&sig=Cg0ArKJSzIlTXZtIOeELEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=839&vt=11&dtpt=386&dett=3&cstd=451&cisv=r20230504.60565&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 09 May 2023 15:50:07 GMT

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame 997B 38 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 15:13:08 GMT

GET
H3 200 PPWC_Logos07.png
s0.2mdn.net/sadbundle/2380149043134789473/images/ Frame 6856 138 KB
138 KB 20ms
19ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2380149043134789473/images/PPWC_Logos07.png

Requested by

Host: g37.com.br
URL: https://g37.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

631218bf66018397cd19c21c6987fee15bccc7c49cfa503f0f98243d09b84648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 21:17:38 GMT
x-content-type-options: nosniff
age: 239549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141618
x-xss-protection: 0
last-modified: Mon, 16 May 2022 09:51:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 May 2024 21:17:38 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 70ms
69ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230504&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ef3d4f28e14fd207014c12836516ec34c931a471d9f6f59641f84ddfc88d4d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11285
x-xss-protection: 0

GET
H3 200 PPWC_Logos07.png
s0.2mdn.net/sadbundle/2380149043134789473/images/ Frame DB88 138 KB
138 KB 19ms
19ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2380149043134789473/images/PPWC_Logos07.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

631218bf66018397cd19c21c6987fee15bccc7c49cfa503f0f98243d09b84648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2380149043134789473/PP_STBAN_PPWC_PAIDDISPLAY_728x90_4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 21:17:38 GMT
x-content-type-options: nosniff
age: 239549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141618
x-xss-protection: 0
last-modified: Mon, 16 May 2022 09:51:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 May 2024 21:17:38 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4BBE 0
225 B 82ms
24ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhgg710e&c=5511825866770&slotId=2755912933385&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=Cb0R1_ACsKY&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame AAB0 38 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 15:13:08 GMT

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame C197 38 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 15:13:08 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9C92 43 B
215 B 102ms
101ms Image
image/gif 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1128384&asId=46ebc884-7e3f-d1c9-26f6-4233fad8f535&tv=%7Bc:c8itjP,pingTime:-10,time:936,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi45MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1683647407280%7C%7C472290b422d96fa43af4faac9f672aab%7C%7Cab86779afaa51e47dadd00830d4bacef%7C%7C09dc2ffebbe4c245f72c233104c43369%7C%7Ca8f1e10e62a5b64086a3f93335d4a4a8%7C%7Cb5d78b44cb9952795818a0ca2634aa0e%7C%7C539ef6b0b734ba10f4829139d3083bc8%7C%7C881af08d7ad5368e18f393c534f512c2%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 May 2023 15:50:07 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 134ms
134ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10298&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fg37.com.br%2F&t=1683647407388&cb=0.6357630619742369&aa=side

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7c4b18a839123804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 171ms
171ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10298&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fg37.com.br%2F&t=1683647407389&cb=0.7939521158007623&aa=under

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7c4b18a839143804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 122ms
121ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10298&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fg37.com.br%2F&t=1683647407390&cb=0.4237570790469427&aa=top

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7c4b18a8491b3804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4BBE 0
54 B 17ms
16ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhgg71pi&c=5511825866770&slotId=2755912933385&ghmsh_eids=44740339%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&met.4=ghmsh_s.lhgg71pm~ghmsh_s.lhgg71pn&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=720x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=9tBIZ2gdqd5erES0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9C92 42 B
64 B 131ms
130ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSJWyszRBPwxUSSX5xQO1c_EkBxu6k0lU6cBxxkeQdR5RBfDcIJY0yFEU320nbfSdERwEX9PhMKSnrxh0kIaXz3SknfdtOHNI5IJrJzLxbJNSU_vDajdAKUh6d23RMaPEHxOCHjQ&sai=AMfl-YTToG1zSERTJIhN1Goo62lAuR0b-jfpNF8ReIqAZhOh4nqnECAk1pHeJsZFAonc8qsgwP7qMV357kWYbbbuh2bzDCYPwxn3gGhSvOCucioybj9-QwbN3YubWys&sig=Cg0ArKJSzKYyNMIshqtnEAE&cid=CAQSOwBygQiDDri9Ow9-GgbyWCWCC9DflCv0Z03eh4iNwCQlPnngndfOmU_XTBe2UCVtso7VQlGVG0jepDkBGAE&id=lidar2&mcvt=1236&p=300,0,900,160&mtos=1236,1236,1236,1236,1236&tos=1236,0,0,0,0&v=20230508&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1346253794&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683647405311&rpt=1222&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9C92 43 B
215 B 102ms
102ms Image
image/gif 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1128384&asId=46ebc884-7e3f-d1c9-26f6-4233fad8f535&tv=%7Bc:c8its4,pingTime:1,time:1447,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:38%7D,%7Bpiv:0,vs:o,r:l,t:220%7D,%7Bpiv:100,vs:i,r:,t:338%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1109,o:338,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B212~1%5D,as:%5B212~160.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B118~0%5D,as:%5B118~160.600%5D%7D%7D,%7Bsl:i,t:338,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1109~100%5D,as:%5B1109~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:504,fm:tDM8W49+11%7C121%7C13%7C14%7C15%7C161%7C17%7C18%7C191%7C192%7C1a%7C1b*.1128384-68656984%7C1b1%7C1c1%7C1d1%7C1e1%7C1f1%7C1g%7C1h,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:40,sis:520%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9C92 43 B
215 B 103ms
102ms Image
image/gif 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1128384&asId=46ebc884-7e3f-d1c9-26f6-4233fad8f535&tv=%7Bc:c8its4,pingTime:1,time:1447,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:38%7D,%7Bpiv:0,vs:o,r:l,t:220%7D,%7Bpiv:100,vs:i,r:,t:338%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1109,o:338,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B212~1%5D,as:%5B212~160.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B118~0%5D,as:%5B118~160.600%5D%7D%7D,%7Bsl:i,t:338,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1109~100%5D,as:%5B1109~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:504,fm:tDM8W49+11%7C121%7C13%7C14%7C15%7C161%7C17%7C18%7C191%7C192%7C1a%7C1b*.1128384-68656984%7C1b1%7C1c1%7C1d1%7C1e1%7C1f1%7C1g%7C1h,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:40,sis:520%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
server: nginx
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fg37.com.br%2F&domain=g37.com.br&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=vKOwDnxiRTJSek9jT0Zjekh6ekg5Q05lY3FTekszQVJSSC95cHNsN3NXT3R1dkowcDZVMGZzRFlaSWhVOW42NHM1K1F6d3YrT29Qb0luUEx2cXNXWFN3TFk2N0NwNTlodHIyNHcrbm5oTE95T2VQbWUvZUV6T2pCNWoyRD...

354 B
646 B

69ms
23ms

XHR
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=vKOwDnxiRTJSek9jT0Zjekh6ekg5Q05lY3FTekszQVJSSC95cHNsN3NXT3R1dkowcDZVMGZzRFlaSWhVOW42NHM1K1F6d3YrT29Qb0luUEx2cXNXWFN3TFk2N0NwNTlodHIyNHcrbm5oTE95T2VQbWUvZUV6T2pCNWoyRDZUUW0zTWhlcFN2VDlVU0FRcWl4Nll1MmhYQngzSVBNOW14NVowTFRQT0NITm5FTUV2aGFwM2R6RWs3dGJPaFlLTTkwSDZ0RW9zYXJHNEpGWE9JS0dRSHJlZHdSeE1rVmFzaW1oUDVhODlHL0IwQjZJVldzPXw&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a1454244fbbaf1c788ad4b76655a909fd08af8960f1b33ea2681dc3fcf6ff479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 812217
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=vKOwDnxiRTJSek9jT0Zjekh6ekg5Q05lY3FTekszQVJSSC95cHNsN3NXT3R1dkowcDZVMGZzRFlaSWhVOW42NHM1K1F6d3YrT29Qb0luUEx2cXNXWFN3TFk2N0NwNTlodHIyNHcrbm5oTE95T2VQbWUvZUV6T2pCNWoyRDZUUW0zTWhlcFN2VDlVU0FRcWl4Nll1MmhYQngzSVBNOW14NVowTFRQT0NITm5FTUV2aGFwM2R6RWs3dGJPaFlLTTkwSDZ0RW9zYXJHNEpGWE9JS0dRSHJlZHdSeE1rVmFzaW1oUDVhODlHL0IwQjZJVldzPXw&cppv=2
access-control-allow-origin: https://g37.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 342473
content-length: 0
expires: 0

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 6B7B 6 KB
2 KB 53ms
39ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95ee88d5d258b6185f89470528994c314ab818dbe02aefe6075d5ec33f1a9501

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7c4b18aafa9a366d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 09 May 2023 15:50:07 GMT
server: cloudflare
vary: Accept-Encoding

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 277ms
92ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fg37.com.br%2F&domain=g37.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://g37.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://g37.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 09 May 2023 15:50:07 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 243095
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5FE1 52 KB
17 KB 61ms
14ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34081
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 09 May 2023 15:50:07 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 May 2023 06:21:12 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1044, 253412
X-Served-By: cache-lga13626-LGA, cache-ams21075-AMS
X-Timer: S1683647408.864885,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ Frame 552A 0
0 21ms
21ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1683647404548

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 372A 281 B
554 B 73ms
19ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 May 2023 15:50:07 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6ED3 52 KB
17 KB 56ms
13ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34081
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 09 May 2023 15:50:07 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 May 2023 06:21:12 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1044, 254960
X-Served-By: cache-lga13626-LGA, cache-ams21076-AMS
X-Timer: S1683647408.865201,VS0,VE0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0335 42 B
64 B 129ms
129ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsto3iyl7pVjrJXiJSuQC_QILLTrLTTbUbpbWeyhlLl1cNXS7G9BDKG9jKkS9qXfHDf9pc8lQvZy5BG1iN-3xMt7cGXIVf14-Tth-wbFowzCDV7Ksi-hzy1FWCmclWGKPLIjWRTBhg&sai=AMfl-YRq38vts3ZbmAzuPDOygW8FR00LNtz8BZht5aVkUBux4h90UrWHqiA6mLkMEVXxCXlJhmXOwRj8l12RuaH1iuEdnsrfH-4gGiIbF-T5CNCR2vZ08DG8qhGWHAQ&sig=Cg0ArKJSzFuapAYRE-1vEAE&cid=CAQSOwBygQiDDri9Ow9-GgbyWCWCC9DflCv0Z03eh4iNwCQlPnngndfOmU_XTBe2UCVtso7VQlGVG0jepDkBGAE&id=lidar2&mcvt=1064&p=1110,436,1200,1164&mtos=1064,1064,1064,1064,1064&tos=1064,0,0,0,0&v=20230508&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=170934107&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683647405319&rpt=1420&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 129ms
127ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10298&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fg37.com.br%2F&t=1683647407869&cb=0.5970896625902284&aa=slider

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7c4b18ab4d643804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3EEE 13 KB
5 KB 35ms
31ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:37:00 GMT
expires: Wed, 08 May 2024 15:37:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3870 783 B
535 B 43ms
29ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da5b4c588ea97f33e0a50b63b9842c2cffab18fbe50769d3ed752267734665c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--1cgkbRBh-QyWRq5ZWrlEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g37.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce--1cgkbRBh-QyWRq5ZWrlEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 15:50:07 GMT
expires: Tue, 09 May 2023 15:50:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7F2E 42 B
64 B 132ms
131ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsts9AHwrS9d09a8osNIj7FqcqbZSldHFRJWyO8kfKgEYTd8DP4158-yGDpzkiBkl8yGZ7qJZwyhKDlNKdzlTBSb4WUamVX02ip6-CVTlgYPV7aZEBaZVMtjWFe3usu41KklNfjyBQ&sai=AMfl-YT9-px89XPKscCEOtsrYGRYiS3G3Y2QZHiNqRZ0Kjhghtd0CmdgEZMuoBzN1VGtxp3q1MoA6UedasjzWGyrOQWzqyDarDpvECldrTLd5m3s-osZ1JxOFGHCuPI&sig=Cg0ArKJSzMN7dAavTPJqEAE&cid=CAQSOwBygQiDDri9Ow9-GgbyWCWCC9DflCv0Z03eh4iNwCQlPnngndfOmU_XTBe2UCVtso7VQlGVG0jepDkBGAE&id=lidar2&mcvt=1060&p=0,436,90,1164&mtos=1060,1060,1060,1060,1060&tos=1060,0,0,0,0&v=20230508&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3857769147&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683647405326&rpt=1533&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 372A 34 KB
10 KB 21ms
21ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 94ccb3c1f2314f1efca85d5ac9f0a0f434275e4c03295a1a6c79c1734699cd38

