www.foregon.com Open in urlscan Pro
2600:9000:2057:1c00:4:c9a1:2a80:93a1  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7D3BDB33CAA44798B9290A866246BDEF&RedC=c.clarity.ms&MXFR=19B7B1A982976B8F3AB5A369869765C9 HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7D3BDB33CAA44798B9290A866246BDEF&MUID=1F90FB9646E9689320B9E956473B69EB

Request Chain 68

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBn5QuE1L_Nfo1yoFGFjLnI&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBn5QuE1L_Nfo1yoFGFjLnI&google_cver=1&C=1

Request Chain 69

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-ZvJunU9EeQjDEu9lWWFgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBn5QuE1L_Nfo1yoFGFjLnI&google_cver=1

Request Chain 70

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESECjyjBJzVJ5RSVlw8R1NDVQ&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECjyjBJzVJ5RSVlw8R1NDVQ%26google_cver%3D1

Request Chain 71

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk4MTE1MjgzNzg2MTY3MzkyMA%3D%3D

Request Chain 79

• https://fw.adsafeprotected.com/rfw/bgd/1135760/69474500/xbbe/creative/adj?p=APEucNWNxtS6oej_8a29Y8PExH4pS_T1GmCwTS8503Bi8HV4A7XArvs&d=CokBAKAmf-AvVL9-s1y3FuQwmhN5V5_jqYHnWrvM-zMNUlFno8ERG2tx8Ti08gv2Nd1dfv5oFlEKZ2CWJlBt51qeiavA9_LxUm3RdYvUcQLBcUH7np2fpADJ6yRoITW8riMjLyDAsN3O6JG1R2LYKjnTctePM7fv1RP9x8tnqHEqtDfjteo41DVZEX4SyRQAoCZ_4KieX8OZSgU9KJCdvVotk3Dc6tbBLp7WdRQyrNcMpmf0dHkECg5xDh6TF2IZjzc43B58YmKUckrFiU306GuPISU72uvKrjPTbmTsvMlAhXVuZ6g1EbUG2aEpj053Ft09NFlpIq_pkYZTolB3-Rl-YqyS8lYYa018GQ17vQrFgkQabDtYNnUnoNMD3OO7eEwPXy6cwBS7R9pyX9AldG_o-COGcMF3IRYiZnVkrbxm5RPaQZtfGjEUxT3OZPHsfuBqcs0AEzFbr_WjhB9CwTyDIOAXQILP8DloLljphBU5QH4ktWZk0vBWriSpFkJCjHkjij464HPIFBdb0_mF00gRqGOfWXtlI3jEw-QXsq1Z0MAHdgY2Gz1Fsp0Tlm3MrMBJzB2vdDFA3V5dP4Y44O71B6JRM2ALKAbbaMHDnyqLNQqYGnRNiPMa6alqVjI8bsff1ao7H-fLIdDd0cX23ew15J0aHUil0jKAUoDBhZBQWDSzRpVAfsf-xd0enuenEEr1BQOB2zERNpted8-kePiUWwVzcBVUI_pGOxrvq0qYoHNpYRGs5cOEq0YSsEat8_2ugxf65Q1jrw4Tr_zKNNNLntQhWWIaNfuaowBhuh-l1q5qjsVjEL6gkJtdKPDQgR33lNzEIKdfFo9Nlb2QC_j5oSsrTDmSgT0itY_0f3JIuHnxlq9WsQhu91H9SIdumpxjIA5rrlP6UQyRICLeaHtL3aGegnE6OCgT4pP_5QvhDfD8ttQdI9Q8X2bnqsFMYLkC0Z-j-utv86kMXDHk8RJN2c3Kho62Rm7c-UTza84-dCYKBzk4CFMyYpPZGyoZmn9uMXueD4H0ob4748vOZJyaVHv3wwywW8LzFUK9LKEUkPGG37P_LA7BErd3vOXzSctpW6B6A_qHuOfZ_wRNWlUEGpyhC6R8HnVXqQwAtI_AjfJes7JXXLlJb5Ew93wJYKW7pEYvtRW5iBaxr-n5udCxDQv3VOSTVb8JCsAUb03etXQphTn5SJY46bMC5R7iTyY41B-qL3O_6Pzv_ezll3pI_oyk9JIcaxSjqvlgulWlWvy4hbMDCkovbi79DopnbI7vUn9W4cBHowFPReSK7s4npsHHFKo3hehngaIjXQkFFo1_VyPWIPMhd4_YFlNAP4GqzrQkTrATY3XXY9zE9HWr7lXRJYwLkILkbn2v6RMGHuPdAFWZBjqje7rk8up48h_Y46IOSytA2cx0OmO8Q7BKUYZoHW9w9jjHqviWXCC0THD-L4EV8q3DtWg_Hcp4uNz4f_pvueCeqNrpyDj-0TKdzNDmZFU1XB7CDHcMAj9y68h9L_7xLzDEp2A-Yz30CzDBD31rmu4tZskYYbZVZNWnwa1rr8ZOJ_ySpLJunAOM0zVr_TsqZl1VRRbfaAzvhRJuzu9MntDG1P0tfFi1YjfXlYjCW-jD3DtZ3nMcL3P5t_KXsjvd6F4bEeSro7lbYCUeihuXsDbjG_7LoIQkI8XFRfDCkeC6I_cLxWOqRIVamyNUWf2y8p-QJ0BSQlNowlzur-pYyqCP_C8C-uX48lDB7D-IcKya6mVOkrDrxcksAatX5buswEPGjowB-7Sr8KG8ppaV_LpcPdduLPnRs95RlST0YJrwIi61iKrD3RT4EmT-AOn9cHWXQA9jnfURpNhQQ2fmtAq-qGU8MB__roP0pgPgMsKp_j80XI0n27vpKK9erWEw_JMuMu2Mf4-Bo83JpphLG5QM2WFoP2zfMpGvzLA5BxQZazCzPEkSAcGL-PM6r63SyzE8fr31isjuBOn4MGpy04QDPkpyYaoHuRPVwdeIKXqC7m128kUQsa0geb_JQzo6ddAVv8mb0fDXcXV6RZGvcK37RYMw5B1Bx9S-DxgWibtfwQt9ACtDD46gkFztiRuYUbeRYl5bzlZZn7SxcTcr7RrjmjZZE4LeOjK6C4zJM4eQcI74n1oEEgL_69C88NNit9RQ_I5gaqsVwaHEwxJWdcbDt_hfavUe59J8zPW93rBl6s2Hvn9GkBdxxHiJuU3gYYxjp76-UJy43x0d8CYQBmQ2Ne6olMT6XlZrklUWLlIiXBpynhSdZIJw7rHJ__ut_JzNlKOFqoMLeAeHu_pB2WOr07G24GVDPzaKfUiyFZCWfqSzXn9-cCQCerKgsFdo-f05M-6PZWQkMWS4tBgg-gmq2cSha-NLatOCIF3lGUOP4M5xvENIXsOp69Q0p76OTKMEc2B0DkVwVpWomw1WvH6W4Wd3jZUZGQqQ2ex3nncrUykqdFv04stEI1xDBYcHUZnlmUyJrES8YVX5hb7wfGYiEDRaJlBCTNZ2pJPNHNry4yuXGxYXREtMdrYnyLUvK-_0I8hPXkh65TW8fXy1UO9VkftsBjzDR55-iEf9tlKTvuoIMxfyN8smElzFYWlghqsN0wueECZ_4qQdLMjgZzFbtJeCAIQLP93J7pFj5s8MA979fnjOhd7cSQR5CGS_NmMXqgcOH8NAAsJJuV2UlXckf2zzQzB30qmnACT13VDN6VqjpgjTWKtVKyx5U-ez8HOYcw3HQEoMvDqSVswxXQwIO3PysopJMnEak2bPkIzXYXgbvP9dv8iKncShkXfHO4y_TWf-sne5GBU-DKOsO1hUnbGIGsf9dlm04_QXpsObKD7XTjNhCjZtZ2fL_BhBTYv_zqaULU502xhcmddmvFx8Z3ait8iFC7Rf5gRlJmw7TnP69oI66Z9ABiKsceGm2wJugtIqSjeV5EWCNbhRVTzOHDjkaMk2LzAvMujnH4a-xuPhsvL3GQgQ_5D6d2ZpZdEw205fD6Tpz8XZgorXKFyzOA3mtPKGvcO0lB9xQRqEYXvYIwi8CZhenpwcQ4EC5jwFH9sJtiU0aTnastm_Q6vB19yvIhTVEFPOb1TW0BdKYKZyBhCk_taHXSqmFmn1qXd77KG5u64mGx8z67HnQwujCijeTW5MK1ubLm90kJkPHS5Sq75eizuo_mueVi_RTRyMgJqx0txRF_PEPwsWy-gaAxmX6i4RBbU6yB8Fjv25LSNnj3YnylMv-j426WhgAJtHaGXOukbjv1xxL1A4QLAfbsbuvCksl8WxRLnIFMjg15llzcJEel2v2zPGseO0X1E-5eYi0oyeE-dpZK39pZFzujvzi2nSOWA6Cn1EL0OxA-lyoOIW6ZVtLD_-5SjigfyfB8k6ETD9XmqoJ4KX65MJPuWwYIlDsRXdhtIhHVo8PDPLn977XwJstKoLVbchn1XLNXv1t--O_rp8812HI_EkZulj7DQEC-EelCt1cqEbzBJqC7ftpisZu9TgMdbM8s_vhy7S_0O_G4SD58gU6-3ayhNgQ_tjy89yZXKeGC3EpvBDCELJSJqlcunDtnQPuBMLacFP-AHjN5u8RuhvapbjnrE5Fs_O__6FhvR43wWdkDfSo5QXB9oJ6KCW1sYVji6uG1GL5bKN7ruWoipEUy97Db_qjsX-PJH4lslGrtHsr4DAr1p3hrqJblBDjxllohpSCAQSTADUE5ymWz4jJpJ2vnMSFflfxZYxYSud4VfOA0k3mcJiaTlXzot2LnUfHZbVYb--f3rcLvlOxRc7pIAFqsr3-TevU5fnt95ruWWyCVYYAWAB&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-2444794068370795&ias_chanId=1&ias_placementId=18132950335&bidurl=https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gEfCswVKLbgTmkz_088_4d&adsafe_url=https%3A%2F%2Fwww.foregon.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.foregon.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6215a89e-db51-c8d4-4cda-a68721f7fd0b,c:4YPXnk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-597dfc9cc-zjs6r,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:twCGqml+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1135760-69474500%7C181%7C1821,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:26,oid:729cf8c6-b2e8-11ed-be7d-eebb50dc2583,v:19.8.396,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWNxtS6oej_8a29Y8PExH4pS_T1GmCwTS8503Bi8HV4A7XArvs&d=CokBAKAmf-AvVL9-s1y3FuQwmhN5V5_jqYHnWrvM-zMNUlFno8ERG2tx8Ti08gv2Nd1dfv5oFlEKZ2CWJlBt51qeiavA9_LxUm3RdYvUcQLBcUH7np2fpADJ6yRoITW8riMjLyDAsN3O6JG1R2LYKjnTctePM7fv1RP9x8tnqHEqtDfjteo41DVZEX4SyRQAoCZ_4KieX8OZSgU9KJCdvVotk3Dc6tbBLp7WdRQyrNcMpmf0dHkECg5xDh6TF2IZjzc43B58YmKUckrFiU306GuPISU72uvKrjPTbmTsvMlAhXVuZ6g1EbUG2aEpj053Ft09NFlpIq_pkYZTolB3-Rl-YqyS8lYYa018GQ17vQrFgkQabDtYNnUnoNMD3OO7eEwPXy6cwBS7R9pyX9AldG_o-COGcMF3IRYiZnVkrbxm5RPaQZtfGjEUxT3OZPHsfuBqcs0AEzFbr_WjhB9CwTyDIOAXQILP8DloLljphBU5QH4ktWZk0vBWriSpFkJCjHkjij464HPIFBdb0_mF00gRqGOfWXtlI3jEw-QXsq1Z0MAHdgY2Gz1Fsp0Tlm3MrMBJzB2vdDFA3V5dP4Y44O71B6JRM2ALKAbbaMHDnyqLNQqYGnRNiPMa6alqVjI8bsff1ao7H-fLIdDd0cX23ew15J0aHUil0jKAUoDBhZBQWDSzRpVAfsf-xd0enuenEEr1BQOB2zERNpted8-kePiUWwVzcBVUI_pGOxrvq0qYoHNpYRGs5cOEq0YSsEat8_2ugxf65Q1jrw4Tr_zKNNNLntQhWWIaNfuaowBhuh-l1q5qjsVjEL6gkJtdKPDQgR33lNzEIKdfFo9Nlb2QC_j5oSsrTDmSgT0itY_0f3JIuHnxlq9WsQhu91H9SIdumpxjIA5rrlP6UQyRICLeaHtL3aGegnE6OCgT4pP_5QvhDfD8ttQdI9Q8X2bnqsFMYLkC0Z-j-utv86kMXDHk8RJN2c3Kho62Rm7c-UTza84-dCYKBzk4CFMyYpPZGyoZmn9uMXueD4H0ob4748vOZJyaVHv3wwywW8LzFUK9LKEUkPGG37P_LA7BErd3vOXzSctpW6B6A_qHuOfZ_wRNWlUEGpyhC6R8HnVXqQwAtI_AjfJes7JXXLlJb5Ew93wJYKW7pEYvtRW5iBaxr-n5udCxDQv3VOSTVb8JCsAUb03etXQphTn5SJY46bMC5R7iTyY41B-qL3O_6Pzv_ezll3pI_oyk9JIcaxSjqvlgulWlWvy4hbMDCkovbi79DopnbI7vUn9W4cBHowFPReSK7s4npsHHFKo3hehngaIjXQkFFo1_VyPWIPMhd4_YFlNAP4GqzrQkTrATY3XXY9zE9HWr7lXRJYwLkILkbn2v6RMGHuPdAFWZBjqje7rk8up48h_Y46IOSytA2cx0OmO8Q7BKUYZoHW9w9jjHqviWXCC0THD-L4EV8q3DtWg_Hcp4uNz4f_pvueCeqNrpyDj-0TKdzNDmZFU1XB7CDHcMAj9y68h9L_7xLzDEp2A-Yz30CzDBD31rmu4tZskYYbZVZNWnwa1rr8ZOJ_ySpLJunAOM0zVr_TsqZl1VRRbfaAzvhRJuzu9MntDG1P0tfFi1YjfXlYjCW-jD3DtZ3nMcL3P5t_KXsjvd6F4bEeSro7lbYCUeihuXsDbjG_7LoIQkI8XFRfDCkeC6I_cLxWOqRIVamyNUWf2y8p-QJ0BSQlNowlzur-pYyqCP_C8C-uX48lDB7D-IcKya6mVOkrDrxcksAatX5buswEPGjowB-7Sr8KG8ppaV_LpcPdduLPnRs95RlST0YJrwIi61iKrD3RT4EmT-AOn9cHWXQA9jnfURpNhQQ2fmtAq-qGU8MB__roP0pgPgMsKp_j80XI0n27vpKK9erWEw_JMuMu2Mf4-Bo83JpphLG5QM2WFoP2zfMpGvzLA5BxQZazCzPEkSAcGL-PM6r63SyzE8fr31isjuBOn4MGpy04QDPkpyYaoHuRPVwdeIKXqC7m128kUQsa0geb_JQzo6ddAVv8mb0fDXcXV6RZGvcK37RYMw5B1Bx9S-DxgWibtfwQt9ACtDD46gkFztiRuYUbeRYl5bzlZZn7SxcTcr7RrjmjZZE4LeOjK6C4zJM4eQcI74n1oEEgL_69C88NNit9RQ_I5gaqsVwaHEwxJWdcbDt_hfavUe59J8zPW93rBl6s2Hvn9GkBdxxHiJuU3gYYxjp76-UJy43x0d8CYQBmQ2Ne6olMT6XlZrklUWLlIiXBpynhSdZIJw7rHJ__ut_JzNlKOFqoMLeAeHu_pB2WOr07G24GVDPzaKfUiyFZCWfqSzXn9-cCQCerKgsFdo-f05M-6PZWQkMWS4tBgg-gmq2cSha-NLatOCIF3lGUOP4M5xvENIXsOp69Q0p76OTKMEc2B0DkVwVpWomw1WvH6W4Wd3jZUZGQqQ2ex3nncrUykqdFv04stEI1xDBYcHUZnlmUyJrES8YVX5hb7wfGYiEDRaJlBCTNZ2pJPNHNry4yuXGxYXREtMdrYnyLUvK-_0I8hPXkh65TW8fXy1UO9VkftsBjzDR55-iEf9tlKTvuoIMxfyN8smElzFYWlghqsN0wueECZ_4qQdLMjgZzFbtJeCAIQLP93J7pFj5s8MA979fnjOhd7cSQR5CGS_NmMXqgcOH8NAAsJJuV2UlXckf2zzQzB30qmnACT13VDN6VqjpgjTWKtVKyx5U-ez8HOYcw3HQEoMvDqSVswxXQwIO3PysopJMnEak2bPkIzXYXgbvP9dv8iKncShkXfHO4y_TWf-sne5GBU-DKOsO1hUnbGIGsf9dlm04_QXpsObKD7XTjNhCjZtZ2fL_BhBTYv_zqaULU502xhcmddmvFx8Z3ait8iFC7Rf5gRlJmw7TnP69oI66Z9ABiKsceGm2wJugtIqSjeV5EWCNbhRVTzOHDjkaMk2LzAvMujnH4a-xuPhsvL3GQgQ_5D6d2ZpZdEw205fD6Tpz8XZgorXKFyzOA3mtPKGvcO0lB9xQRqEYXvYIwi8CZhenpwcQ4EC5jwFH9sJtiU0aTnastm_Q6vB19yvIhTVEFPOb1TW0BdKYKZyBhCk_taHXSqmFmn1qXd77KG5u64mGx8z67HnQwujCijeTW5MK1ubLm90kJkPHS5Sq75eizuo_mueVi_RTRyMgJqx0txRF_PEPwsWy-gaAxmX6i4RBbU6yB8Fjv25LSNnj3YnylMv-j426WhgAJtHaGXOukbjv1xxL1A4QLAfbsbuvCksl8WxRLnIFMjg15llzcJEel2v2zPGseO0X1E-5eYi0oyeE-dpZK39pZFzujvzi2nSOWA6Cn1EL0OxA-lyoOIW6ZVtLD_-5SjigfyfB8k6ETD9XmqoJ4KX65MJPuWwYIlDsRXdhtIhHVo8PDPLn977XwJstKoLVbchn1XLNXv1t--O_rp8812HI_EkZulj7DQEC-EelCt1cqEbzBJqC7ftpisZu9TgMdbM8s_vhy7S_0O_G4SD58gU6-3ayhNgQ_tjy89yZXKeGC3EpvBDCELJSJqlcunDtnQPuBMLacFP-AHjN5u8RuhvapbjnrE5Fs_O__6FhvR43wWdkDfSo5QXB9oJ6KCW1sYVji6uG1GL5bKN7ruWoipEUy97Db_qjsX-PJH4lslGrtHsr4DAr1p3hrqJblBDjxllohpSCAQSTADUE5ymWz4jJpJ2vnMSFflfxZYxYSud4VfOA0k3mcJiaTlXzot2LnUfHZbVYb--f3rcLvlOxRc7pIAFqsr3-TevU5fnt95ruWWyCVYYAWAB&bundleId=

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/	167 KB 48 KB	105ms 25ms	Document text/html	2600:9000:2057:1c00:4:c9a1:2a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:1c00:4:c9a1:2a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / blog Resource Hash d47805cd0e7ba5eaf8400f5e904dd3ac183be0d5e357bd36abf1828b79ef4c0f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 74164 content-encoding gzip content-type text/html; charset=utf-8 date Tue, 21 Feb 2023 23:02:08 GMT etag W/"29a4b-Dvf2/SEYV4+/ILxA38ua157nrlw" vary Accept-Encoding via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) x-amz-cf-id d083UjgXyqLkiK8Rht6D6MZ1q7xgdtWDZr-NZILB8Nc0yX64458mjw== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-powered-by blog
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	75 KB 26 KB	60ms 22ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 79e7d25576286ec9cc1761d1c5ca57eca22441ed99065345913def8b0d43256e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:12 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26471 x-xss-protection 0 server sffe etag "1491 / 718 of 1000 / last-modified: 1677088504" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 22 Feb 2023 19:38:12 GMT
GET H2	200	style.css www.foregon.com/static/blog/css/	107 KB 18 KB	14ms 14ms	Stylesheet text/css	2600:9000:2057:1c00:4:c9a1:2a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.foregon.com/static/blog/css/style.css?v=Feb10_1811 Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:1c00:4:c9a1:2a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Express Resource Hash 8505376d5dd9b89677d2a47eabca44fd3c672a80488f5cca2e3c5ee47b1db52a Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 18:04:15 GMT content-encoding br via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) last-modified Wed, 22 Feb 2023 17:14:25 GMT server CloudFront x-amz-cf-pop FRA6-C1 age 5636 x-powered-by Express etag W/"1acb8-1867a1e8168" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css; charset=UTF-8 cache-control public, max-age=0 x-amz-cf-id idhyWJcd2GHnfzOIBfKc-W4YR1iSewQv2vIjvp0926jp03OMJSFGVQ==
GET H2	200	0mej215191.css cdn.privacytools.com.br/public_api/banner/style/	9 KB 3 KB	75ms 18ms	Stylesheet text/css	2606:4700:20::681a:b5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.privacytools.com.br/public_api/banner/style/0mej215191.css?t=1 Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75ca3a72714106fdf040a115ac9e32c64a1a456e5c23a0d24e55bb748403292f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:12 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding br cf-cache-status HIT last-modified Wed, 22 Feb 2023 17:47:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6642 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdT%2B4c%2F0G49gByhZqCu1j07aoetwx1nqSpFxdiAnN6hDMxSS6BSk9xgZm%2BIPlWKy1sAf0haYAcqfJe7l8C8AR5Wx1Xptem%2F%2B6hsF8lL4z4%2FtCiOnQvSikVQ4atR4920z8dM62U0EgcXts0hS%2Bt5eolhgYCQ9"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 x-robots-tag noindex cf-ray 79da2e46db33bbec-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	polyfill.min.js Show response polyfill.io/v3/	101 B 653 B	43ms 22ms	Script text/javascript	2a04:4e42::282 FASTLY
General Check archive.org Show headers Download Go to Full URL https://polyfill.io/v3/polyfill.min.js?features=default,es5,es6,es7,IntersectionObserver,smoothscroll Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::282 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 22 Feb 2023 19:38:12 GMT age 26449 detected-user-agent Chrome/110.0.0 useragent_normaliser chrome/110.0.0 server-timing HIT-CLUSTER, fastly;desc="Edge time";dur=9 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 113 referrer-policy origin-when-cross-origin last-modified Wed, 22 Feb 2023 11:03:04 GMT vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=UTF-8 access-control-allow-origin * normalized-user-agent chrome/110.0.0 cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	main.js Show response www.foregon.com/static/blog/js/	45 KB 16 KB	13ms 13ms	Script application/javascript	2600:9000:2057:1c00:4:c9a1:2a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.foregon.com/static/blog/js/main.js?v=Feb10_1811 Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:1c00:4:c9a1:2a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Express Resource Hash 323117879534fbed85e8a6a670786c7bc5f947a8c0b72bbcffec4752260226bf Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 03:06:10 GMT content-encoding br via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) last-modified Fri, 10 Feb 2023 18:06:50 GMT server CloudFront x-amz-cf-pop FRA6-C1 age 59521 x-powered-by Express etag W/"b29d-1863c822e90" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 x-amz-cf-id gbytNnemI8GCG4ePkp2yk0_M_koamW8nw8y3ML3dr3AUYhO09iZMLQ==
GET H2	200	0mej215191.js Show response cdn.privacytools.com.br/public_api/banner/script/	116 KB 21 KB	56ms 23ms	Script text/javascript	2606:4700:20::681a:b5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.privacytools.com.br/public_api/banner/script/0mej215191.js?p=bottom&t=1 Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ebb6a19a771c9c511ce591c8549f192618b37bead0b0563bf2d6db28e112073 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:12 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding br cf-cache-status HIT last-modified Wed, 22 Feb 2023 18:19:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4717 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zkDWcniATIRPPxiQxvtslW%2FrJyj2uzbIRGs%2FNLcK%2BskbuoNh2y%2Fj0th3dRDjUAhcFvyGqevQiGZsNMOQNP9HFJfDg8jxpM5cRlqKioUa2vYHytVYhUa2o1xC8KXhWXRTRJULA7paSxf4Ap9ukLUyDlnAvaZ"}],"group":"cf-nel","max_age":604800} content-type text/javascript;charset=UTF-8 cache-control public, max-age=14400, s-maxage=86400, must-revalidate, proxy-revalidate x-robots-tag noindex cf-ray 79da2e46db39bbec-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 86a7743db9a51e7030bee92e08d84f305232787305c1b4524d1cea5d5c15d61d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET H2	206	score.mp4 www.foregon.com/static/blog/video/	18 KB 19 KB	17ms 16ms	Media video/mp4	2600:9000:2057:1c00:4:c9a1:2a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.foregon.com/static/blog/video/score.mp4 Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:1c00:4:c9a1:2a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Express Resource Hash 15f33b70194c091afddb6f2d6d500205198afdff1d8b8c6e4568fc4a4bd7c36b Request headers Referer https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Range bytes=0- Response headers date Wed, 22 Feb 2023 05:27:13 GMT via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 51058 x-powered-by Express x-cache Hit from cloudfront Content-Range bytes 0-18657/18658 Content-Length 18658 last-modified Fri, 10 Feb 2023 18:06:50 GMT server CloudFront etag W/"48e2-1863c822e90" vary Accept-Encoding content-type video/mp4 cache-control public, max-age=0 accept-ranges bytes x-amz-cf-id yFsXtvRavFMh1kSVw8kvG2k3jCZRp92EgfNA-JWxKaxT0auV6uhc5w==
GET DATA	200 OK	truncated /	131 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb6528470ef7249aa627c356b41aeee0a277aed8f1b8e71751b41ae6f0b4783d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4ee64e0ead5ad7c59189f5f5a3f3a3ec73e55123af13f9caba6d916bf89e9017 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 39a3ce41004c9c7aa985eb90d21b66a9603ba3487bca4a73c2abdfd5aeddc688 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8c5fcf0b11d6c0ed92eaf40874244897595de0ee756456f38c4df57c3b7bbeca Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET H2	200	optimize.js Show response www.googleoptimize.com/	111 KB 44 KB	64ms 20ms	Script application/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleoptimize.com/optimize.js?id=GTM-KRMZVF6 Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6323b5856c56b75b5b9f28903cd0af1337f795fe033061b0095076e3e979f6a4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44497 x-xss-protection 0 last-modified Wed, 22 Feb 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 22 Feb 2023 19:38:13 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	262 KB 85 KB	49ms 27ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-M757J5Z Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d1fa318f7f0fcd50a18300e51631e36b47f76794b0ae4b183824b42569a1cb69 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 86223 x-xss-protection 0 last-modified Wed, 22 Feb 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 22 Feb 2023 19:38:13 GMT
GET H2	200	foregon-256px-redatora-camila-silveira-e1610116219213.jpg www.foregon.com/blog/wp-content/uploads/2020/03/	4 KB 4 KB	23ms 23ms	Image image/jpeg	2600:9000:2057:1c00:4:c9a1:2a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.foregon.com/blog/wp-content/uploads/2020/03/foregon-256px-redatora-camila-silveira-e1610116219213.jpg Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:1c00:4:c9a1:2a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash 4fbe6bef3aa5c7fbf833fcde14009e1cdd2a7db327d404ffbc71f53b98a33c1f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:13 GMT via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) last-modified Fri, 08 Jan 2021 14:30:19 GMT server Apache x-amz-cf-pop FRA6-C1 age 16602 etag "f55-5b864654b6ea0" x-frame-options SAMEORIGIN x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 3925 x-amz-cf-id _Jpej7qN_li0ONnIBFDCvjm7q67fRof3ghFqTCuhEa-UEXl-iPDnPQ==
GET H2	200	postblog-page.0bf9a52832795298bd66.js Show response www.foregon.com/static/blog/js/	6 KB 3 KB	8ms 8ms	Script text/plain	2600:9000:2057:1c00:4:c9a1:2a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.foregon.com/static/blog/js/postblog-page.0bf9a52832795298bd66.js Requested by Host: www.foregon.com URL: https://www.foregon.com/static/blog/js/main.js?v=Feb10_1811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:1c00:4:c9a1:2a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2a1bdfdbaf67523716257e030518588e21afd9c033a5a8c894de8dd311685677 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 15:07:26 GMT content-encoding gzip via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) last-modified Tue, 21 Feb 2023 13:29:22 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 16248 x-amz-server-side-encryption AES256 etag W/"2d95ad7b8a3f097b597a642e8dae3455" vary Accept-Encoding x-cache Hit from cloudfront content-type text/plain; charset=utf-8 x-amz-cf-id hCCv9BQfwglg_AaJvIiKR4pNWx39IJHn6DbI48QHZg4Rbw1uYwGEFQ==
POST H2	200	log Show response www.foregon.com/api/v3/tracker/	17 B 505 B	440ms 440ms	Fetch application/json	2600:9000:2057:1c00:4:c9a1:2a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.foregon.com/api/v3/tracker/log Requested by Host: www.foregon.com URL: https://www.foregon.com/static/blog/js/main.js?v=Feb10_1811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:1c00:4:c9a1:2a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/json Response headers date Wed, 22 Feb 2023 19:38:13 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-dns-prefetch-control off x-cache Miss from cloudfront content-length 17 x-xss-protection 1; mode=block etag W/"11-UIVUdQWNarX1D9mk06okyEMbpS8" x-download-options noopen x-frame-options SAMEORIGIN vary X-HTTP-Method-Override, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * x-amz-cf-id WIC4oMu-9vsOGjK1SPMrMS5KsvYfsxtfVtzWCDQWoexRAm2O6aQDvg==
GET H2	200	pubads_impl_2023021601.js Show response securepubads.g.doubleclick.net/gpt/	382 KB 129 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 17:24:14 GMT content-encoding gzip x-content-type-options nosniff age 8039 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 132097 x-xss-protection 0 last-modified Thu, 16 Feb 2023 09:35:44 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 22 Feb 2024 17:24:14 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	94 B 93 B	56ms 41ms	XHR application/json	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.foregon.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3a15c75045d1238a6bc5e235edcd1330f0021a57a85c8a7dc3ec25d1dffa3e7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:13 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68 x-xss-protection 0 expires Wed, 22 Feb 2023 19:38:13 GMT
GET H2	200	sdk.js Show response analytics.tiktok.com/i18n/pixel/	7 KB 3 KB	290ms 124ms	Script application/javascript	2.16.186.193 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=CD2NLMRC77U35BVUNL20 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M757J5Z Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-193.deploy.static.akamaitechnologies.com Software nginx / Resource Hash cd620ff92407355615d2df62e603c6113086039dc00b4252c8e0ff1f7e705ff9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-akamai-request-id 1584b78d.6435319 date Wed, 22 Feb 2023 19:38:13 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a2-16-186-189.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-) x-parent-response-time 94,2.16.186.189 server-timing cdn-cache; desc=MISS, edge; dur=89, origin; dur=5, inner; dur=3 content-length 2087 pragma no-cache server nginx x-tt-logid 20230222193813AF06840B02486C7B99C6 x-cache-remote TCP_MISS from a23-32-16-68.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 5,23.32.16.68 x-tt-trace-host 01a9157ef8d2d1ac5da2c6646c00015ff8b98e6c574cf4c0cc7a82ec66cebc3bb98ff44721ce87d3d5dbcdd2274fed8298e528b300b5ca5cb7c47d8dd1fbbb8f2e413b1040ce5d740ad2b942d98551297bac0360d6d8165c947694748adb9bc7302d896f9203b7f6ed3ffaa533a10616d2 expires Wed, 22 Feb 2023 19:38:13 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	110 KB 43 KB	19ms 18ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-644185-4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M757J5Z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 54cf6629139f2ea9d8cb829d3ca49908e6430077eb8761637163c4d21c8d8bc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44076 x-xss-protection 0 last-modified Wed, 22 Feb 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 22 Feb 2023 19:38:13 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	211 KB 74 KB	22ms 21ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-X5591DWC6R Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M757J5Z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d7db3812564f8ff1d606ea76248c7a2d053684e8d90ab24cb51b10f35f79ab37 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76052 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 22 Feb 2023 19:38:13 GMT