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 15:50:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 May 2023 09:31:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63661
Connection: keep-alive
Content-Length: 10021
Expires: Wed, 10 May 2023 09:31:08 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6ED3 0
856 B 36ms
35ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:08 GMT
AN-X-Request-Uuid: 58fc8f3a-9651-4afe-a5bb-9d6563d33b07
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5FE1 0
856 B 19ms
19ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:08 GMT
AN-X-Request-Uuid: d096e7b2-351d-4f0d-8e46-06dbb111887e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 6B7B 48 KB
12 KB 64ms
32ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 351665
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7c4b18ac7ca7366d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B87 0
20 B 119ms
119ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1649905864245&version=m202301230201&ct=76&x=1&cor=17737131163380316000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C92 0
20 B 120ms
119ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=879079930726&version=m202301230201&ct=76&x=1&cor=4181980834106756600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0335 0
20 B 120ms
119ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8268915935900&version=m202301230201&ct=76&x=1&cor=2352389826938446300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3870 0
0 121ms
121ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230504&jk=3673824616139106&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F2E 0
20 B 120ms
119ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9230631093014&version=m202301230201&ct=76&x=1&cor=12552198611907960000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4178 0
20 B 126ms
125ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJiO1rWtaZICMKdW8x_AP6M-X8AcAAAAAOAHgBAI&bg=!4eKl4rbNAAYV_mUANf47ADkAdvg8WpwdoQo0BobEGYBdxjLb6ZIsdZ6DRWVTFUZOP-HYnpw6ete8Mzd9r3CLVs8fb_gOQ6IX38UCAAAEWFIAAAADaAEHmQLz_CkEDRtPZZ8Rl5E_pFBpMbRotoEmsXNTTyQwT2V-_dWAmBhp0dFIo6yDQtUjLGQE_Bv0g9J3kMZycHMVmFBr_8H-xPxhNkf8IUFbtfHOH8DwPnCsxCpRg2OTUbvSJWci7HFzArc9g4BUH2NjwE7LZbqJDWc0esax5K2inJdDhwT22HuE7hkgSCnjDt45FRWS1RSj2Ds34wHPhvYlvDLxCCAESMdomIUasZCo1zdsJQf-dj6AKZjgI9Uai7SvkSC84EUksml8SlBJOA6PSAtUC7UoE7D9xWbTYcrs4JU3kddDGgyewybZbAzX7_x7DycbUShvOWcIT3IAc8Dhz1QJ4gHpoSM738tzx7MJ8xPc__a1_rz8ORYCi3c3GnZiajh70DEZ6IP8cL3Uz_zCbaYs3cGm-LOfEpSeXKC-PSK6CFDW0IHfJ2Sm5C7uhByzylkf1kSIWLihrcHE1qWJMCgKVd4PE81jkkPzdkyZ5F0ZfcBy1pykVwyIbBlW-j4dFQl6hfTlOU5PEI1IVWs9X3Ul9wpZcACGBcXAz_rhCE3di9muKrA7mPpQbVRraE6ankh8k1XVMHYz1kK14aIhj_yuzPIm19wqUGdF552NyB6fY6yYo8z7ZqrU21zyfjdr23OYGyqXY49i3v_u0Q7tk_-CYMVqcGdRB0ao5wdZ216iOnT4PwR0zoBDUh8oGYbxFv5iqaaKi6W51MyZQneFYxt7IvOoBCr9GrqczoDIqGRXKvIFwAZ-phzvK07Sw3c6yWwo4eUZRPxYxX2OhXfq1BONE4DQ3AxSbRAw89FQK_tmj0HXm8SKpjphgCx0kEx3ta70BOSUIhfJ6IZxpuUIDyw1kzwbiafpbXgxouRcUI5LVAiMWxKIE6PeTeEXj2EXSol8Be3JhEJ0h7jHEgUqNEmR1y2fSBKzAM4gfao_qWx7ZLqN20-PRwVZ_DtbMuSheK4suDU-3U0t_AFOpd9x5TmGIuI8tCvP9s1bObf0OEdmL96-dUg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 372A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ28pzPzv_93T2lUdHlxc8Y&google_cver=1

0
239 B

81ms
20ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ28pzPzv_93T2lUdHlxc8Y&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ28pzPzv_93T2lUdHlxc8Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 372A 70 B
265 B 100ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 372A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3pQfim43SoGSy6u7_bqQyA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3pQfim43SoGSy6u7_bqQyA

43 B
720 B

184ms
184ms

Image
image/gif

67.220.226.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3pQfim43SoGSy6u7_bqQyA

Protocol

HTTP/1.1

Server

67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 22YY1G7PJZMSV3X7ZVJC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3pQfim43SoGSy6u7_bqQyA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 372A
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGE1NmI3NGM1NDk1M2YzNDIzNzM2ZmFlNzg5NTQzOWJjMjllYTZhZA

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGE1NmI3NGM1NDk1M2YzNDIzNzM2ZmFlNzg5NTQzOWJjMjllYTZhZA

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGE1NmI3NGM1NDk1M2YzNDIzNzM2ZmFlNzg5NTQzOWJjMjllYTZhZA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 372A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OihmxHIZT6mIaLTy9qEQBA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OihmxHIZT6mIaLTy9qEQBA

43 B
479 B

105ms
104ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OihmxHIZT6mIaLTy9qEQBA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FMF2VXE5VSR2NTV7T4SP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OihmxHIZT6mIaLTy9qEQBA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 372A
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHGG6ZNS-B-BANW

0
651 B

213ms
180ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHGG6ZNS-B-BANW
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:08 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6A3C01D7C4164F948CFE916C80A22576 Ref B: AMS04EDGE2020 Ref C: 2023-05-09T15:50:08Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7RLW2yC0OxhA9c3lR0Q==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHGG6ZNS-B-BANW
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 372A
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/yvBTZ55P661wA0n5wobcNg?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pWdgbpZE2oJzx2QKF5gCwW9ghchRqK9Op5grZw--~A

0
239 B

55ms
20ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pWdgbpZE2oJzx2QKF5gCwW9ghchRqK9Op5grZw--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 09 May 2023 15:50:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pWdgbpZE2oJzx2QKF5gCwW9ghchRqK9Op5grZw--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 372A
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhHRzZaTlMtQi1CQU5X
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECsnatpoPtYedEU7DgW_C8I&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhHRzZaTlMtQi1CQU5X&google_push=

170 B
188 B

34ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhHRzZaTlMtQi1CQU5X&google_push=

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhHRzZaTlMtQi1CQU5X&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H3 200 auto.svg
tags.denakop.com/assets/ 685 B
646 B 36ms
35ms Image
image/svg+xml 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.denakop.com/assets/auto.svg
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/assets/css/videojs.ima.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5349880f99b0b3e5c8fab8cd374aeac5bca01a96b1e515c82924eec601c79d30

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tags.denakop.com/assets/css/videojs.ima.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Jun 2022 14:12:40 GMT
server: cloudflare
age: 938
etag: W/"62a1ffd8-2ad"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7c4b18adf9593804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://g37.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame BE2A 0
328 B 40ms
40ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7c4b18adfe92366d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 09 May 2023 15:50:08 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame 3EEE 38 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 15:13:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BBE 0
0 120ms
120ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.572.0&e=44740339%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=2351361737889302&domain=g37.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 4BBE 453 B
478 B 29ms
28ms Image
image/png 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-8170966538152543

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 16:40:08 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4BBE 42 B
64 B 58ms
58ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CWI5irmtaZPScMtuMgAer36ywDayd8c5v-7yd5rcR9OCp-u8CEAEgxfaGaGCRBKABza6R4APIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgT_AU_Q1piGOEP9_jbezkxqBQKbgXV7JkoGGb6qwjF-Exdl3LB3VnBOJd8eZQdQD6XKDqb0DtMVwX9DJXmDkNIACe9Y3IDuC4RJPYs83U1kz-BHWsmVkMf_liTdycfC9K91zzMkz5r5BvUrNzVI8aw6mvdoMJPrWPMHpCmge34U0bJxy4JEj8_QRmjqC80kpWTpupRgvcvs0hUmSnviik-fzMrhLAhFIdnDPPFxzhCGyHZ9GAc6aZiWzum79tkbTyiS5_NqeX50Q7jPmFS_ZFLBiGV6cgg-YRo17QPBTjQVlwCKLkj_PUK4DfdpL_4l3yA67DgN3fxi1jrHg0ezqGxUssAEzOnB7KoE4AQBoAZUgAeAgoh0qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYyMTU0NjMyOTI1MzMwMTWaCS9odHRwczovL3d3dy5tYXhpbGlhLm5sL3RoZXJtb3NiZWtlcnMtYmVkcnVra2VuL7EJTLOt-q3FPA2ACgPICwHQCw7gCwG4DAGaDQEO2BMM0BUB4hYCCAH4FgGAFwE&sigh=7V_QTetUO9k&label=show_ad&sdkv=h.3.572.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU5OTA5Mzg5NDc3OTIMNjU3NzYzMzAwOTQ1QLEDUiMQDyUAAHBBKAE6C0NiMFIxX0FDc0tZQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4BBE 0
0 57ms
57ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSYeArmtaZPScMtuMgAer36ywDayd8c5v-7yd5rcR9OCp-u8CEAEgxfaGaGCRBKABza6R4APIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgT8AU_Q1piGOEP9_jbezkxqBQKbgXV7JkoGGb6qwjF-Exdl3LB3VnBOJd8eZQdQD6XKDqb0DtMVwX9DJXmDkNIACe9Y3IDuC4RJPYs83U1kz-BHWsmVkMf_liTdycfC9K91zzMkz5r5BvUrNzVI8aw6mvdoMJPrWPMHpCmge34U0bJxy4JEj8_QRmjqC80kpWTpupRgvcvs0hUmSnviik-fzMrhLAhFIdnDPPFxzhCGyHZ9GAc6aZiWzum79tkbTyiS5_NqIX_utitd3sZC6s-8J_hkn7gVvKpHG-jeuPdntwoiJGbn-JJLEgGg9dQJx9-BaUWiYn549SJbde-YdcAEzOnB7KoE4AQBoAZUgAeAgoh0qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQpPQ1qAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNjIxNTQ2MzI5MjUzMzAxNYAKA8gLAcITBhjNrpHgA9gTDNAVAeIWAggBgBcBshceChwIABIUcHViLTYyMDE4MzY5Njk0MjQ5ODYYkfNs&sigh=IWgGqPbdF0M&cmd=Ch1jYS12aWRlby1wdWItODE3MDk2NjUzODE1MjU0MxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSOwBygQiD4XF-8yCg9WxBkJEJiSpEVNm7ZmNyKymaujFfK0Mp_YG6BXibrHlZPzACz62Fl4jkr0Cph4DgGAE&vt=10&sdkv=h.3.572.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU5OTA5Mzg5NDc3OTIMNjU3NzYzMzAwOTQ1QLEDUiMQDyUAAHBBKAE6C0NiMFIxX0FDc0tZQglnb29nbGVhZHNQABgB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 997B 0
20 B 125ms
125ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVyKIrWtaZOr-Nui3x_APtc-jyAEAAAAAOAHgBAI&bg=!ISKlInbNAAYV_mUANf47ADkAdvg8WmzuAnxCtJnTk0oinCmK5sYCSlrN9JPFJSBMsnfFAchRpfYlAsynjZO7S8b805bmqOKl4oMCAAADulIAAAADaAEHCgCaKr2_kDjaptuX8KZghPO4JqjY8nPQ7lCWy0_vb5ryEu7IK_zxr7n0JhxkUjPk11PIFgQHDlm9oDNsieJsp3bV_FL2qnjb0yFZQm2i-vWfng-v7euRc-T5l8-J2avMotobBy_bnNCFFh6kWH7cZ7trmPOimljOW0JibClF0t1m4sApObQ9aqHrFzzbHv4JmoORPBvuScAgxTXHnZkCykFH455gRyz3tgSdWdSQ8KchYo8ir91xGjGJHFhEmOD_fTfUeHashm5NUSGEtZPUitT02YPCMF1Qz8JJI0tIfOEd7Zhcg879E0FvfehS8WiuX2srT9jZ4mJ240djIwjb1-EN5p0TWHcElNDoC1ZCOCPp6tAx_JWcUI8ta5Sxa_DW_eWpUytAz9fm4riaDLiAw4Du4h6yW94TFTg8nmTzW-cKlCe8dW90cIaH7riQF_qnQRO7_3nhdUh5r4hcqGHwMuicDYhmHld95cihBRsrleaVPIb7ULFUKZMWFjdrUyyydr9FNgZ2raNx_6U0GsDyj5eHVL9Jpxu8CQcj6Q7dZgJVNs8Oe9f4T4ruHcA394SfC1X8Mf9k9we8_TfSVg_ARl_sS-yFuZ1FhnHo0SQlMd3Zqv6U9ljJ2Xp-MtCxw1jkBQS1A05zWh0XCkJqCf2HTXnd_TbzqS4KqF7aehdeI8FjbPINiyQ6SssaHBhOsjYHR5adDdqHTfLfD0jocFS_MHjPVWttm-FQ7ovv3-mT8Ud9xA_0oTIQEVEZYeH5qqP9V-nDRNvekoah6Sbznc8XXOGjnnXkWo3NDtpobkRiw15VsGRZSU0X-fEAxtg9SyQQJH5R0dmAqgp21qGUdKbvKRvh4siMYWt0Q7Ws85TGnj1MXKaAtdNbnjCGik1OjcjIhDhtV9zAkZVE3vPIAhAtD3VEeFSrD6G3NaF9onkI3IeG41z__1ETjTiOGBcYLvKf3IZd1Xg7WVwuYECmZMVR3bWEySKNPG9QNlqNSDJqoyGx0fh16BnOXq3Oxo0_s1B2RBBzP_Dqg4B8mM5ZZDEB0f5oNArRPkQrpadu_EbWJSFACTHTq5TcfOsHWI8rnUBccwQlrsiRFPlzJR-zLiFCYUTywlP6ZENdWEqzG-IJ7zh-efpNSQhmuJc8p6-3QI6WMcYBO8TcYA7WIA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame F2D6 0
0 16ms
16ms Document
text/plain 216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Tue, 09 May 2023 15:50:08 GMT
X-Sovrn-Pod: ad_ap2ams1

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 23ms
22ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lhgg6zn6&c=5511825866770&slotId=2755912933385&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 79ms
22ms Preflight
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 09 May 2023 15:50:08 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 245086
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET /
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame F6F2 0
0

GET
H2

200

RX-55a9daad-5186-40e4-b294-b122d47bf882-003 Show response
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 2FFD
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://ad.turn.com/r/cs?pid=45&rndcb=1318193980
https://sync.1rx.io/usersync/turn/3388446176344796216?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-55a9daad-5186-40e4-b294-b122d47bf882-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-55a9daad-5186-40e4-b294-b12...
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-55a9daad-5186-40e4-b294-b122d47bf882-003

0
399 B

35ms
35ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-55a9daad-5186-40e4-b294-b122d47bf882-003
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7c4b18af989f366d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 09 May 2023 15:50:08 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-type: text/html
date: Tue, 09 May 2023 15:50:08 GMT
etag: RX55a9daad518640e4b294b122d47bf882003
location: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-55a9daad-5186-40e4-b294-b122d47bf882-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H/1.1 206
Partial Content videoplayback
rr4---sn-5hnekn7k.googlevideo.com/ 2 MB
2 MB 110ms
17ms Media
video/mp4 2a00:1450:400e:2::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1683676207&ei=r2taZLf2BbCrx_AP_8mp2A8&ip=2001:1af8:4700:a069:35::9&id=09bd11d7f002b0a6&itag=22&source=youtube&requiressl=yes&mh=Ha&mm=31&mn=sn-5hnekn7k&ms=au&mv=m&mvi=4&pl=38&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.046&lmt=1683550478028340&mt=1683647115&txp=6318224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgDps71X2ZUQCaONyPxMM7ziqWjX8W0OFLavHKf2ay2aECIQDa4WWswwodwAKhIqeoEEN5M_yk64VRgFNtGbEypPXzWg==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALc7Ib3a7ErHuwSN-pxIAmsUVM0dtkHbMGR9lrXzgcoSAiAr7lMdRh3BACs1qtLXNHGH2Na-ztxA22kfyiuC--kvgQ==&cpn=9tBIZ2gdqd5erES0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:2::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d8099b62c1c02acf6a3a22da9f7cb95cc1e42e195c6ce7f8c9a32bf7270d2344

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://g37.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 09 May 2023 15:50:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 May 2023 12:54:38 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2405390/2405391
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2405391
Expires: Tue, 09 May 2023 15:50:08 GMT

GET
H2

200

40047c75-b388-5281-acaf-ee4dc8f585fd Show response
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 9288
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1
https://csync.smilewanted.com/set_partner_userid_get/betweenx/40047c75-b388-5281-acaf-ee4dc8f585fd

0
450 B

42ms
42ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/betweenx/40047c75-b388-5281-acaf-ee4dc8f585fd
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7c4b18aff90b366d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 09 May 2023 15:50:08 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://csync.smilewanted.com/set_partner_userid_get/betweenx/40047c75-b388-5281-acaf-ee4dc8f585fd

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C197 0
20 B 128ms
127ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQJKhrWtaZKbgNuWD4gHwsaOYBwAAAAA4AeAEAg&bg=!ZmWlZTHNAAYV_mUANf47ADkAdvg8WoOH49Gxvpg19rk83OuWHPT5H8ky8lkP36X0Ws1UjLh7ag_x6Zxw7nuSPFxU-pVijy5e_2YCAAACiFIAAAADaAEHCgCSOo6CqWak8tYAVLtNiHJZeiWrpyRj9dKW1W8VtoXNTkCONYYEXv4RrkoW4HxpoLy8QbDPZTs_GJ5IR3ikQG-evLImTefaLfrIGK6xX_s1BJNn6_woXRhcNueYob_yLcfkNgZQbH4zFop_F-3n59OTL4-9COb7j6JcDxISVDZINt85oHqHxVErtBNJzXdvju9dzZqZAt0XhMUOhONoQZSaTRma2dCB6RZ7_1XQGhzpo7ZorvdjTdtO7bkfJ88JHuIxQ1tDCAg3DmkINVhZreV4JEdGtRtMLfczC4J5IOoRRchAsXeH3ss2olx_iceb9NmOo-XTpDr01pd0xyyFQSL-l2VdeLAwr8UF1wkSCBn07HmRcnCqE1zjI2b58pqc0I5mszbaKNIt0MLxQp7RR_-vR0WqRaoHzFFiBOquyK4u0VQblGTipp7iCoIklx0e_BYudT7c0YHhqUIiYN12smFvW83f8iUseAEqZxZFITl7pBJIQ7r3ib0j2-dVRgTyYiMSIT-V02iysZ9I2t60en2JkKYnUtnVQJfzbUlaHctTY-1mbLSQodYalHDp1iWOTxnDkilUWZJSlVdlF4Bk3mZICApAkc8cr-u4dgrNdsIuXPdnFs4tKpklXkXoTAb5rz-_mqe7OeHH5pf9_xU8B8j0q8FKY577H7sdvNCT1LsOu6qVrTu1OuKq_sct0A74RB2L3eTD09u2I8q4dy3VA-NzDk0EEvJZY1Wa4rm__7L2KNGRcT4yy-gCddsQVVauF_R0lAdMV_ZCsSNYjmHA1sLPN75fGKiXT4bRqmopNTJRstZMQYACg2qKh8ZdfDwXeWaNoCnYSsKYZozbf036ZrLS4qWmCmwYPMPVpZgTOHWWZDRufa069ed0E7qKlItV7hrAkR5tAMmqY6egs4JyiuvmMod-OeQX3c9YndlgejELeB1s4fxJdVIq4n8Ha7f79kAIDTtyybFZhdMvtldajgM4gl3uYsSs2upWR8yfyblZSnJYKnIAXxXpqgpGV1nm6hjARA2Fh4hF7CkAQdSiY3Ffor9RiFLIIrU5Ky3u6D5_XJt1VTspNKL0HTDndeCMEzZMYU-ZrqencUsyYav-VMsRd9aTlKKlkc8GHQIwwG4oq2WNr3eihqYkgnRgs0poQV_Q6TaE9Xg19H8AktSni1VonWqJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AAB0 0
20 B 127ms
126ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpHHLrWtaZKn9NdOYx_AP0fuZsAEAAAAAOAHgBAI&bg=!AgGlAVXNAAYV_mUANf47ADkAdvg8WnR0ipGZQQ341OzVli42SkLyGk5kD83dguuzF24wo-_wQkJG1TwBu2LUYYNqSg8_cA-Oo3UCAAACulIAAAADaAEHCgBQR2O43HDphNfXwQtPbnzhJ_tC58eGg1HizssAniZ6X6fS8QJtkAyPhCQhWFjzXHO8VwBQAqOgBvgPyxWrDVy86q_Qmu7drVCdEFslL0qilTCZAuLF4kKW00RUj4CA-OHmaTMyDMWG2_pRN2-RBAKQSctuzzHm4NwrXLf59KopzFPsFIEAU6WKxITGMwxewUGsTQvpp_1rDfTrFUaiH8qS37MjSLZcWZZiTYO6Wc9R19uF9v2V4QuqujV2wYWDjdE8lrtODlbsIFl3ITrtXT9NEjPm3Y5xdfg0MhT7TJgppuiciilQ3ODs2B3rooRyKfeFK_DKxx3ikVhc2xvRH4js6QEgompIH9jevsZllSNRpsNEQ2Pwtq3fbfC7vcBcdpNhzF_zCR5OECGPRmiTExksizog4QTX7US8OVH0_eXe1ZllH5AEl2NR5ENItFWtYsSG2XZgWTlMFKeHL-Q10f_TQKTRXEOnpUkA-mEs4g7HtGSiQFAZ1yG-3p-K1JVGlkvAF4UZgrh8oJsksvw5_QVjlSY790HQU4ukGC5Mh0sDtSXCjldGFSP6o2iF6FI-aRoZ8YbqfqdspZz_pk62f-ABZLgooKAXJCKSzmUhjhMjo277v_ya0djaQaSpE6DgBALOFo3fjvrseRuwmdqCronJUO0sSEJ3IStPf-aXrwABpsfoms8Pnzl9RdfjbuN-_mjIdZsSQU2YYSA9rbx0GhQaTRN1pX2j94fT2wMiuXiJ5bgagyo2p9s84Rq6CeNE_fi9IMsOxbvyjmLAzWuVXwPFd1ZjyGWygsVC8-Uq3kjFTvdF-ICqjh8CwrO14RLy2x8qZ96hmAGrnOW60L-9ge-e2yI8FYqzT-QOH5vh0XdHNnJneHf7sKDUiNb5X659Y4NF3ZYy_nmB8v3WsvqZ3ioKOIogN5jPwgVG4iiOVyDm9qBOwZ-sO9lkJscLb3-vcpS0638u7gFQZAtILnfz6MS5v9hoUG3VPOmOqAznFnvNThQKNDkKtF8lY4FcRPGhxLmBApmsNDoWr48LcwTZS157jA3XvAja_fF6gUmCkJkFmjNXZXk2FUtdF5fwkiJoCbiIxxzNzuA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content smwt256.gif
us.ck-ie.com/ Frame BDF6 0
0 309ms
96ms Document
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Tue, 09 May 2023 15:50:08 GMT
Server: nginx