GET H2	200	eqkshb2puc Show response www.clarity.ms/tag/	933 B 1 KB	273ms 102ms	Script application/x-javascript	2620:1ec:48:1::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/eqkshb2puc Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7dfa552dd2dbec7320f992d35efb86237f6666c7575e4b8082c6af820a162edf Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers content-type application/x-javascript date Wed, 22 Feb 2023 19:38:13 GMT cache-control no-cache, no-store expires -1 x-azure-ref 0JW/2YwAAAACEm8TvRjlpR4vdSgsvu5p2RlJBMjMxMDUwNDIwMDA5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ== x-cache CONFIG_NOCACHE request-context appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 531 B	36ms 15ms	Script application/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.foregon.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:13 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	106ms 43ms	Script application/javascript	2a00:1450:400d:805::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.foregon.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:13 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	27 KB 10 KB	947ms 947ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1376429943478330&correlator=4044463000631107&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fifs&iu_parts=21718676419%2Cfgn-d-incontent-blog%2Cicd1-blog&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280%7C300x250&ifi=1&adks=1639472916&sfv=1-0-40&cust_params=fg_project%3Dblog%26Pagina%3Dblog-post%26userLogado%3Dn%26utm-source%3Doutros%26url-blog%3D%252Fblog%252Fbradesco-exclusive-e-prime-quais-s%26advertiser%3Dforegon&sc=1&cookie_enabled=1&abxe=1&dt=1677094693172&lmt=1677094693&dlt=1677094692878&idt=260&adxs=424&adys=479&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.foregon.com%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&frm=20&vis=1&psz=808x328&msz=336x250&fws=0&ohw=0&ga_vid=236445490.1677094693&ga_sid=1677094693&ga_hid=2030150786&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f1c5eb4d7b9e4c0f0c358fe6470e1301f9aa00d4957be8f950b2f95ed14db02b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:14 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9780 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.foregon.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	185 KB 48 KB	1978ms 1977ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1376429943478330&correlator=4044463000631107&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fifs&iu_parts=21718676419%2Cforegon_interstitial-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=1x1%2C1x1&ifi=2&adks=1290073365%2C2681002525&sfv=1-0-40&ists=2&fas=8%2C0&cust_params=fg_project%3Dblog%26Pagina%3Dblog-post%26userLogado%3Dn%26utm-source%3Doutros%26url-blog%3D%252Fblog%252Fbradesco-exclusive-e-prime-quais-s%26advertiser%3Dforegon%26fg_prod_client%3Dnull%26fg_prod_type%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1677094693179&lmt=1677094693&dlt=1677094692878&idt=260&adxs=-9%2C0&adys=-9%2C9537&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.foregon.com%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&frm=20&vis=1&psz=0x-1%7C1600x9537&msz=0x-1%7C1x-1&fws=2%2C0&ohw=0%2C0&ga_vid=236445490.1677094693&ga_sid=1677094693&ga_hid=2030150786&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3336f0f1ceac33cfb0a1d68de0290a5f4141b366f3804e8c6d5734a7e07b6aca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:15 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49015 x-xss-protection 0 google-lineitem-id -1,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -1,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.foregon.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E8B	6 KB 3 KB	67ms 16ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.foregon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 22 Feb 2023 19:38:13 GMT expires Thu, 22 Feb 2024 19:38:13 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads_2023021601.js Show response securepubads.g.doubleclick.net/gpt/	37 KB 13 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023021601.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bcbdc607d96d0e270c95c1d24daf1fb64fb62a5e5f45ecb0972b2b68645e594c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 11:27:37 GMT content-encoding gzip x-content-type-options nosniff age 115836 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13785 x-xss-protection 0 last-modified Thu, 16 Feb 2023 09:35:44 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 21 Feb 2024 11:27:37 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	28ms 6ms	Script text/javascript	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-644185-4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 22 Feb 2023 18:14:50 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 5003 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Wed, 22 Feb 2023 20:14:50 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 254 B	39ms 13ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-X5591DWC6R&gtm=45je32f0&_p=2030150786&cid=236445490.1677094693&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677094693&sct=1&seg=0&dl=https%3A%2F%2Fwww.foregon.com%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&dt=Bradesco%20Exclusive%20ou%20Prime%3A%20Qual%20o%20Melhor%20Segmento%3F%20%7C%20Foregon&en=page_view&_fv=1&_ss=1&_ee=1&ep.page_path=%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-X5591DWC6R Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:13 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.foregon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	beneficiosprimeexclusivebradesco-1024x576.jpeg www.foregon.com/blog/wp-content/uploads/2020/03/	84 KB 84 KB	229ms 229ms	Image image/jpeg	2600:9000:2057:1c00:4:c9a1:2a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.foregon.com/blog/wp-content/uploads/2020/03/beneficiosprimeexclusivebradesco-1024x576.jpeg Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:1c00:4:c9a1:2a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash 45e912c0cb57531771d4079414c758331a6b8818a720fd9c9d495c344a2643e5 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:13 GMT via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) last-modified Mon, 30 Mar 2020 17:00:10 GMT server Apache x-amz-cf-pop FRA6-C1 etag "14e2c-5a2156248dae0" x-frame-options SAMEORIGIN x-cache RefreshHit from cloudfront content-type image/jpeg cache-control s-maxage=10 accept-ranges bytes content-length 85548 x-amz-cf-id 8AKZnFENGNVMZgkgp7p-xYeU1Y7e3cAT8a-k5mdbaW3HpFUyARqJ8w==
GET H/1.1	200 OK	bradesco.png s3.sa-east-1.amazonaws.com/static.foregon.com/foregon-front/products/	2 KB 3 KB	738ms 326ms	Image image/png	52.95.165.78 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.sa-east-1.amazonaws.com/static.foregon.com/foregon-front/products/bradesco.png Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.165.78 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS s3-sa-east-1.amazonaws.com Software AmazonS3 / Resource Hash 1b1802976650d08b1478c378c85e3a95e1f8d880cd39627f6ecee7b43d8220ef Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Wed, 22 Feb 2023 19:38:14 GMT Last-Modified Wed, 14 Oct 2020 18:37:49 GMT Server AmazonS3 x-amz-request-id 73F62CVAAJCFX3KY ETag "0f1f9c2eb14d199408c580ebbd2a81cd" Content-Type image/png Cache-Control max-age=604800 Accept-Ranges bytes Content-Length 2354 x-amz-id-2 bptl2R3zpKyiiA3j/AUoUP8J9/36oA+udBu8ET9NLdwZIk7HcP7xvn7QrqGhuQbPl497dG1xWA0=
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 207 B	14ms 13ms	XHR text/plain	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2030150786&t=pageview&_s=1&dl=https%3A%2F%2Fwww.foregon.com%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&dp=%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&ul=en-us&de=UTF-8&dt=Bradesco%20Exclusive%20ou%20Prime%3A%20Qual%20o%20Melhor%20Segmento%3F%20%7C%20Foregon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=294473978&gjid=1564244290&cid=236445490.1677094693&tid=UA-644185-4&_gid=1668408195.1677094693&_r=1&gtm=457e32f0&z=1287430868 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.foregon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.foregon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 349 B	59ms 19ms	XHR text/plain	2a00:1450:400c:c0c::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-644185-4&cid=236445490.1677094693&jid=294473978&gjid=1564244290&_gid=1668408195.1677094693&_u=YADAAUAAAAAAACAAI~&z=1119913756 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.foregon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 22 Feb 2023 19:38:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.foregon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	53ms 31ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-644185-4&cid=236445490.1677094693&jid=294473978&_u=YADAAUAAAAAAACAAI~&z=180505898 Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:13 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	123ms 61ms	Image image/gif	2a00:1450:400d:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-644185-4&cid=236445490.1677094693&jid=294473978&_u=YADAAUAAAAAAACAAI~&z=180505898 Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:13 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	clarity.js Show response www.clarity.ms/eus2-c/s/0.7.2/	56 KB 19 KB	9ms 9ms	Script application/javascript	2620:1ec:48:1::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/eus2-c/s/0.7.2/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/eqkshb2puc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:13 GMT content-encoding br last-modified Wed, 01 Jun 2022 12:22:22 GMT server Microsoft-IIS/10.0 x-azure-ref-originshield 0Gjr2YwAAAABnXxTK5Bw/S7wcmaPf/3mBRlJBMjMxMDUwNDE4MDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ== etag "1d945f04b2f8f1c" x-azure-ref 0JW/2YwAAAACch+HxNR2mQrO44RAdUPXNRlJBMjMxMDUwNDIwMDA5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ== x-cache TCP_HIT content-type application/javascript;charset=utf-8 cache-control public,max-age=86400 accept-ranges bytes request-context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