GET
H2

200

8639980375ede171cf5c1e6d138ea Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 86E5
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/8639980375ede171cf5c1e6d138ea?gdpr_consent=&gdpr=0

0
498 B

52ms
52ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/8639980375ede171cf5c1e6d138ea?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7c4b18b0ca46366d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 09 May 2023 15:50:08 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Tue, 09 May 2023 15:50:08 GMT
Expires: Tue, 09 May 2023 15:50:08 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/8639980375ede171cf5c1e6d138ea?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1683647408696041-504

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 6623 0
0 21ms
21ms Document
text/plain 3.74.91.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.91.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-91-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

date: Tue, 09 May 2023 15:50:08 GMT

GET
H/1.1 204
No Content smw888.gif
us.ck-ie.com/ Frame 2402 0
0 263ms
103ms Document
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Tue, 09 May 2023 15:50:08 GMT
Server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3EEE 0
10 B 30ms
30ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-rbFsA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:50:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

fwO1ZpaKDHR7UxaZEaWy Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame A3F8
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/fwO1ZpaKDHR7UxaZEaWy?pi=smilewanted&tc=1

0
511 B

37ms
37ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/fwO1ZpaKDHR7UxaZEaWy?pi=smilewanted&tc=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7c4b18b10ab5366d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 09 May 2023 15:50:08 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Tue, 09 May 2023 15:50:08 GMT Tue, 09 May 2023 15:50:08 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/fwO1ZpaKDHR7UxaZEaWy?pi=smilewanted&tc=1
pragma: no-cache

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4BBE 42 B
64 B 57ms
57ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CWI5irmtaZPScMtuMgAer36ywDayd8c5v-7yd5rcR9OCp-u8CEAEgxfaGaGCRBKABza6R4APIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgT_AU_Q1piGOEP9_jbezkxqBQKbgXV7JkoGGb6qwjF-Exdl3LB3VnBOJd8eZQdQD6XKDqb0DtMVwX9DJXmDkNIACe9Y3IDuC4RJPYs83U1kz-BHWsmVkMf_liTdycfC9K91zzMkz5r5BvUrNzVI8aw6mvdoMJPrWPMHpCmge34U0bJxy4JEj8_QRmjqC80kpWTpupRgvcvs0hUmSnviik-fzMrhLAhFIdnDPPFxzhCGyHZ9GAc6aZiWzum79tkbTyiS5_NqeX50Q7jPmFS_ZFLBiGV6cgg-YRo17QPBTjQVlwCKLkj_PUK4DfdpL_4l3yA67DgN3fxi1jrHg0ezqGxUssAEzOnB7KoE4AQBoAZUgAeAgoh0qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYyMTU0NjMyOTI1MzMwMTWaCS9odHRwczovL3d3dy5tYXhpbGlhLm5sL3RoZXJtb3NiZWtlcnMtYmVkcnVra2VuL7EJTLOt-q3FPA2ACgPICwHQCw7gCwG4DAGaDQEO2BMM0BUB4hYCCAH4FgGAFwE&sigh=7V_QTetUO9k&label=video_ad_loaded&sdkv=h.3.572.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU5OTA5Mzg5NDc3OTIMNjU3NzYzMzAwOTQ1QLEDUiMQDyUAAKBBKAE6C0NiMFIxX0FDc0tZQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 5024
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=cb013480b56dd946997bd5e1b4bf77eb

43 B
1 KB

20ms
20ms

Document
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=cb013480b56dd946997bd5e1b4bf77eb

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

AN-X-Request-Uuid: a1c4f452-f579-40bd-9794-914aa0d6296f
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 09 May 2023 15:50:08 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7c4b18b0ea83366d-FRA
content-type: text/html; charset=UTF-8
date: Tue, 09 May 2023 15:50:08 GMT
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=cb013480b56dd946997bd5e1b4bf77eb
server: cloudflare

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 4BBE 41 KB
15 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 03 May 2023 18:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 May 2024 18:07:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BBE 0
0 120ms
120ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.572.0&e=44740339%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=2351361737889302&domain=g37.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4BBE 0
0 64ms
63ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSYeArmtaZPScMtuMgAer36ywDayd8c5v-7yd5rcR9OCp-u8CEAEgxfaGaGCRBKABza6R4APIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgT8AU_Q1piGOEP9_jbezkxqBQKbgXV7JkoGGb6qwjF-Exdl3LB3VnBOJd8eZQdQD6XKDqb0DtMVwX9DJXmDkNIACe9Y3IDuC4RJPYs83U1kz-BHWsmVkMf_liTdycfC9K91zzMkz5r5BvUrNzVI8aw6mvdoMJPrWPMHpCmge34U0bJxy4JEj8_QRmjqC80kpWTpupRgvcvs0hUmSnviik-fzMrhLAhFIdnDPPFxzhCGyHZ9GAc6aZiWzum79tkbTyiS5_NqIX_utitd3sZC6s-8J_hkn7gVvKpHG-jeuPdntwoiJGbn-JJLEgGg9dQJx9-BaUWiYn549SJbde-YdcAEzOnB7KoE4AQBoAZUgAeAgoh0qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQpPQ1qAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNjIxNTQ2MzI5MjUzMzAxNYAKA8gLAcITBhjNrpHgA9gTDNAVAeIWAggBgBcBshceChwIABIUcHViLTYyMDE4MzY5Njk0MjQ5ODYYkfNs&sigh=IWgGqPbdF0M&cmd=Ch1jYS12aWRlby1wdWItODE3MDk2NjUzODE1MjU0MxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSOwBygQiD4XF-8yCg9WxBkJEJiSpEVNm7ZmNyKymaujFfK0Mp_YG6BXibrHlZPzACz62Fl4jkr0Cph4DgGAE&sdkv=h.3.572.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4BBE 42 B
64 B 59ms
58ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cj4ZIrmtaZPScMtuMgAer36ywDayd8c5v-7yd5rcR9OCp-u8CEAEgxfaGaGCRBKABza6R4APIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgT8AU_Q1piGOEP9_jbezkxqBQKbgXV7JkoGGb6qwjF-Exdl3LB3VnBOJd8eZQdQD6XKDqb0DtMVwX9DJXmDkNIACe9Y3IDuC4RJPYs83U1kz-BHWsmVkMf_liTdycfC9K91zzMkz5r5BvUrNzVI8aw6mvdoMJPrWPMHpCmge34U0bJxy4JEj8_QRmjqC80kpWTpupRgvcvs0hUmSnviik-fzMrhLAhFIdnDPPFxzhCGyHZ9GAc6aZiWzum79tkbTyiS5_NqIX_utitd3sZC6s-8J_hkn7gVvKpHG-jeuPdntwoiJGbn-JJLEgGg9dQJx9-BaUWiYn549SJbde-YdcAEzOnB7KoE4AQBoAZUgAeAgoh0qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYyMTU0NjMyOTI1MzMwMTWACgPICwHYEwzQFQHiFgIIAfgWAYAXAQ&sigh=6V6SKkcymj4&cmd=Ch1jYS12aWRlby1wdWItODE3MDk2NjUzODE1MjU0MxAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D848,1191,1067,1585%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D14976%26vmtime%3D-1%26is%3D33554707%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2139%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D680372264%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4246%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1683647408340&sdkv=h.3.572.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU5OTA5Mzg5NDc3OTIMNjU3NzYzMzAwOTQ1QLEDUiYQDyUAAKBBKAE6C0NiMFIxX0FDc0tZQglnb29nbGVhZHNIsQNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4BBE 42 B
64 B 128ms
127ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCXhD_iPsjrhkd9t5m-sca0VPyr0gDnTXxqJgWRORbOcuJIceO1FD4qDNzFWTiYHGjn80tu56yB1d9s-ylHf4FbQAYp7SCAtVVzhBCCSNQrQ0WlmyoPNrpqz-rOZQkuJNQcojbMA&sai=AMfl-YRkIiuqYn-F9cQYibOkqWeMtofWOWVqhfIAq-QEkul2MvKRm6-6KinS0sBy8p8E58wHWyCoPIxh8QFPzVjRxwU06zX_qB-hVAYwNhNAwmsFIgLqvCzVaiA6uHk&sig=Cg0ArKJSzHezJpbEVTiwEAE&cid=CAQSOwBygQiD4XF-8yCg9WxBkJEJiSpEVNm7ZmNyKymaujFfK0Mp_YG6BXibrHlZPzACz62Fl4jkr0Cph4DgGAE&id=lidarv&acvw=sv%3D951%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D848,1191,1067,1585%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D14976%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26ic%3D33554706%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2139%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D680372264%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4248%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1683647408340&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4BBE 42 B
64 B 61ms
60ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cj4ZIrmtaZPScMtuMgAer36ywDayd8c5v-7yd5rcR9OCp-u8CEAEgxfaGaGCRBKABza6R4APIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgT8AU_Q1piGOEP9_jbezkxqBQKbgXV7JkoGGb6qwjF-Exdl3LB3VnBOJd8eZQdQD6XKDqb0DtMVwX9DJXmDkNIACe9Y3IDuC4RJPYs83U1kz-BHWsmVkMf_liTdycfC9K91zzMkz5r5BvUrNzVI8aw6mvdoMJPrWPMHpCmge34U0bJxy4JEj8_QRmjqC80kpWTpupRgvcvs0hUmSnviik-fzMrhLAhFIdnDPPFxzhCGyHZ9GAc6aZiWzum79tkbTyiS5_NqIX_utitd3sZC6s-8J_hkn7gVvKpHG-jeuPdntwoiJGbn-JJLEgGg9dQJx9-BaUWiYn549SJbde-YdcAEzOnB7KoE4AQBoAZUgAeAgoh0qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYyMTU0NjMyOTI1MzMwMTWACgPICwHYEwzQFQHiFgIIAfgWAYAXAQ&sigh=6V6SKkcymj4&cmd=Ch1jYS12aWRlby1wdWItODE3MDk2NjUzODE1MjU0MxAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D848,1191,1067,1585%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D14976%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26i0%3D33554707%26ic%3D0%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2139%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D680372264%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4250%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1683647408340&sdkv=h.3.572.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU5OTA5Mzg5NDc3OTIMNjU3NzYzMzAwOTQ1QLEDUiYQDyUAAKBBKAE6C0NiMFIxX0FDc0tZQglnb29nbGVhZHNIsQNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4BBE 42 B
64 B 59ms
58ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cj4ZIrmtaZPScMtuMgAer36ywDayd8c5v-7yd5rcR9OCp-u8CEAEgxfaGaGCRBKABza6R4APIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgT8AU_Q1piGOEP9_jbezkxqBQKbgXV7JkoGGb6qwjF-Exdl3LB3VnBOJd8eZQdQD6XKDqb0DtMVwX9DJXmDkNIACe9Y3IDuC4RJPYs83U1kz-BHWsmVkMf_liTdycfC9K91zzMkz5r5BvUrNzVI8aw6mvdoMJPrWPMHpCmge34U0bJxy4JEj8_QRmjqC80kpWTpupRgvcvs0hUmSnviik-fzMrhLAhFIdnDPPFxzhCGyHZ9GAc6aZiWzum79tkbTyiS5_NqIX_utitd3sZC6s-8J_hkn7gVvKpHG-jeuPdntwoiJGbn-JJLEgGg9dQJx9-BaUWiYn549SJbde-YdcAEzOnB7KoE4AQBoAZUgAeAgoh0qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYyMTU0NjMyOTI1MzMwMTWACgPICwHYEwzQFQHiFgIIAfgWAYAXAQ&sigh=6V6SKkcymj4&cmd=Ch1jYS12aWRlby1wdWItODE3MDk2NjUzODE1MjU0MxAAGAI&label=admute&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D848,1191,1067,1585%26tos%3D15,0,0,0,0%26mtos%3D15,15,15,15,15%26amtos%3D0,0,0,0,0%26mcvt%3D15%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D15%26pst%3D-1%26dur%3D14976%26vmtime%3D-1%26dvs%3D15%26dfvs%3D15%26dvpt%3D15%26is%3D33554707%26i0%3D33554707%26ic%3D4096%26cs%3D33558802%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2139%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D680372264%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4255%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,15&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1683647408340&sdkv=h.3.572.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU5OTA5Mzg5NDc3OTIMNjU3NzYzMzAwOTQ1QLEDUiYQDyUAAKBBKAE6C0NiMFIxX0FDc0tZQglnb29nbGVhZHNIsQNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
227 B 123ms
122ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10298&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fg37.com.br%2F&t=1683647408809&cb=0.23346884362767129&aa=slider

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7c4b18b11e1c3804-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 5AAA 23 KB
9 KB 31ms
31ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 61135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 22:51:13 GMT
expires: Tue, 07 May 2024 22:51:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame 5AAA 38 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 15:13:08 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6ED3 0
856 B 22ms
21ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:09 GMT
AN-X-Request-Uuid: 903a21e7-29e1-43c6-adc4-81f2f7981b75
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5FE1 0
856 B 19ms
19ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 15:50:09 GMT
AN-X-Request-Uuid: c36d60a4-8879-44e3-818a-cb1d35bf19ec
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.48.94.22; 37.48.94.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 playback
www.youtube.com/api/stats/ Frame 4BBE 0
0 28ms
27ms Image
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/api/stats/playback?ns=yt&fexp=44740339%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&el=adunit&cpn=9tBIZ2gdqd5erES0&docid=Cb0R1_ACsKY&visitordata=CgtFUWcwMU44UjBXUQ%253D%253D&of=ftaHEYWD6N0LdddhXd--Ag&ver=2&cmt=0.236&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fg37.com.br%2F&len=14.977&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=113.0.5672.92&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13&rtn=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AAA 0
20 B 126ms
125ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.572.0&bgai=B2y3ArmtaZPScMtuMgAer36ywDQAAAAA4AboFEwi__-6sy-j-AhURH-AKHarVAXE&bg=!4eKl4rbNAAYV_mUANf47ADkAdvg8WgsYlhjUjb4Zy85XsNZfKwdkiNgsEWtRw_5cVyiT9aII4KRnwQlI-RprAMIZtuUc9iQBwIwCAAAAlVIAAAACaAEHCgE4rQEFskPlGQtXNLVMn_dSFSq7vJMnAqTToPPAs6LuCuylREDG-KTDWXUj-rmIzcTeizUwAm0NZDJ9UT9cnG-8Sbzz9iDjJ3OV75ercow6NNFHJdAxJ6dVtaRChsN26cX9mIzs-DBd9UZJLie9gQjB7JSTnxm989lIxy_3avbt3TUhgVTHCh-iKJV5sLDtdtnYBkImND3uAygEeuWV1SgJwoqZECtxjEazWu8Jr_wvVO0dcYLpXhkO-tQq0WDCsyeAaQ2zFcWdG-VLXXL262XLsverxgCoQve13imxV-rLIjhgGi_spAIOidOBrAF6eUJX6pSZpeA9j3IT-BZhf67v6wqVDQXcBZuE4h-zGiLnL6PS31eCUvgjU164zMVnewNFRJ0LGff5U1Lzm_5cxL3H_KKLg1dPJAGmmQJAIfCY1UQpQWpDCSkCkJiZhRrkhH0QnQ00BSmLG0qUbho8wqI98eGzf2AourM1PoK0w6XcWzWOjb9u3_Ynnj4L3SRKlV0ZG3zgmEV7XJWNwlLAw_wltyjjLrfbUKH5WN1LD3zBRCtiMhDpUWkWzyR2h0NMA4xYkNscLWgpPKNb3Q8pgHgB5vOBT5bjsgnA7u0j95CBfc2IeFaXE2WCP6qKuCfUbiMaj2H2VDBhQm0Cd_cq_uSOWFJmPDTEArUzi_HLQJ_SILE_rMYgghKW2bTeFQzVdIpMZGp26yuhYtZYdE1Ji9FaBGrY4Q62naKviojEGZr90Ye9eMKU6CPxMnv89cRE9Q_fq3IpS0bJ5gk9RVQwHvE4aCeVqOedUskocjCKt4PDsI3VRK0qK89KXIfvI_ANNcmYKLeN2fbkGdNPRlNiSQPtxaPxMA9Ol7cH5STFB-tz_wzIGt_US-hIGkuWkbBvjUuyLr813wJTnl2p-KeTFv8LAXbqcvKEGRRJT6gJGS0c6bAnaqdwa3bsF2mXOgURDBX5telMsBC03bcYlojvyoiJDfbgGRQzw6h3FbQEXQjCqn7fRXoGb02aA4EnoJFcO31CN5_PR2JYU0IrU339etuuir3ewLqxjqvmTmMVftG1f-OH62R2UZAJolBlp-xIHcHQCSvK8pTFbKL3l2VKO-p2-kzXxszZ9ywtS4SUvRUG99QU4TZI0Q1xWxOkvgTCZ2u7fLQCw6aF-_8P60FaqY3SHyv7EnchAf5NeNE1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 126ms
126ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230504&jk=3673824616139106&bg=!pKelp_PNAAYV_mUANf47ADkAdvg8WuVh3tbLD2XEcFf8ybegxIsBtXS--evg-RwcH1yjVZu9Sj8aKdaPoWTDGGgSAEsRq1T6tpECAAABF1IAAAADaAEHmQKXp_VkJgR6pYmQ14XXYEENfeZwiWyEkrkZpFsq6c5NSw9klsbeekQSQzm349Oc51gWNkDksNuAsCPojtshQY49wl_CzvSgnQp55okDwwGSih_B_TxeGFDbbYs1s0fh1bCukkgy4SyyGc6T485uOd2CjH95QQ4XAJGLjrv-23CpoWEPn0tF6c1cBqxkZiQe-D6ORPoGJaHvsZ_UF1jgLNSXo_5GH5ZTspS-8SgYo-ktDVCN0ZqJ3LmoihRWu43AAhj2ExaZyekz_TAz2Whzbj-CTPRW2OrxEo89nfa17X-NQ_vSG55btbfJbILhAOXzqeDc1LBkO7Uq8JaP_pxs5Mb_icywZ0J5Ijy-QtkqEDidhq_5XTba8N8ppqVcSKXDQeHXBBlzevkA_hjx1DPL6mmS3d-TSlefr73hmHjCgyAyT7JOzhfq_WIlPWQymFpwJTYgTIQCUlFmmQ3--UmfU-5fGSZg7CwiPf4EQU0UpHEWqW6IzKPTSXaIaxmkxdIk1XERouX-z2qvjAloIO1qM2qe4XBamu46lT6Gi_Ck9fVjztpQIpiQ-Oy9Ihotp8B-e_ZY5h5tKrHiQuwSym72HEpcEqE_QZNCSgZI9ke3SdHjsC94AZdFPQgQdbs74JQHwdZhW0_P71ln9SgNB5MmeCGLZOcF4Mknb_xfYHM-iYHlZmboKfJhDtXl9axuee5WXonHKQYw1Nk0YC_0DACwTv2LxA0EkG1Bi8pgme9wSmVgBghrnlOIAnYPzb9Wsx4-uPPdciOs8BKmOVhobzZZ7vCqp0_HKfeaGfNhkmqfDs11YFs_4rD7Qx2C5BpQ1Hp_5GXS8ro4wX5UB3W16yB0zd9NdwrzQSXSnKEgP_Y3H4bqFbx5rRR18YJR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4BBE 42 B
64 B 132ms
132ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCXhD_iPsjrhkd9t5m-sca0VPyr0gDnTXxqJgWRORbOcuJIceO1FD4qDNzFWTiYHGjn80tu56yB1d9s-ylHf4FbQAYp7SCAtVVzhBCCSNQrQ0WlmyoPNrpqz-rOZQkuJNQcojbMA&sai=AMfl-YRkIiuqYn-F9cQYibOkqWeMtofWOWVqhfIAq-QEkul2MvKRm6-6KinS0sBy8p8E58wHWyCoPIxh8QFPzVjRxwU06zX_qB-hVAYwNhNAwmsFIgLqvCzVaiA6uHk&sig=Cg0ArKJSzHezJpbEVTiwEAE&cid=CAQSOwBygQiD4XF-8yCg9WxBkJEJiSpEVNm7ZmNyKymaujFfK0Mp_YG6BXibrHlZPzACz62Fl4jkr0Cph4DgGAE&id=lidarv&acvw=sv%3D951%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D848,1191,1067,1585%26tos%3D2056,0,0,0,0%26mtos%3D2056,2056,2056,2056,2056%26amtos%3D0,0,0,0,0%26mcvt%3D2056%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2056%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D639%26pst%3D438%26dur%3D14976%26vmtime%3D1786%26dtos%3D2056%26dtoss%3D1%26dvs%3D2041%26dfvs%3D2041%26dvpt%3D2041%26is%3D33554707%26i0%3D33554707%26ic%3D16777217%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2139%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D680372264%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D6296%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2056&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1683647408340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 boom.gif
pixel.wp.com/ 0
37 B 12ms
12ms Image
text/plain 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.179&largest_contentful_paint=1391&batcache_hit=0&provider=wordpress.com&service=atomic&effective_connection_type=4g&rtt=0&downlink=10000&host_name=g37.com.br&url_path=%2F&nt_fetchStart=110&nt_domainLookupStart=111&nt_domainLookupEnd=130&nt_connectStart=130&nt_connectEnd=174&nt_secureConnectionStart=148&nt_requestStart=174&nt_responseStart=396&nt_responseEnd=429&nt_domLoading=400&nt_domInteractive=1618&nt_domContentLoadedEventStart=1621&nt_domContentLoadedEventEnd=1636&nt_domComplete=5693&nt_loadEventStart=5693&nt_loadEventEnd=5696&nt_redirectCount=0&nt_nextHopProtocol=h2&nt_api_level=2&start_render=1270&first_contentful_paint=1270&resource_size=2434992&resource_transferred=978341&js_size=1304351&js_transferred=384208&resource_cache_percent=0&js_cache_percent=0&last_resource_end=7919
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g37.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 May 2023 15:50:11 GMT
cache-control: no-cache
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9C92 43 B
215 B 102ms
102ms Image
image/gif 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1128384&asId=46ebc884-7e3f-d1c9-26f6-4233fad8f535&tv=%7Bc:c8iusS,pingTime:5,time:5341,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:38%7D,%7Bpiv:0,vs:o,r:l,t:220%7D,%7Bpiv:100,vs:i,r:,t:338%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5004,o:338,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B212~1%5D,as:%5B212~160.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B118~0%5D,as:%5B118~160.600%5D%7D%7D,%7Bsl:i,t:338,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5004~100%5D,as:%5B5004~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:229,fm:tDM8W49+11%7C121%7C13%7C14%7C15%7C161%7C17%7C18%7C191%7C192%7C1a%7C1b*.1128384-68656984%7C1b1%7C1c1%7C1d1%7C1e1%7C1f1%7C1g%7C1h,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:40,sis:520%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:11 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9C92 43 B
215 B 103ms
102ms Image
image/gif 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1128384&asId=46ebc884-7e3f-d1c9-26f6-4233fad8f535&tv=%7Bc:c8iusT,pingTime:5,time:5342,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:38%7D,%7Bpiv:0,vs:o,r:l,t:220%7D,%7Bpiv:100,vs:i,r:,t:338%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5004,o:338,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B212~1%5D,as:%5B212~160.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B118~0%5D,as:%5B118~160.600%5D%7D%7D,%7Bsl:i,t:338,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5004~100%5D,as:%5B5004~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:229,fm:tDM8W49+11%7C121%7C13%7C14%7C15%7C161%7C17%7C18%7C191%7C192%7C1a%7C1b*.1128384-68656984%7C1b1%7C1c1%7C1d1%7C1e1%7C1f1%7C1g%7C1h,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:40,sis:520%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:11 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4BBE 42 B
64 B 58ms
57ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cj4ZIrmtaZPScMtuMgAer36ywDayd8c5v-7yd5rcR9OCp-u8CEAEgxfaGaGCRBKABza6R4APIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgT8AU_Q1piGOEP9_jbezkxqBQKbgXV7JkoGGb6qwjF-Exdl3LB3VnBOJd8eZQdQD6XKDqb0DtMVwX9DJXmDkNIACe9Y3IDuC4RJPYs83U1kz-BHWsmVkMf_liTdycfC9K91zzMkz5r5BvUrNzVI8aw6mvdoMJPrWPMHpCmge34U0bJxy4JEj8_QRmjqC80kpWTpupRgvcvs0hUmSnviik-fzMrhLAhFIdnDPPFxzhCGyHZ9GAc6aZiWzum79tkbTyiS5_NqIX_utitd3sZC6s-8J_hkn7gVvKpHG-jeuPdntwoiJGbn-JJLEgGg9dQJx9-BaUWiYn549SJbde-YdcAEzOnB7KoE4AQBoAZUgAeAgoh0qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYyMTU0NjMyOTI1MzMwMTWACgPICwHYEwzQFQHiFgIIAfgWAYAXAQ&sigh=6V6SKkcymj4&cmd=Ch1jYS12aWRlby1wdWItODE3MDk2NjUzODE1MjU0MxAAGAI&label=videoplaytime25&ad_mt=3912&acvw=sv%3D951%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D848,1191,1067,1585%26tos%3D3959,0,0,0,0%26mtos%3D3959,3959,3959,3959,3959%26amtos%3D0,0,0,0,0%26mcvt%3D3959%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3959%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1041%26pst%3D438%26dur%3D14976%26vmtime%3D3911%26dtos%3D1903%26dtoss%3D2%26dvs%3D1903%26dfvs%3D1903%26dvpt%3D1903%26is%3D33554707%26i0%3D33554707%26i1%3D33554707%26ic%3D0%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3959,3959,3959,3959,3959%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2139%26femvt%3D0%26emc%3D22%26emuc%3D0%26emb%3D21,0,0,0,0%26avms%3Dexc%26qi%3D680372264%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D8198%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3959&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1683647408340&sdkv=h.3.572.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU5OTA5Mzg5NDc3OTIMNjU3NzYzMzAwOTQ1QLEDUiYQDyUAAKBBKAE6C0NiMFIxX0FDc0tZQglnb29nbGVhZHNIsQNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4BBE 42 B
64 B 58ms
57ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cj4ZIrmtaZPScMtuMgAer36ywDayd8c5v-7yd5rcR9OCp-u8CEAEgxfaGaGCRBKABza6R4APIAQWpArhJv7UzZ7I-4AIAqAMBmAQAqgT8AU_Q1piGOEP9_jbezkxqBQKbgXV7JkoGGb6qwjF-Exdl3LB3VnBOJd8eZQdQD6XKDqb0DtMVwX9DJXmDkNIACe9Y3IDuC4RJPYs83U1kz-BHWsmVkMf_liTdycfC9K91zzMkz5r5BvUrNzVI8aw6mvdoMJPrWPMHpCmge34U0bJxy4JEj8_QRmjqC80kpWTpupRgvcvs0hUmSnviik-fzMrhLAhFIdnDPPFxzhCGyHZ9GAc6aZiWzum79tkbTyiS5_NqIX_utitd3sZC6s-8J_hkn7gVvKpHG-jeuPdntwoiJGbn-JJLEgGg9dQJx9-BaUWiYn549SJbde-YdcAEzOnB7KoE4AQBoAZUgAeAgoh0qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYyMTU0NjMyOTI1MzMwMTWACgPICwHYEwzQFQHiFgIIAfgWAYAXAQ&sigh=6V6SKkcymj4&cmd=Ch1jYS12aWRlby1wdWItODE3MDk2NjUzODE1MjU0MxAAGAI&label=video_skip_shown&ad_mt=5240&acvw=sv%3D951%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D848,1191,1067,1585%26p0%3D848,1191,1067,1585%26p1%3D848,1191,1067,1585%26tos%3D5286,0,0,0,0%26mtos%3D5286,5286,5286,5286,5286%26amtos%3D0,0,0,0,0%26mtos1%3D3959,0,0%26mcvt%3D5286%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5286%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1448%26pst%3D438%26dur%3D14976%26vmtime%3D5239%26is%3D33554707%26i0%3D33554707%26i1%3D33554707%26cs%3D50336019%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1327,1327,1327,1327,1327%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2139%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D28,0,0,0,0%26avms%3Dexc%26qi%3D680372264%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26ptlt%3D9525%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5286%26ss0%3D0.04%26ss1%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1683647408340&sdkv=h.3.572.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU5OTA5Mzg5NDc3OTIMNjU3NzYzMzAwOTQ1QLEDUiYQDyUAAKBBKAE6C0NiMFIxX0FDc0tZQglnb29nbGVhZHNIsQNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 15:50:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.richaudience.com
URL: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D