GET H2	200	main.MTE3ZGZjMmFkMQ.js Show response analytics.tiktok.com/i18n/pixel/static/	252 KB 67 KB	29ms 29ms	Script application/javascript	2.16.186.193 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=CD2NLMRC77U35BVUNL20 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-193.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 4d9074e3fda26a28e6500d3a1cbaa23bddaecd66d2e6129d850f3cdc40884906 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-akamai-request-id 64353a6 date Wed, 22 Feb 2023 19:38:13 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 2023022114532982596A89A4F154ED371B vary Accept-Encoding x-cache TCP_HIT from a2-16-186-189.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 013c8fc40dc5a434ee948d80ce89ebd5b1c3f80aa021e4212fb04ab8903828c53e5025698b1dbeb4b3906831a8c4bcc3da68c228615acafd3b08134d71b10f61b571e6da602259d4d4e0ee61439add026b8c7f2047853a116558a20b1085879c16 server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=4 content-length 68287
GET H2	200	identify_cab4d.js Show response analytics.tiktok.com/i18n/pixel/static/	114 KB 31 KB	30ms 29ms	Script application/javascript	2.16.186.193 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-193.deploy.static.akamaitechnologies.com Software nginx / Resource Hash cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-akamai-request-id 6435416 date Wed, 22 Feb 2023 19:38:13 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 2023022114532982596A89A4F154ED3773 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-16-186-189.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 013c8fc40dc5a434ee948d80ce89ebd5b1c3f80aa021e4212fb04ab8903828c53e5025698b1dbeb4b3906831a8c4bcc3da68c228615acafd3b08134d71b10f61b571e6da602259d4d4e0ee61439add026b8c7f2047853a116558a20b1085879c16 server-timing cdn-cache; desc=HIT, edge; dur=1, inner; dur=1 content-length 30986
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 690 B	136ms 136ms	Ping text/plain	2.16.186.193 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-193.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.foregon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 5bcf641.6435459 date Wed, 22 Feb 2023 19:38:13 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a2-16-186-189.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-) x-parent-response-time 103,2.16.186.189 server-timing cdn-cache; desc=MISS, edge; dur=92, origin; dur=16, inner; dur=14 content-length 0 pragma no-cache server nginx x-tt-logid 20230222193813044AE8414304A0441D7E x-cache-remote TCP_MISS from a23-217-116-221.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-) access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 17,23.217.116.221 x-tt-trace-host 01a9157ef8d2d1ac5da2c6646c00015ff8b98e6c574cf4c0cc7a82ec66cebc3bb92bb0a3f3b671a7f909b48f7455596920cc3369c5bce53e80a6c6a02f7fecf17d14d89375e256a6be87058fb9c9d469700fd92abc986004e2e00923e765c41b05d2ec84dc16466abeba07cb189accb539 expires Wed, 22 Feb 2023 19:38:13 GMT
POST H2	204	collect Show response i.clarity.ms/	0 164 B	643ms 294ms	XHR text/plain	52.167.85.21 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://i.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/eus2-c/s/0.7.2/clarity.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://www.foregon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-origin https://www.foregon.com date Wed, 22 Feb 2023 19:38:13 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 vary Origin request-context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
GET H3	200	0mej215191.html Show response cdn.privacytools.com.br/public_api/banner/pop/	9 KB 3 KB	32ms 20ms	XHR text/plain	2606:4700:20::681a:b5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.privacytools.com.br/public_api/banner/pop/0mej215191.html?t=1&m=0&c=1,659,497,272,423 Requested by Host: cdn.privacytools.com.br URL: https://cdn.privacytools.com.br/public_api/banner/script/0mej215191.js?p=bottom&t=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:b5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36b22b16360648a551fe60328c6b0e63324a7dff4f1f6cb4a44b5dfca272aa3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:13 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 264875 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare etag W/"Wed Aug 03 00:28:33 GMT-03:00 2022" vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mFPNtGuya2LoS3At2UEgl9nb2%2BxY00qkNc6OBcQZLOQ8otZwZzvo1jV0U%2F45m1gmyEt8r0IfX19%2Ftl0AEK6fsF0wj7KxRBg0CtRiC%2FN0YNZ%2BWIibuApLv%2FsHYRAHOUYy%2BWDLlsm0W9xngzqLeR3wUWM8wzI"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=2678400 x-robots-tag noindex cf-ray 79da2e4ae93169a3-FRA
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	131ms 66ms	XHR application/json	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2abffbf305647d28f642d5a5d8edd2f63142da78e4c9edb48515cc2cac3e5f26 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:13 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11144 x-xss-protection 0
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7D3BDB33CAA44798B9290A866246BDEF&RedC=c.clarity.ms&MXFR=19B7B1A982976B8F3AB5A369869765C9 https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7D3BDB33CAA44798B9290A866246BDEF&MUID=1F90FB9646E9689320B9E956473B69EB	42 B 465 B	188ms 188ms	Image image/gif	20.205.115.81 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7D3BDB33CAA44798B9290A866246BDEF&MUID=1F90FB9646E9689320B9E956473B69EB Protocol H2 Server 20.205.115.81 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:14 GMT last-modified Fri, 17 Feb 2023 00:56:25 GMT server Microsoft-IIS/10.0 etag "625d0a86a42d91:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Wed, 22 Feb 2023 19:38:13 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: BB8E5D25EF0848BF87AD6B0AB3C6D6F5 Ref B: FRAEDGE2015 Ref C: 2023-02-22T19:38:14Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7D3BDB33CAA44798B9290A866246BDEF&MUID=1F90FB9646E9689320B9E956473B69EB cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 7ms	Image image/gif	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j99&a=2030150786&t=event&_s=2&dl=https%3A%2F%2Fwww.foregon.com%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&dp=%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&ul=en-us&de=UTF-8&dt=Bradesco%20Exclusive%20ou%20Prime%3A%20Qual%20o%20Melhor%20Segmento%3F%20%7C%20Foregon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=web-vitals&ea=TTFB&el=v3-1677094693036-6389441351864&ev=105&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=236445490.1677094693&tid=UA-644185-4&_gid=1668408195.1677094693&gtm=457e32f0&z=1000115279 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Tue, 21 Feb 2023 23:33:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 72304 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	106 KB 28 KB	28ms 13ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 22 Feb 2023 19:38:13 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27843 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug u32W+EuKD6BsdTHwgx7twHq2nc1bp8cPj03WD9OYCcutyS1LNZBjoS+tpxuTgYpbNzKhuZfGYiqCyx/a54GOPQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.foregon.com/blog/guia-completo-dos-bancos-tudo-o-que-voce-precisa-saber/	0 48 KB	22ms 22ms	Other text/html	2600:9000:2057:1c00:4:c9a1:2a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.foregon.com/blog/guia-completo-dos-bancos-tudo-o-que-voce-precisa-saber/ Requested by Host: www.foregon.com URL: https://www.foregon.com/static/blog/js/postblog-page.0bf9a52832795298bd66.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:1c00:4:c9a1:2a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / blog Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 10:47:41 GMT content-encoding gzip via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 31832 x-powered-by blog etag W/"29e85-guu3uSX8Y9Jt3b0XFSRA4VxGD8Y" vary Accept-Encoding x-cache Hit from cloudfront content-type text/html; charset=utf-8 x-amz-cf-id WRH0RjOMfcF_c8x29uvzpYh2vx0LVK6eNCBn0icebnyZhw_GSfIDsA==