Verdicts & Comments Add Verdict or Comment

252 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

76 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
g37.com.br/	1970-01-20 12:23:59	Name: _pbjs_userid_consent_data Value: 3524755945110770
g37.com.br/	1970-01-20 11:50:52	Name: denakop_freq Value: {}
g37.com.br/	1970-01-20 20:26:23	Name: cookielawinfo-checkbox-necessary Value: yes
g37.com.br/	1970-01-20 20:26:23	Name: cookielawinfo-checkbox-functional Value: no
g37.com.br/	1970-01-20 20:26:23	Name: cookielawinfo-checkbox-performance Value: no
g37.com.br/	1970-01-20 20:26:23	Name: cookielawinfo-checkbox-analytics Value: no
g37.com.br/	1970-01-20 20:26:23	Name: cookielawinfo-checkbox-advertisement Value: no
g37.com.br/	1970-01-20 20:26:23	Name: cookielawinfo-checkbox-others Value: no
.denakop.com/	1970-01-20 21:16:47	Name: uxid Value: byN2euuiRdmUnXKGnBsE6w%2F0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: kiPpcHbFTNE
.youtube.com/	1970-01-20 15:59:59	Name: VISITOR_INFO1_LIVE Value: 6XwZN3y1uNY
.g37.com.br/	1970-01-20 11:42:13	Name: _gid Value: GA1.3.133574251.1683647404
.g37.com.br/	1970-01-20 11:40:47	Name: _gat_gtag_UA_223565207_1 Value: 1
.g37.com.br/	1970-01-20 21:16:47	Name: _ga_YCLYQ3FDTE Value: GS1.1.1683647404.1.0.1683647404.60.0.0
.g37.com.br/	1970-01-20 21:16:47	Name: _ga Value: GA1.1.1340732611.1683647404
.g37.com.br/	1970-01-20 21:16:47	Name: _ga_WDKQRS2GPR Value: GS1.1.1683647404.1.0.1683647404.0.0.0
g37.com.br/	1970-01-20 20:26:23	Name: __adm_tid Value: tid-3d8f54853.337419bb2
.g37.com.br/	1970-01-20 21:02:23	Name: __gads Value: ID=3950ad6e050e751a-22df208792df0074:T=1683647404:RT=1683647404:S=ALNI_Ma5fVoEU7A_ual5BJRMwq1f7I_R9w
.g37.com.br/	1970-01-20 21:02:23	Name: __gpi Value: UID=00000bf8aef6618f:T=1683647404:RT=1683647404:S=ALNI_MYsBZzOHoE0nM-uvNQHLqLi6JYdBg
.rubiconproject.com/	1970-01-20 20:26:23	Name: khaos Value: LHGG6ZNS-B-BANW
.rubiconproject.com/	1970-01-20 20:26:23	Name: audit Value: 1\|naVuGyos1qqBj5v1jxei9eXUadRsMXL7tE4q61KpmVkfvqYxyfs3hyGjSN7q8LhyPk3WWfl1wVogiN90qBb31LxoSg+8zYNL0A+VO7RH1E0=
.g37.com.br/	1970-01-20 13:50:23	Name: _fbp Value: fb.2.1683647404653.1669618545
.adnxs.com/	1970-01-20 13:50:23	Name: icu Value: ChgItMlZEAoYASABKAEwrNfpogY4AUABSAEQrNfpogYYAA..
.adnxs.com/	1970-01-20 13:50:23	Name: uuid2 Value: 4770752490713631928
.currency.wiki/	1970-01-20 11:40:49	Name: __cf_bm Value: 6DsQ4Uw.btPPJ3R6ubDHehFpER9ENvsWN1EzmKaCBMk-1683647405-0-Ae+/CidgBfkB8gBJK1SCayRXWnzGv9pl7oiTY+AfCbTlZUjl+EBJvCZhUfNQDn5IwcroR2lPrc9JvpyQDN5Ho4GKqCT/oUx1I2IQkZ9HnMx8
.casalemedia.com/	1970-01-20 20:26:23	Name: CMID Value: ZFprrW2LUVt48dcKqOYnBwAA
.casalemedia.com/	1970-01-20 13:50:23	Name: CMPS Value: 2210
.casalemedia.com/	1970-01-20 13:50:23	Name: CMPRO Value: 2210
.doubleclick.net/	1970-01-20 21:02:23	Name: IDE Value: AHWqTUmAwCd-uYfJOk1IL6xayKgPsloqyHYDeYJ5_0zLYZj0zyzqJYPPkuFu0Y_hrDU
.doubleclick.net/	1970-01-20 11:40:51	Name: DSID Value: NO_DATA
.krxd.net/	1970-01-20 15:59:59	Name: _kuid_ Value: Pi1oFJFO
.simpli.fi/	1970-01-20 20:27:49	Name: suid Value: D1DA4CFC031A45298F0B3F7769AADDBE
.pubmatic.com/	1970-01-20 11:42:13	Name: KTPCACOOKIE Value: YES
.turn.com/	1970-01-20 15:59:59	Name: uid Value: 3388446176344796216
.quantserve.com/	1970-01-20 13:50:23	Name: d Value: EEkBCQH5KIEA
.quantserve.com/	1970-01-20 21:11:01	Name: mc Value: 645a6bae-bcad2-30e20-3ab3d
.adform.net/	1970-01-20 12:25:25	Name: C Value: 1
.pubmatic.com/	1970-01-20 20:26:23	Name: KADUSERCOOKIE Value: C9A19DD4-FDC4-4A7B-83EF-0A8C5A30B808
.uuidksinc.net/	1970-01-20 20:26:23	Name: jcsuuid Value: 81pZCFrReFh0LmCV8xAH
.adform.net/	1970-01-20 13:07:11	Name: uid Value: 2716891466583629599
.360yield.com/	1970-01-20 13:50:23	Name: tuuid Value: 75fd4922-36a2-40b1-9601-88fd7eb00c59
.360yield.com/	1970-01-20 13:50:23	Name: tuuid_lu Value: 1683647406
.mathtag.com/	1970-01-20 21:06:42	Name: uuid Value: cac1645a-6bae-4300-a13e-d7e9f43fd6ee
.bidswitch.net/	1970-01-20 20:26:23	Name: tuuid Value: 94955b49-70fd-44d4-8b33-0151c400becf
.bidswitch.net/	1970-01-20 20:26:23	Name: c Value: 1683647406
.bidswitch.net/	1970-01-20 20:26:23	Name: tuuid_lu Value: 1683647407
.bidswitch.net/	1970-01-20 11:40:47	Name: google_push Value: ATf1kGN-p1CeWAGyHN9mZv3C29zarfeOPXEj6bOZatmhuYlHd6CewpGOjUMtAKpWPI4LJ0SqqGKBdla4lzQQbTtX17-6yWEuHNWDdY4
.adfarm1.adition.com/	1970-01-20 13:50:23	Name: UserID1 Value: 7231210551061379219
.lijit.com/	1970-01-20 20:26:23	Name: ljt_reader Value: Gng2qGZHDt5RukUpQcieoMPJ
.yandex.ru/	1970-01-20 21:16:47	Name: yuidss Value: 8202918161683647407
.yandex.ru/	1970-01-20 21:16:47	Name: yandexuid Value: 8202918161683647407
.yahoo.com/	1970-01-20 20:26:45	Name: A3 Value: d=AQABBK9rWmQCEIxq6yMkCf-QVIVWBGQtEoIFEgEBAQG9W2RkZAAAAAAA_eMAAA&S=AQAAAiUK_4o0Rrv5Wh0JmKTgkqc
.targeting.unrulymedia.com/	1970-01-20 20:26:23	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-55a9daad-5186-40e4-b294-b122d47bf882-003%22%7D
.zemanta.com/	1970-01-20 20:26:23	Name: zuid Value: v3lEx_QeTcw0CKm9LflM
.mathtag.com/	1970-01-20 12:23:59	Name: mt_mop Value: 4:1683647407
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s87151\|ZFprs
.tribalfusion.com/	1970-01-20 13:50:23	Name: ANON_ID Value: aAnseFqO2c8U2OqnvebKslvc3CrZcchMMyL5bQuycogWyeZbPmQbZcSCPDRlytZcNSwhLHpGQjSIfD0wrVrO6nZbi
.1rx.io/	1970-01-20 20:26:23	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-55a9daad-5186-40e4-b294-b122d47bf882-003%22%2C%22nxtrdr%22%3Afalse%7D
.g37.com.br/	1970-01-20 21:02:23	Name: cto_bundle Value: 1A1m3l9GYkZ1cWhGRW1XenRPYnVtanJPMmJPcDEzV0w0cmNJZWgzeDNLSmdZYUVZU2xMU1dmZDhmSldXTzR6eFVjS0dINiUyQnc0TXh1SiUyQlh3NDZjazBWUFhiakRzd0JLTXE3THV5TzlDU3ExbDNQMWJFSjBFU3I2SElFJTJCUFdUOVpScCUyQkp1
.g37.com.br/	1970-01-20 21:02:23	Name: cto_bidid Value: hXU4gV94aVF5REUyMU9tVnd1elZCU2t4eDZXVmo5WGRWZ0RKOFk5SldoYlZXanhzWmxJMjNkVHNUSlE4dllBWHdTT3dMUkZkNDR4THZwTFVGZnVUVjc1QnJXZyUzRCUzRA
.betweendigital.com/	1970-01-20 20:26:23	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 20:26:23	Name: tuuid Value: 40047c75-b388-5281-acaf-ee4dc8f585fd
.betweendigital.com/	1970-01-20 20:26:23	Name: ss Value: 1
.betweendigital.com/	1970-01-20 20:26:23	Name: ut Value: ZFprsAAJQxjssaXd6I252gPfTwHYcIO82f1L9Q==
.linkedin.com/	1970-01-20 20:26:23	Name: bcookie Value: "v=2&1e2e501b-360b-48fd-8525-ad37865a13b7"
.linkedin.com/	1970-01-20 15:59:59	Name: li_gc Value: MTswOzE2ODM2NDc0MDg7MjswMjEvd8Wp33UQDj9LXQbnzER1MTFLHzoyyfKVAsCSTD+IAQ==
.linkedin.com/	1970-01-20 11:42:13	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2933:u=1:x=1:i=1683647408:t=1683733808:v=2:sig=AQGUGEaw_wSZFTwasLHslm8w-KLe-UC9"
.amazon-adsystem.com/	1970-01-20 21:16:47	Name: ad-privacy Value: 0
match.sharethrough.com/	1970-01-20 11:50:52	Name: AWSALBCORS Value: HR3yjG1S3MtcTgtQisM/ifjgpqpnJs8HwHJzwoaBnyJmiA7wsa5ABtv3Z6KxMhLhpGCFtoB+CWUTCIEDaxwLwXtpzSvzkNkods83NeTfUEU/Ak80LwHisXkfOmnK
.ads.stickyadstv.com/	1970-01-20 12:23:59	Name: UID Value: 8639980375ede171cf5c1e6d138ea
.creativecdn.com/	1970-01-20 20:26:23	Name: u Value: fwO1ZpaKDHR7UxaZEaWy
.creativecdn.com/	1970-01-20 20:26:23	Name: ts Value: 1683647408
.smilewanted.com/	1970-01-20 20:26:44	Name: sw_user_params_infos Value: MqVrfiYWsaUrpwZLvbu%2FIjNLaiH3H1u47rKapbr7R6M02gyS9%2BTMa0v1U%2FAeV8OI%2BzleMZj9LxtmdnGpHzEntGuzIo6pz0aPnZuBtntZU43kNVr2BAbTdl%2BByZ8ip%2F8hxUFpg4KMxpwNVGHAuUDvpdx7Pj1hs4gTyRQbm9mAQFINeGsM6NmtP%2FYo1H6LicNcOmsQt6xGuqL95oaudrp9FMD7SPzfkn6gbntW2mxcwY9adEGmk%2Fh%2FXP3jhyXcputj6jJRAWNeC2SsrwZyDFx6goAnkibk%2B0HjbdV6g6MirV6oSXHr8%2BTqQKbN7PCRVsOgtk1wfAkBHEp7f%2F0ZuMkSNk0uh5ks%2F0DsjviE0l9AlSs%3D
.amazon-adsystem.com/	1970-01-20 17:22:04	Name: ad-id Value: A7SxXoPPT0etumuf8nCAoog
.adnxs.com/	1970-01-20 13:50:23	Name: anj Value: dTM7k!M40<EVNsVF']wIg2E><m?yGt!]taT8i_iqf!oN/@E'zz<Z0Q8UEG8s7e?//dT`6ED)pr'YXN@HQMk6c1BTD._Pl[i'pRL>iih.1v>/7P`5V.w/4/Zbw^w#5E_syUR3moR!41gt5h!0akHx?ze+.<Q!/3bS<t:a
.adnxs.com/	1970-01-20 13:50:23	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJjYjAxMzQ4MGI1NmRkOTQ2OTk3YmQ1ZTFiNGJmNzdlYiIsImV4cGlyZXMiOiIyMDIzLTA4LTA3VDE1OjUwOjA4WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTA1LTA5VDE1OjUwOjA4WiJ9

45 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
network	error	URL: https://choices.truste.com/ca?pid=goldbach03&aid=goldbach03&cid=20767375&js=st0&admarker=dynamic%22type=%E2%80%9Ctext/javascript%22 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=2969136044&client=ca-pub-9615345408743774&fa=4&ifi=10&uci=a!a&btvi=6&xpc=cHJoqCYomJ&p=https%3A//g37.com.br Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230504/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=2969136043&client=ca-pub-9615345408743774&fa=3&ifi=11&uci=a!b&btvi=7&xpc=0E2ss3BaTE&p=https%3A//g37.com.br Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').
security	error	URL: https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js(Line 1118) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://g37.com.br').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.cdn789.dev
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
adjs.media
ads.betweendigital.com
ads.stickyadstv.com
adservice.google.com
adservice.google.nl
ajax.googleapis.com
an.yandex.ru
ap.lijit.com
b.admasters.media
b1sync.zemanta.com
beacon.krxd.net
c1.adform.net
call.cleverwebserver.com
choices.truste.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
cpm.denakop.com
creativecdn.com
csi.gstatic.com
csync.smilewanted.com
d5203a6380bebc8e2d373ba473fce975.safeframe.googlesyndication.com
data.gblcdn.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
g37.com.br
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.ytimg.com
i0.wp.com
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
match.360yield.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.wp.com
pr-bh.ybp.yahoo.com
prebid-us.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
px.ads.linkedin.com
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
rr4---sn-5hnekn7k.googlevideo.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
s0.wp.com
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
server.gblcdn.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.smilewanted.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.richaudience.com
sync.targeting.unrulymedia.com
tags.denakop.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
ui.cleverwebserver.com
um.simpli.fi
us.ck-ie.com
www.currency.wiki
www.facebook.com
www.g37.com.br
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
sync.richaudience.com
104.22.68.131
13.32.121.11
142.250.186.162
15.197.193.217
151.101.193.108
151.101.194.49
172.217.16.194
178.250.1.9
178.250.7.13
18.195.170.223
185.184.10.30
185.184.8.90
185.29.134.248
185.64.190.78
185.80.39.216
185.86.138.16
188.42.34.64
192.0.76.3
192.0.77.2
192.0.77.32
193.108.153.23
2001:4860:4802:32::3
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1b
2001:678:cb4:bbbb::11
202.241.208.100
213.19.147.45
216.52.2.6
23.37.42.132
2600:1f18:1aca:4281:64a1:e52f:ae17:1d2e
2600:9000:223f:8200:8:48e:53c0:93a1
2602:803:c003:200::41
2606:4700:20::681a:442
2606:4700:3036::6815:4698
2606:4700::6810:3965
2606:4700::6812:160e
2606:4700::6812:18ad
2606:4700::6812:18f6
2620:100:a001::c
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82b::2016
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c0b::9a
2a00:1450:400e:2::9
2a02:6b8::90
2a02:fa8:8806:16::1400
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3605:e341:f6b2:dd43:a873
2a06:98c1:3120::3
2a06:98c1:3121::3
3.74.91.153
31.220.27.155
35.204.74.118
35.227.252.103
37.157.6.248
37.252.171.22
51.89.9.251
52.17.96.165
52.215.61.40
52.31.101.146
52.46.128.147
64.74.236.127
67.220.226.234
69.166.1.12
69.173.144.138
77.245.57.72
8.2.110.114
85.114.159.93
00b1ab7925bf1a7b66545f01c1d44d02d79900efe26f3afac50c3f5b598172db
018e10b5b0a2934f9305885806e671af8f1f66ad6efee6af2d508227942b0a37
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01f77e154a5a5227a5e380b72b61023bd59681a8d8901931480f0bcbedd9717d
042f2c6f59caf65387df2ac20bbcbc71f356ffcf49a4857efb78a21115a3ed82
06bb13eb509ed08cb89ad82c321c468b9f1b4fc8f3e8e9d965ee0464236ac22e
074fbc5276a1cd4fc4594fd67e3f1a7ca65760f03d40426e18db2cbd96907cda
07917176a1b0c542bbc744903ee02a4c204371a21e0988b0069bf98b0f54c304
07c6733fdbc08bb75f154508d9414199f89121ff4f7b1347699b338fb01fa81b
0833b4aafc9a9e79375911acdfef6ec08d6dd67e66729da732587a3c4a2ced1a
0ac1072dcfa5c92eaa9bd7df7303aceedcd0edc63d127cb5ec62c66909113366
0ac5a1e6c2c1fde505d9378a2bec86ae156da7dc888e199b380c8203f010e8c1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1
0c56390843c87e6a77c3fe29a47771105bac6a5b96cb358e025d6b34ab82fe59
0d39dd26ec8fb71eb7f698699e902d6bf28f816c2064341cb44e72050a1620c7
0f127c4ff7b0ef9bde4c4a6a918eff0d924ce021bdf2985d33c55669bca90847
0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
13b0138595dabcf3ef27e791569b3712814a585230244c4220feb227f41e330a
15234d123832ed49dc2ad298e70fdf00b744161aa31ab600fe18f3bac0fbb9d2
16bc13ebf0fda0f7019c9730740e635c7c167f428ee01bed78e1a29939b0e2f4
1783396171552e363f707655f9677906ac7304fb38163c3fc25de9b11656bdfc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b5201264a2a934de87c72ce20ed8f356858cf8144a2d0fb46aaf64f81839751
1d29a4da589df44d74041478486a73e8875b37c1a460616e1017e07f76d209e0
1d731d9c4d2093d32b1dd4e08c2abf25c23bb9e094699c567c577d4c2c9782d1
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
21afc53680e444ad244fa921e1d16415e29549e74cfe0577eccedb4175c4b01b
21e8f89adf39c45a1b9d800fd0af165f020ec63d38d77eec516cfae46df737e4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
268be480f403c9153437f06cc4423983ffec519ab9af6160a2c9b52c8fe41db4
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2e61e1a88bb296c840bbc2b285bf9c6647fe3df7e9930e6d2a35b58fa4e23122
2ebfc4b3fc6e4a8bf1eb340eebd701a2c91c367a62d6f196adb115ea919f1f94
2f3d5041a0b1bfd6133a793693335fd61ab52eae1eef9a3f0192ac740392cf53
30df90c50d0df36e8fffda3427a581bb4a7b3c98f7fc77253fe04da4ecb065f5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31cf6a8d923d6a1492fcbb452b3b255fba60888ffeabe8f16b444150cf1457de
3300157bdc34ae69fac7daeed3cd627821f82c4541cb5e6e96b302929aa54a88
351937b82a2c29d3bb1001bf8232319288626dbcd71039b78c9168d1cf5c79fe
3574e2d9bb51b3d538fa73d5e6f56c2c51ee0065e451b70088261fecc832f72d
358045565f4986d574ac025c1267a10f88b64a1c58988fe3edfc250e1cd99707
39dc6e27661f1c1de2b758d008b20657c600df5c714926a3636284628b4863bd
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3edc2d3457909332a975b69ecc9c3055b756012ad4bff5ce9575abff15ce7f2b
3ef3d4f28e14fd207014c12836516ec34c931a471d9f6f59641f84ddfc88d4d7
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4368ff23045891accbe79eb847c09d03d32cbd7298002ba2c3ab3c14bf29c536
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492584db86b05db92e84082fb80ac2d2944bc4c7c8d9ef82cdf8c880b7cee02d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b682c968688b945a54df07ead9b07dd939579c3f962ebe737901e9c0f381ea9
4b9b55e1fad9c29de94a1b3a0ccce5881f47565e94eaaeeecf4594a111fd5b64
4cf2197f2fb9bda274ec8c136c63958e6f1f39f669129e3eb383ba560483b6e9
4d24628c01669011268da9e920146b99d3d1687aa0efc5445595116b8a2ab380
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
502cf1cd8e1f55aeca22c593588cb2174fe76962147a540c6aac013a9e29e01e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51dc1ea3b9642d966bbdf2c63346e4d2d3f668a693fa8e7f1e31bf6acbe48860
5349880f99b0b3e5c8fab8cd374aeac5bca01a96b1e515c82924eec601c79d30
542007f1393d22bb236f7092a3098723c68ce5fa756e18f40b8b9a8af8669426
545ac3ae16ed95d67e93bb3067a65c779e4d00fdaa7ec1df2d735a4660e84e07
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5865ff7b5d234958650376486a58ce1f59a0b5d50cb66adba43a0732f8c2e50b
5b5635f4bf43e0a24ac24f19054d7a7c2f0a76e038276cf160491c79f9a205f8