GET H2	200	/ www.foregon.com/blog/indexadores-investimentos/	0 35 KB	22ms 22ms	Other text/html	2600:9000:2057:1c00:4:c9a1:2a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.foregon.com/blog/indexadores-investimentos/ Requested by Host: www.foregon.com URL: https://www.foregon.com/static/blog/js/postblog-page.0bf9a52832795298bd66.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:1c00:4:c9a1:2a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / blog Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 23:02:11 GMT content-encoding gzip via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 74161 x-powered-by blog etag W/"22f99-cPxkWaBG8ORGgvHRGlBmiqzec3g" vary Accept-Encoding x-cache Hit from cloudfront content-type text/html; charset=utf-8 x-amz-cf-id G8dIoZHKilXjKPSPPJnG2avfiM2seCMcZTLe0APjI94VFWCt-oD9aw==
GET H2	200	/ www.foregon.com/blog/acertar-tres-numeros-mega-da-virada-vale-premio/	0 34 KB	16ms 15ms	Other text/html	2600:9000:2057:1c00:4:c9a1:2a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.foregon.com/blog/acertar-tres-numeros-mega-da-virada-vale-premio/ Requested by Host: www.foregon.com URL: https://www.foregon.com/static/blog/js/postblog-page.0bf9a52832795298bd66.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:1c00:4:c9a1:2a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / blog Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 10:47:42 GMT content-encoding gzip via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 31831 x-powered-by blog etag W/"22567-Tx6MKSdZyDj0z/STx6xOTbBztF8" vary Accept-Encoding x-cache Hit from cloudfront content-type text/html; charset=utf-8 x-amz-cf-id v4mxeaRUhctbPkVu5iGEt8kKRBNlxz_mIuzrLEUWHHC7ikCAGRybGw==
GET H2	200	/ www.foregon.com/blog/loterias-caixa-conheca-como-funciona/	0 45 KB	29ms 29ms	Other text/html	2600:9000:2057:1c00:4:c9a1:2a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.foregon.com/blog/loterias-caixa-conheca-como-funciona/ Requested by Host: www.foregon.com URL: https://www.foregon.com/static/blog/js/postblog-page.0bf9a52832795298bd66.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:1c00:4:c9a1:2a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / blog Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 15:41:09 GMT content-encoding gzip via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 14224 x-powered-by blog etag W/"26311-pYKAh0ioijmDz251dnOF9RcRexA" vary Accept-Encoding x-cache Hit from cloudfront content-type text/html; charset=utf-8 x-amz-cf-id b4yPQRKsCN24g-SklsFxI14vmH8uuICMzMt5GYd0HdZvxrTFaW3yzQ==
GET H2	200	222097288395207 Show response connect.facebook.net/signals/config/	378 KB 109 KB	92ms 91ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/222097288395207?v=2.9.96&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 85b848d0ac3ba1dbfdbee7f6995147f06b69377d562c2aab99bd5ad11d8d24ad Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 22 Feb 2023 19:38:13 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug 57OeTW3AlHbVN7+3i2Tcpbm9fOEicekC2YfwtHSXHOZzSGe8Tobp502JyorSIB5QEf7M8+f7617lq/9tjZLciA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	41ms 19ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 22 Feb 2023 19:38:13 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	30ms 9ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=222097288395207&ev=PageView&dl=https%3A%2F%2Fwww.foregon.com%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&rl=&if=false&ts=1677094693764&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677094693763.1605649263&it=1677094693634&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 22 Feb 2023 19:38:13 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame AC48	13 KB 5 KB	9ms 7ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.foregon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 3474 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 22 Feb 2023 18:40:19 GMT expires Thu, 22 Feb 2024 18:40:19 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame CA47	783 B 971 B	26ms 25ms	Document text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash cfcbbbc20c4b5936d4202b13a3bd17d698f09a77a247ef5d494e1bdf93ec5a46 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-GwPbZb3p6xjeAyA7QKaqXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.foregon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 514 content-security-policy script-src 'report-sample' 'nonce-GwPbZb3p6xjeAyA7QKaqXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 22 Feb 2023 19:38:13 GMT expires Wed, 22 Feb 2023 19:38:13 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response pagead2.googlesyndication.com/bg/ Frame AC48	36 KB 14 KB	62ms 21ms	Script text/javascript	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 09:11:21 GMT content-encoding br x-content-type-options nosniff age 37612 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14233 x-xss-protection 0 last-modified Mon, 13 Feb 2023 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 22 Feb 2024 09:11:21 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame CA47	0 0	55ms 55ms	Image text/html	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021601&jk=1376429943478330&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame AC48	0 10 B	6ms 6ms	Image text/plain	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?_7Jgrw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:14 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	container.html Show response b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5536	6 KB 3 KB	9ms 8ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.foregon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 22 Feb 2023 19:38:13 GMT expires Thu, 22 Feb 2024 19:38:13 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 3901	624 B 827 B	82ms 47ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiF5tzgATAB&v=APEucNVTfB59Aj3OSFuC-svpbw1YxYQEREoUMSGfQD4aEwjU_Gg3rU8Xyqwl-LCE8-16duJoadLS3YsQ7xO9vJh0xFmuhXSh9nAhqVqMBx3GLCaNs99OaFrQEWTjwy8TQvEIKZljRQ2e1SdoocJq8BfxW-6LkdkQ1mbXX5iswvfZm3XPVGNj4R0 Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 22 Feb 2023 19:38:14 GMT expires Wed, 22 Feb 2023 19:38:14 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 5536	78 KB 27 KB	81ms 79ms	Script text/javascript	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:14 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27790 x-xss-protection 0 server cafe etag 3677590245327912432 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Wed, 22 Feb 2023 19:38:14 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5536	42 B 63 B	54ms 53ms	Image image/gif	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A_QvgFTjaMwdFtD9aWFhLyYy4tYdNY4rBCo2daVQIUh3Fz5PpUXaF9ZvAkDPkyZkfuvH3JrrCUajnruiGZi_bdZh_04RQ9m3u1LJnkHsTA-kwZTX8 Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5536	0 20 B	54ms 52ms	Image image/gif	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5421928201896270231&x=1&ct=76 Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adj Show response fw.adsafeprotected.com/rjss/bgd/1135760/69474500/xbbe/creative/ Frame 5536	250 KB 76 KB	195ms 39ms	Script application/javascript	54.217.61.