5b7adcaa3cb72833b6940a4a3034ff8136b6401f68e51aa8e00ff2a756a164c0
5eebde867d40a81ae97e3435d28131caca3bc51c4f4f6129ac7321bf755704f8
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
5f628e528615b4682d48990c1b88679af4e94523258e40fff53a7f390f111de1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631218bf66018397cd19c21c6987fee15bccc7c49cfa503f0f98243d09b84648
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69087d7c027c1d2e40000046ef9b2be0bfa17c6227208c2fbc5dca1c6b673580
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70e9da01afd557b6f75424e37f55925f31f8629fc137db92cc762865bb7b91fb
7437e71649e432f5be08a376c0b08eb0901eb656d9f665d4c1c6ce55fb1064c4
7669342d5cea568d6b38d5d626149f6b1a34ea046d076647abd6c74876210463
77384310d4ffb3b35481ce813a3ef4f3cbcf694e8a7a58f6698c692bdf27de5e
78700a017b7d680a688cf5040e5feb9ae2fe11ae8597ee8dca7f95407b21235c
7a49dd6981ad19baa86a909298b2c1ca474b1845b24e14479dde564b2b22ebef
7d23473bcc89d3dd2c81bea8c73a5b4c7eeead1dce1b7fb3ac1ff8dfdd5fb2fb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
831fd3239256a34b82338d3f53ccfd7e5a8577e2cd426fcfc77a5a8bd160c928
838d5ea3cbf1b371d33f793b4c93772fb285878824f3666428948e34caf93215
84061db469b393b3daa8200032128db105fc82046df6d2635f8c0b4536b05470
848c1152d9a329cf2b01b4c8d32858b76d66d2e58dc7153f88f6cffc865114be
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
865a9253f7a2302ece2061ce64b476ffc5906ecfcc44b7f9fe3913d71110d246
86e037c1fb743b98f684b81eb34e51b464ecbcb0306a08c1191ee0d8a0e63ff5
888e63efacfa5335fdc5c9297a9ac8804fa3027eb6c517166bc01381bda8c01c
88ec6678578572c52d64e8e106e9051d379bc178e108539374c14530b7431cfe
88ed89e32107857eb9e3231319fa152608f56294d1457de839a27370c0a287d5
8b8e2bb8137f39111920a199ffaed5afc3223477f7831ab69a93ab67e7875b55
8c19746b6623e6e708ff5afb555128bd3612e58eb53168b11403489926883008
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8e2e20ebce6447783d5c1ff767c64f0307b48fd9f3c00069e46fe30a7f10d6f4
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
8eabacd75cb4a227b466dcd25139e00aa63f64a0b118325ff22b92e4088ef33f
8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b
90bf31d845ce435bd2e03aac949e5267dac8e942f70374b1c4ff6cc5e4e51462
90cf15e694a6e80e7ba440863094d7f1678397cec7b51ea20ab5085c26cbd32c
9205478139a1cf4128e7fda06960ba1efc3ee9984b134ba9d8c1cc4598847f49
93ebac2a7b4d263d6548a28e5290e644f70ec101bd80450ee4ca2fb47c5c0898
947777ca80656a7f4768ffe41ef2c360c67e333d09b2c5a7965a4608919f3504
94ccb3c1f2314f1efca85d5ac9f0a0f434275e4c03295a1a6c79c1734699cd38
95ee88d5d258b6185f89470528994c314ab818dbe02aefe6075d5ec33f1a9501
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba951574347e3dc5c46c4afb188fff206560ffec9f842d67bce311ec39aa331
9c600119468acb102f4e6e3d790eb6039839b2bfed1a4453fba41c2ce40419bc
9cd04cfe5bafa961bdaadbf89fea8711dbe3fee55ac0e2ec3680028ef06cda51
9ecbf3119b8cdcae792d565ac6d41e17d59fbe4637e9ee1b50eea38ed19a52b9
9fcf45ae617bf507ff5e58f75e62a19a02fd4449277ff7f7a21c81c40778f130
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0405772d5591f91c49ea3193dea5865f3573ad206b0f21657f8beabc42a3b01
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a112c49f0b988044b983dc9a75629c0e408200719c903357b0c9cd8931959b42
a1454244fbbaf1c788ad4b76655a909fd08af8960f1b33ea2681dc3fcf6ff479
a1bdfd55f160a24894ef439dd29a29dd53bb08d9d38e170d148532471d0355ef
a21062c797f56e5087fe330b593a7c0835825e6d483e9da83f5078cc342350c9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a553be9e39efefaa2561864f98d6e3cac6a5083aed2915f35eb4db030869f11f
a96495736e304e92c2c59f020def4d40398dd58502ad7504281cab1e4a8ccf3f
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
a9c33d5162cee7063044b2c49a79c299110752f61e312e27c22163cd15557e5c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759
aeb9b5f067cbd3e9dcb263925281e3468cdb89e060ffd1839b5d3422c7f16d0a
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b080077be67f44a0c4cf754a402ddaced203190343eaa31bb79690f5c128d9e2
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4362863a471ecabb6b9df186f74709e6c0e98386ebbaa042cdde18ee798d2e9
b46c6f7e20964b81298dda484f46677574fed9d392840532ed52cbed7a287e5f
b4fbcbbf07940d1778900ccf5470efe4e5df9c8b43118d93603af1e5b791a25b
b779cb526d81ad5d53dad7f96914a04b619f80e1b7a941b94f82b7656b759248
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c627153c9cb78d7447539e7d75ed6e85225424e5d0a60959a51d49f2d0f20f1b
c637f20aa2c06194694dfbdce826e0c2dc27be6768a7f796c9196e35e67e6c7f
c8963d294c9d3666a9a6cc76f8f0ceee212c81e07e8d79667c64d107327e5377
cb5036da953c88ab6a081da7198a54329b559b2cdf85c8b06fa12dd26a118a59
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ceab2a954eb0ed5f56d2113128d33914704897669fcf688f379ba1a0a8708eb4
d013bf51ebba259cbf4af6907ac4ad3c5e96c86f44a445c573dcfc61954f70b0
d082c8f89a636d53c3897dd3b2ff097776ec1bf9796ce593fcffce8988d92d28
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d22ff010062ceab86440a7c8da9694203448065da3194f1ca00442b9988a6150
d49ccc03ae3871d68801383bb2ac979b374ab16a3e7533cc1c0b8b38428698a3
d788b3835da0a9aa6fd32675c61fdf290028fe3e97bbccc8370a8e9812061d37
d8099b62c1c02acf6a3a22da9f7cb95cc1e42e195c6ce7f8c9a32bf7270d2344
d9fbd32212b5e1d8c88a8fa8215367e8f9c5679417529f9debfc3546834231bc
da5b4c588ea97f33e0a50b63b9842c2cffab18fbe50769d3ed752267734665c9
da9afecf3800826cd6854395b64a7bbcabeebaab7a369e9505e7e0160b9de63b
df60c3df02472e163c9dcc847c78f653d0a0104cf6dea974d1e2f8483a90c365
e131dafe5a4e9e7d0a15873898caa5c5e991b819e1f5b382ca7615b5c0c80886
e3035f4da137318c8ab24443847c53184aa239f7ae069dc2659eb9aaf8e4a4fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5081454d86612e40a39d1173fee48d3d9fb6b776e66840de8385e1ede4754f5
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7cdf25a5386ab328c13f7e79b2bbeaaef26dfeca314722793c8858710791562
e8396ba2f8fa4612c8a2cec04395908b1b414727856eb1548a9e7b9ea68a0dc1
e9798fc4c7ff476555c03664d50915973981718170a86a95ab1fbc2c9faf3255
ea326de78d6cf890aa6c41b13383c9dde0bb0a700d5a25d193fc2017c41d338d
eb0048226c135f488d7d6f207a6ec8e392b73dcfcd0ebf1a1c3972d6de7ca436
eb3f13a00ed39c265020b2e6f0e1b90c79f332911d2f7ab3193a0db1337890d2
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb4dd815204b6cd3bec2ca31d4a94eaf4a67fb1f3a918a6cf97923049806379e
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec25a2a97a622751d1ec7a9f41e37b52e978d5482fa38c16391f5ce1eb732c22
ee888bc3e7a166fe422eb4ba38421559ac0d86114235822d5ee02d8c5bdd7d63
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bc17112f84d3e3b9e381a292e9ee6263cfb0706f07e34501396dee3a7c8a2a
f1c2eba9dd067d2907d0517fe436202a857da14e0fd73e9a699d676129b35067
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f59ec81e5e0a803ed4f869232393eed1ecd16f360377c8e3c82e97943b4aed89
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
fa620478181dc6447b55b854d8d398cbbb973d068a9c69510b4012956c284a29
fb4c9bbeed2aa7fc0461b59147e4ad09841b9309030f8a22ffa8a2e7296e2ebc
fc6b4be08e6abb3eb2a11aa144bd219680b1ab1572ff7a51501fc717c380e5c3
fca06ac01baad34a8d2faa930825cd34d6303983accce5c43abee5c4258c6aee
fe2cca48ed6abed6497908b5ad92d87de2f7f68ffc8d583f47c66f6211d57f5d
fefed5fb5b13d8e217c9bfc2481ed9971784f6e88387be7b1486e209ffe2964e

g37.com.br Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

442 Requests

88 %HTTPS

52 %IPv6

68 Domains

104 Subdomains

74 IPs

15 Countries

7530 kBTransfer

16022 kBSize

76 Cookies

17 Outgoing links

Page URL History

Redirected requests

442 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

g37.com.br Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

442
Requests

88 %
HTTPS

52 %
IPv6

68
Domains

104
Subdomains

74
IPs

15
Countries

7530 kB
Transfer

16022 kB
Size

76
Cookies

442 HTTP transactions
10 data transactions