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/bgd/1135760/69474500/xbbe/creative/adj?p=APEucNWNxtS6oej_8a29Y8PExH4pS_T1GmCwTS8503Bi8HV4A7XArvs&d=CokBAKAmf-AvVL9-s1y3FuQwmhN5V5_jqYHnWrvM-zMNUlFno8ERG2tx8Ti08gv2Nd1dfv5oFlEKZ2CWJlBt51qeiavA9_LxUm3RdYvUcQLBcUH7np2fpADJ6yRoITW8riMjLyDAsN3O6JG1R2LYKjnTctePM7fv1RP9x8tnqHEqtDfjteo41DVZEX4SyRQAoCZ_4KieX8OZSgU9KJCdvVotk3Dc6tbBLp7WdRQyrNcMpmf0dHkECg5xDh6TF2IZjzc43B58YmKUckrFiU306GuPISU72uvKrjPTbmTsvMlAhXVuZ6g1EbUG2aEpj053Ft09NFlpIq_pkYZTolB3-Rl-YqyS8lYYa018GQ17vQrFgkQabDtYNnUnoNMD3OO7eEwPXy6cwBS7R9pyX9AldG_o-COGcMF3IRYiZnVkrbxm5RPaQZtfGjEUxT3OZPHsfuBqcs0AEzFbr_WjhB9CwTyDIOAXQILP8DloLljphBU5QH4ktWZk0vBWriSpFkJCjHkjij464HPIFBdb0_mF00gRqGOfWXtlI3jEw-QXsq1Z0MAHdgY2Gz1Fsp0Tlm3MrMBJzB2vdDFA3V5dP4Y44O71B6JRM2ALKAbbaMHDnyqLNQqYGnRNiPMa6alqVjI8bsff1ao7H-fLIdDd0cX23ew15J0aHUil0jKAUoDBhZBQWDSzRpVAfsf-xd0enuenEEr1BQOB2zERNpted8-kePiUWwVzcBVUI_pGOxrvq0qYoHNpYRGs5cOEq0YSsEat8_2ugxf65Q1jrw4Tr_zKNNNLntQhWWIaNfuaowBhuh-l1q5qjsVjEL6gkJtdKPDQgR33lNzEIKdfFo9Nlb2QC_j5oSsrTDmSgT0itY_0f3JIuHnxlq9WsQhu91H9SIdumpxjIA5rrlP6UQyRICLeaHtL3aGegnE6OCgT4pP_5QvhDfD8ttQdI9Q8X2bnqsFMYLkC0Z-j-utv86kMXDHk8RJN2c3Kho62Rm7c-UTza84-dCYKBzk4CFMyYpPZGyoZmn9uMXueD4H0ob4748vOZJyaVHv3wwywW8LzFUK9LKEUkPGG37P_LA7BErd3vOXzSctpW6B6A_qHuOfZ_wRNWlUEGpyhC6R8HnVXqQwAtI_AjfJes7JXXLlJb5Ew93wJYKW7pEYvtRW5iBaxr-n5udCxDQv3VOSTVb8JCsAUb03etXQphTn5SJY46bMC5R7iTyY41B-qL3O_6Pzv_ezll3pI_oyk9JIcaxSjqvlgulWlWvy4hbMDCkovbi79DopnbI7vUn9W4cBHowFPReSK7s4npsHHFKo3hehngaIjXQkFFo1_VyPWIPMhd4_YFlNAP4GqzrQkTrATY3XXY9zE9HWr7lXRJYwLkILkbn2v6RMGHuPdAFWZBjqje7rk8up48h_Y46IOSytA2cx0OmO8Q7BKUYZoHW9w9jjHqviWXCC0THD-L4EV8q3DtWg_Hcp4uNz4f_pvueCeqNrpyDj-0TKdzNDmZFU1XB7CDHcMAj9y68h9L_7xLzDEp2A-Yz30CzDBD31rmu4tZskYYbZVZNWnwa1rr8ZOJ_ySpLJunAOM0zVr_TsqZl1VRRbfaAzvhRJuzu9MntDG1P0tfFi1YjfXlYjCW-jD3DtZ3nMcL3P5t_KXsjvd6F4bEeSro7lbYCUeihuXsDbjG_7LoIQkI8XFRfDCkeC6I_cLxWOqRIVamyNUWf2y8p-QJ0BSQlNowlzur-pYyqCP_C8C-uX48lDB7D-IcKya6mVOkrDrxcksAatX5buswEPGjowB-7Sr8KG8ppaV_LpcPdduLPnRs95RlST0YJrwIi61iKrD3RT4EmT-AOn9cHWXQA9jnfURpNhQQ2fmtAq-qGU8MB__roP0pgPgMsKp_j80XI0n27vpKK9erWEw_JMuMu2Mf4-Bo83JpphLG5QM2WFoP2zfMpGvzLA5BxQZazCzPEkSAcGL-PM6r63SyzE8fr31isjuBOn4MGpy04QDPkpyYaoHuRPVwdeIKXqC7m128kUQsa0geb_JQzo6ddAVv8mb0fDXcXV6RZGvcK37RYMw5B1Bx9S-DxgWibtfwQt9ACtDD46gkFztiRuYUbeRYl5bzlZZn7SxcTcr7RrjmjZZE4LeOjK6C4zJM4eQcI74n1oEEgL_69C88NNit9RQ_I5gaqsVwaHEwxJWdcbDt_hfavUe59J8zPW93rBl6s2Hvn9GkBdxxHiJuU3gYYxjp76-UJy43x0d8CYQBmQ2Ne6olMT6XlZrklUWLlIiXBpynhSdZIJw7rHJ__ut_JzNlKOFqoMLeAeHu_pB2WOr07G24GVDPzaKfUiyFZCWfqSzXn9-cCQCerKgsFdo-f05M-6PZWQkMWS4tBgg-gmq2cSha-NLatOCIF3lGUOP4M5xvENIXsOp69Q0p76OTKMEc2B0DkVwVpWomw1WvH6W4Wd3jZUZGQqQ2ex3nncrUykqdFv04stEI1xDBYcHUZnlmUyJrES8YVX5hb7wfGYiEDRaJlBCTNZ2pJPNHNry4yuXGxYXREtMdrYnyLUvK-_0I8hPXkh65TW8fXy1UO9VkftsBjzDR55-iEf9tlKTvuoIMxfyN8smElzFYWlghqsN0wueECZ_4qQdLMjgZzFbtJeCAIQLP93J7pFj5s8MA979fnjOhd7cSQR5CGS_NmMXqgcOH8NAAsJJuV2UlXckf2zzQzB30qmnACT13VDN6VqjpgjTWKtVKyx5U-ez8HOYcw3HQEoMvDqSVswxXQwIO3PysopJMnEak2bPkIzXYXgbvP9dv8iKncShkXfHO4y_TWf-sne5GBU-DKOsO1hUnbGIGsf9dlm04_QXpsObKD7XTjNhCjZtZ2fL_BhBTYv_zqaULU502xhcmddmvFx8Z3ait8iFC7Rf5gRlJmw7TnP69oI66Z9ABiKsceGm2wJugtIqSjeV5EWCNbhRVTzOHDjkaMk2LzAvMujnH4a-xuPhsvL3GQgQ_5D6d2ZpZdEw205fD6Tpz8XZgorXKFyzOA3mtPKGvcO0lB9xQRqEYXvYIwi8CZhenpwcQ4EC5jwFH9sJtiU0aTnastm_Q6vB19yvIhTVEFPOb1TW0BdKYKZyBhCk_taHXSqmFmn1qXd77KG5u64mGx8z67HnQwujCijeTW5MK1ubLm90kJkPHS5Sq75eizuo_mueVi_RTRyMgJqx0txRF_PEPwsWy-gaAxmX6i4RBbU6yB8Fjv25LSNnj3YnylMv-j426WhgAJtHaGXOukbjv1xxL1A4QLAfbsbuvCksl8WxRLnIFMjg15llzcJEel2v2zPGseO0X1E-5eYi0oyeE-dpZK39pZFzujvzi2nSOWA6Cn1EL0OxA-lyoOIW6ZVtLD_-5SjigfyfB8k6ETD9XmqoJ4KX65MJPuWwYIlDsRXdhtIhHVo8PDPLn977XwJstKoLVbchn1XLNXv1t--O_rp8812HI_EkZulj7DQEC-EelCt1cqEbzBJqC7ftpisZu9TgMdbM8s_vhy7S_0O_G4SD58gU6-3ayhNgQ_tjy89yZXKeGC3EpvBDCELJSJqlcunDtnQPuBMLacFP-AHjN5u8RuhvapbjnrE5Fs_O__6FhvR43wWdkDfSo5QXB9oJ6KCW1sYVji6uG1GL5bKN7ruWoipEUy97Db_qjsX-PJH4lslGrtHsr4DAr1p3hrqJblBDjxllohpSCAQSTADUE5ymWz4jJpJ2vnMSFflfxZYxYSud4VfOA0k3mcJiaTlXzot2LnUfHZbVYb--f3rcLvlOxRc7pIAFqsr3-TevU5fnt95ruWWyCVYYAWAB&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-2444794068370795&ias_chanId=1&ias_placementId=18132950335&bidurl=https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gEfCswVKLbgTmkz_088_4d Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.217.61.24 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-217-61-24.eu-west-1.compute.amazonaws.com Software / Resource Hash efe721aac03c56869756a47afd98a1cc9e93ef3228668607d18b46d732226dca Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:14 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 5536	3 KB 1 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 13:43:21 GMT content-encoding br x-content-type-options nosniff age 21293 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 08 Mar 2023 13:43:21 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 5536	20 KB 8 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 09:00:31 GMT content-encoding br x-content-type-options nosniff age 38263 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8274 x-xss-protection 0 server cafe etag 9471482037410804447 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 08 Mar 2023 09:00:31 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 5536	157 KB 48 KB	148ms 73ms	Script text/javascript	2a00:1450:400d:80a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:14 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49018 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1676996822105882" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 22 Feb 2023 19:38:14 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 3901 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBn5QuE1L_Nfo1yoFGFjLnI&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBn5QuE1L_Nfo1yoFGFjLnI&google_cver=1&C=1	43 B 632 B	10ms 7ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBn5QuE1L_Nfo1yoFGFjLnI&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiF5tzgATAB&v=APEucNVTfB59Aj3OSFuC-svpbw1YxYQEREoUMSGfQD4aEwjU_Gg3rU8Xyqwl-LCE8-16duJoadLS3YsQ7xO9vJh0xFmuhXSh9nAhqVqMBx3GLCaNs99OaFrQEWTjwy8TQvEIKZljRQ2e1SdoocJq8BfxW-6LkdkQ1mbXX5iswvfZm3XPVGNj4R0 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Feb 2023 19:38:14 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Wed, 22 Feb 2023 19:38:14 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=45&external_user_id=CAESEBn5QuE1L_Nfo1yoFGFjLnI&google_cver=1&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 3901 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-ZvJunU9EeQjDEu9lWWFgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBn5QuE1L_Nfo1yoFGFjLnI&google_cver=1	43 B 766 B	7ms 7ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBn5QuE1L_Nfo1yoFGFjLnI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiF5tzgATAB&v=APEucNVTfB59Aj3OSFuC-svpbw1YxYQEREoUMSGfQD4aEwjU_Gg3rU8Xyqwl-LCE8-16duJoadLS3YsQ7xO9vJh0xFmuhXSh9nAhqVqMBx3GLCaNs99OaFrQEWTjwy8TQvEIKZljRQ2e1SdoocJq8BfxW-6LkdkQ1mbXX5iswvfZm3XPVGNj4R0 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Feb 2023 19:38:14 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=497 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 22 Feb 2023 19:38:14 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBn5QuE1L_Nfo1yoFGFjLnI&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 3901 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESECjyjBJzVJ5RSVlw8R1NDVQ&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECjyjBJzVJ5RSVlw8R1NDVQ%26google_cver%3D1	43 B 1 KB	7ms 7ms	Image image/gif	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECjyjBJzVJ5RSVlw8R1NDVQ%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiF5tzgATAB&v=APEucNVTfB59Aj3OSFuC-svpbw1YxYQEREoUMSGfQD4aEwjU_Gg3rU8Xyqwl-LCE8-16duJoadLS3YsQ7xO9vJh0xFmuhXSh9nAhqVqMBx3GLCaNs99OaFrQEWTjwy8TQvEIKZljRQ2e1SdoocJq8BfxW-6LkdkQ1mbXX5iswvfZm3XPVGNj4R0 Protocol HTTP/1.1 Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Feb 2023 19:38:14 GMT AN-X-Request-Uuid 9c4ea74f-0c90-40f4-bce0-dc8db7285ca8 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 146.70.117.78; 146.70.117.78; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Wed, 22 Feb 2023 19:38:14 GMT AN-X-Request-Uuid fd01b366-c440-4de0-b65c-c4e74b86ea51 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECjyjBJzVJ5RSVlw8R1NDVQ%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 146.70.117.78; 146.70.117.78; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3901 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk4MTE1MjgzNzg2MTY3MzkyMA%3D%3D	170 B 188 B	18ms 18ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk4MTE1MjgzNzg2MTY3MzkyMA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiF5tzgATAB&v=APEucNVTfB59Aj3OSFuC-svpbw1YxYQEREoUMSGfQD4aEwjU_Gg3rU8Xyqwl-LCE8-16duJoadLS3YsQ7xO9vJh0xFmuhXSh9nAhqVqMBx3GLCaNs99OaFrQEWTjwy8TQvEIKZljRQ2e1SdoocJq8BfxW-6LkdkQ1mbXX5iswvfZm3XPVGNj4R0 Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Wed, 22 Feb 2023 19:38:14 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 146.70.117.78; 146.70.117.78; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid f72c7d78-5151-4fe0-9316-812c60930ac9 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk4MTE1MjgzNzg2MTY3MzkyMA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5536	0 20 B	53ms 53ms	Ping image/gif	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7132953405346&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5536	0 20 B	57ms 57ms	Ping image/gif	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7132953405346&version=m202301230201&ct=76&x=1&cor=5421928201896270000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 5536	15 KB 12 KB	46ms 45ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APBT-Yhp-d_J_qAZJCMzKkdunM-TedFnCPG8_ZGz8v3hgmXV9XOjk6CMTKv50LpcV_nuKEa-Q18nvxE5exBQm13OaGjhMzF2j187a3tiKaxTXuoUVloGek8iH-y1EDi-gdH1b-yS4OZDoonGI9lUGM-Fm5Sv45sFwp62b0b_XtvwvbsMk&cry=1&dbm_d=AKAmf-BRFe4tvkGURfvH30WSM_RCjyDJ2W09qewenaTIlBch2-BJYjawb6DFol-UXLqGxM-o-dJV0T25pmKrpNRJ5fLA8m3aO_l7wgK1Ishch0ucLFVkumJIIdiVUoaxdiv7PFs-Qwf_o24tDegzJR3Y8YIdR0kejmNgRi-fCqYI5vmopTIV2XSJo8OSHQgY3b4ti_DL8WuT6X6EOGOQ2Vd-dKQg2INwMsz3_IEvekSHaccS8GS5FD93UikqrcuwKWKV46NCPuYbfg8Lt4pO_DsMAl2JOCbJxnA8SeA8HYrhKHVi1B5unk9nd-RS7ru8YJFj-Sy6nqqD-l7xlK8BJzZ-BSxy5yq5YjnKFiB2LkxFESUo1PzDhKe26UZoSD0Tv7anJ33PqtiZPBAUdxufVmAGLGQxEFG7s7jol8_GCt_qPmZ8dUCLRmMve-c4GLALc38oJyA9PUFVrsTeSuatg5_cG1EWCcWIm5sLkAFrvyjRDnSpPA5Ius0b8zFRe3WWU7ErMT0sp8Yw63qll20rGtobrbKjExWvti1BouN5BDHJf0_xCy1_kay3-TVaydjpBwAw0hHjOpuXcVvUbpnVZwljAwuXnDTDkxRkSLFz53ANc1sdYxsx2Jj0vAby6aI3n2Lx8JMeYvOuP5S-eefFrcERIaPQnLNBYNtGTbIPdLEGpsT945d9d-lxv8gurq8ljkUPseeBGcQk7K4X1QkZATUcFC1z2IFw0nzVA48UpvpsMkWCby6R4OCPmhJXh0jtLBH6aqDSWyp-wRMcdT7UEsjtlOvmIwtXt3Tzu6IqoXzd7opIPIijqCYe_hH2TBGSrsA2Vgis99m9s6WRSQpJs3xF3T7g4L0y_fu86pWTVOzGM37S_sypoP92Odnk7mru1_01yoc6DJ-QCX41ZfNriQcJumBmDwySnYWcNhGi2kMfo-U7SwAxNQ5sJuTYeBUMkqVg657Ot-IYCaEvclh6V1YMnqmYYV-xSGLBca3QhQE99ubv5wHtknLoMUJ-DHl0LYKDJoXPJCyGiwgpAQzMsSftQXBW_CvNPWSnmnGcQFwC1r0ev3NDJFw6ffphBVoaAkgTKeuutRokS0YA9pJ7ju97NneIq1ZWkfIQxM1fK65BrL1szUL1Sxbu7y3VRo-mvcbyQ58LBUDEG5fiE3FA1PYxuP6EMIiZfP5oSDDFDs5M1SmpEjZYIZ3QH7kEN4oLa7_jChmAMVH0TjBBsDlX3CbrY2fpzobsUBIpX7DctNNTz-XJqmESfE8DS7UYI8l-K8VLnAntZwCWKfc6XECs7mwwIlqHbAvZ_cHFjN6aamnVf3wNk6L81lGEGjaw_XeKPFE00Sj1q13nTbYVN3LSPPeswEPaHD5rc5kIVRbVztFUbtKdsAaviIedx4_GR8jnruSMul3FM5CJwg0ml-ajo7weJYQFZDGFPR4CMiWdDuRETFjtdeFD223TP8EflQ-K3l3wKN0KD_iXGe8ZW6LWexXOKI6rwFD2wmEGEntfvNZ0_ZQiLZNqam8wAJ1yTBKXwTB6lco8XglIqO4Cfc_vWvAWi5yt_uQTVmaPyvs16625a-3jGthB4YLBycwk7hR62maM2zD-pX1CDrY492IqFNRDVnftqfJDgKis3WD4eTdnPQtD0MtR-_02NK79ea-C1XoNVxycMPZpG0rOGKm4qrzWK6YmkCU438nybw-I2GE1lIaX4qWh-xgg6Zt9SYbMEn7bNFnm0TYlFEOWBUyZUHsDz4nufkGvO2ttIcc5xDvzga4y0e3kZNi338TPUO_Wdmw6uiiI3AfbmfqQPZWy5_hkEWvK6ZI9xWyO0wnkixI5cGcknAW6w0LNPK5mAUUw3mGM-BPHn11es9JrH19pTeD1xaHBvUycPyPIETSV_EZuqj0O2S-If20MfM824dXcNVtQCtZJQWHme0jTz-LxgHGFmG4OgKX3ccheTzX8ARcQ1vS_gpGdsfBxBUpBENO9WoaJYC7vgLJd-wRI5uNoERVkjA0qsEPoq3YUJEQbn1k2etTHJMycFXeozkCTzHnmizdkfdyiiZsuBSShN9M_EWQQunRHJwVJKU6kMqoJxbPRiPmgdPK-h17K7R9_eHUt72Xp2q7A1VvtFkFp9QGH0pyqNieozHjWFVyUxs0ELuXWxFzLbrpfeZWARS-b_X2K1UCMLPXUYLY51L6DUMEqroGx2Km3TNoH4aiSYkOZUZ8sbqLZEAisORpkZQWxdcekvwywPvsyjCGU1uGYFv-D9IN4f3A5t18DkA3f2UbDBI9Ziu8mB5qXEGencqzlb2BmrIrvr4pW5mzwAeuCLrr6SEdBcb486UXm94AOyIShzu0XKq223E7VQtbNtXJ71hKndGOCSrSIslepLpZJ6uQVxCv0BexrBUnOifUOZGx-dXkTDVSWuHQWdh1CF6BVBP6ydIHDGY1SxG2fLUIIL-jk1Yqq4vXv1IkHQu5gImkmX1txh0DhFZIe7S4zPzrsmv0nDCsFUBs7hGgBnAakMyTc3Gq8zApo04lrdq0A6fIM5T0D6LyTUhIbNv9H4ZAaEEOGdLVr7Ob0_f_c3KkQGdXYF5zEf9ZcR2lhbfOZzR1nrCwjJX4IPhHpDMeY_1D_PfrAIbd6_gIHrMwoNv0VS488utDn58TkDWLrWgUkEKkmxYlRWPHo-JFncjMulmTmakkhp49V_gRYIfsIA4jlvckElTnCtPvi1MPOLs2tBqDmnhm0jmtU49x1oTRpZ4WpOCUc1ExV0nYJyJKyoaaPgY1EmZ91zfADblDYCvn0-Ze2eq9sUQ94v3m_mEUzTT3fDI8R8o538-m2J7omxMj5I13fIrPeyNC-rH1KU5sLp00e1Efo0_2GvUBt1UDVpM0AAuMgh3-Cpv2cLLon7b31B-SrGHOkhhUhf0SXijO6zvUzEjs4pUQkTy8Atg_r4NT3x5J7yOddUdoldLeuJHWB0q-ELy3RCD5a4ncFmSadRQKQMkR79VCj6vIJ7xfrPcvPr3PV0U22Ir3QT7wpp9mJ9VaBqvzKY5OuiRSp57lUYi3DVY0HP6EO80k4LBY&cid=CAQSTADUE5ymWz4jJpJ2vnMSFflfxZYxYSud4VfOA0k3mcJiaTlXzot2LnUfHZbVYb--f3rcLvlOxRc7pIAFqsr3-TevU5fnt95ruWWyCVYYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.foregon.com%2F&ds=l&xdt=1&iif=1&cor=5421928201896270000&adk=2857193498&idt=90&cac=0&dtd=7 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3e1abdf7997439ebaa7fed39558f989e0e07b2010f21cc90ee056863a05db852 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:14 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11606 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ Show response www.facebook.com/tr/ Frame B5F7	0 72 B	13ms 12ms	Document text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://www.foregon.com Referer https://www.foregon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://www.foregon.com alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Wed, 22 Feb 2023 19:38:14 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 5536	41 KB 15 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APBT-Yhp-d_J_qAZJCMzKkdunM-TedFnCPG8_ZGz8v3hgmXV9XOjk6CMTKv50LpcV_nuKEa-Q18nvxE5exBQm13OaGjhMzF2j187a3tiKaxTXuoUVloGek8iH-y1EDi-gdH1b-yS4OZDoonGI9lUGM-Fm5Sv45sFwp62b0b_XtvwvbsMk&cry=1&dbm_d=AKAmf-BRFe4tvkGURfvH30WSM_RCjyDJ2W09qewenaTIlBch2-BJYjawb6DFol-UXLqGxM-o-dJV0T25pmKrpNRJ5fLA8m3aO_l7wgK1Ishch0ucLFVkumJIIdiVUoaxdiv7PFs-Qwf_o24tDegzJR3Y8YIdR0kejmNgRi-fCqYI5vmopTIV2XSJo8OSHQgY3b4ti_DL8WuT6X6EOGOQ2Vd-dKQg2INwMsz3_IEvekSHaccS8GS5FD93UikqrcuwKWKV46NCPuYbfg8Lt4pO_DsMAl2JOCbJxnA8SeA8HYrhKHVi1B5unk9nd-RS7ru8YJFj-Sy6nqqD-l7xlK8BJzZ-BSxy5yq5YjnKFiB2LkxFESUo1PzDhKe26UZoSD0Tv7anJ33PqtiZPBAUdxufVmAGLGQxEFG7s7jol8_GCt_qPmZ8dUCLRmMve-c4GLALc38oJyA9PUFVrsTeSuatg5_cG1EWCcWIm5sLkAFrvyjRDnSpPA5Ius0b8zFRe3WWU7ErMT0sp8Yw63qll20rGtobrbKjExWvti1BouN5BDHJf0_xCy1_kay3-TVaydjpBwAw0hHjOpuXcVvUbpnVZwljAwuXnDTDkxRkSLFz53ANc1sdYxsx2Jj0vAby6aI3n2Lx8JMeYvOuP5S-eefFrcERIaPQnLNBYNtGTbIPdLEGpsT945d9d-lxv8gurq8ljkUPseeBGcQk7K4X1QkZATUcFC1z2IFw0nzVA48UpvpsMkWCby6R4OCPmhJXh0jtLBH6aqDSWyp-wRMcdT7UEsjtlOvmIwtXt3Tzu6IqoXzd7opIPIijqCYe_hH2TBGSrsA2Vgis99m9s6WRSQpJs3xF3T7g4L0y_fu86pWTVOzGM37S_sypoP92Odnk7mru1_01yoc6DJ-QCX41ZfNriQcJumBmDwySnYWcNhGi2kMfo-U7SwAxNQ5sJuTYeBUMkqVg657Ot-IYCaEvclh6V1YMnqmYYV-xSGLBca3QhQE99ubv5wHtknLoMUJ-DHl0LYKDJoXPJCyGiwgpAQzMsSftQXBW_CvNPWSnmnGcQFwC1r0ev3NDJFw6ffphBVoaAkgTKeuutRokS0YA9pJ7ju97NneIq1ZWkfIQxM1fK65BrL1szUL1Sxbu7y3VRo-mvcbyQ58LBUDEG5fiE3FA1PYxuP6EMIiZfP5oSDDFDs5M1SmpEjZYIZ3QH7kEN4oLa7_jChmAMVH0TjBBsDlX3CbrY2fpzobsUBIpX7DctNNTz-XJqmESfE8DS7UYI8l-K8VLnAntZwCWKfc6XECs7mwwIlqHbAvZ_cHFjN6aamnVf3wNk6L81lGEGjaw_XeKPFE00Sj1q13nTbYVN3LSPPeswEPaHD5rc5kIVRbVztFUbtKdsAaviIedx4_GR8jnruSMul3FM5CJwg0ml-ajo7weJYQFZDGFPR4CMiWdDuRETFjtdeFD223TP8EflQ-K3l3wKN0KD_iXGe8ZW6LWexXOKI6rwFD2wmEGEntfvNZ0_ZQiLZNqam8wAJ1yTBKXwTB6lco8XglIqO4Cfc_vWvAWi5yt_uQTVmaPyvs16625a-3jGthB4YLBycwk7hR62maM2zD-pX1CDrY492IqFNRDVnftqfJDgKis3WD4eTdnPQtD0MtR-_02NK79ea-C1XoNVxycMPZpG0rOGKm4qrzWK6YmkCU438nybw-I2GE1lIaX4qWh-xgg6Zt9SYbMEn7bNFnm0TYlFEOWBUyZUHsDz4nufkGvO2ttIcc5xDvzga4y0e3kZNi338TPUO_Wdmw6uiiI3AfbmfqQPZWy5_hkEWvK6ZI9xWyO0wnkixI5cGcknAW6w0LNPK5mAUUw3mGM-BPHn11es9JrH19pTeD1xaHBvUycPyPIETSV_EZuqj0O2S-If20MfM824dXcNVtQCtZJQWHme0jTz-LxgHGFmG4OgKX3ccheTzX8ARcQ1vS_gpGdsfBxBUpBENO9WoaJYC7vgLJd-wRI5uNoERVkjA0qsEPoq3YUJEQbn1k2etTHJMycFXeozkCTzHnmizdkfdyiiZsuBSShN9M_EWQQunRHJwVJKU6kMqoJxbPRiPmgdPK-h17K7R9_eHUt72Xp2q7A1VvtFkFp9QGH0pyqNieozHjWFVyUxs0ELuXWxFzLbrpfeZWARS-b_X2K1UCMLPXUYLY51L6DUMEqroGx2Km3TNoH4aiSYkOZUZ8sbqLZEAisORpkZQWxdcekvwywPvsyjCGU1uGYFv-D9IN4f3A5t18DkA3f2UbDBI9Ziu8mB5qXEGencqzlb2BmrIrvr4pW5mzwAeuCLrr6SEdBcb486UXm94AOyIShzu0XKq223E7VQtbNtXJ71hKndGOCSrSIslepLpZJ6uQVxCv0BexrBUnOifUOZGx-dXkTDVSWuHQWdh1CF6BVBP6ydIHDGY1SxG2fLUIIL-jk1Yqq4vXv1IkHQu5gImkmX1txh0DhFZIe7S4zPzrsmv0nDCsFUBs7hGgBnAakMyTc3Gq8zApo04lrdq0A6fIM5T0D6LyTUhIbNv9H4ZAaEEOGdLVr7Ob0_f_c3KkQGdXYF5zEf9ZcR2lhbfOZzR1nrCwjJX4IPhHpDMeY_1D_PfrAIbd6_gIHrMwoNv0VS488utDn58TkDWLrWgUkEKkmxYlRWPHo-JFncjMulmTmakkhp49V_gRYIfsIA4jlvckElTnCtPvi1MPOLs2tBqDmnhm0jmtU49x1oTRpZ4WpOCUc1ExV0nYJyJKyoaaPgY1EmZ91zfADblDYCvn0-Ze2eq9sUQ94v3m_mEUzTT3fDI8R8o538-m2J7omxMj5I13fIrPeyNC-rH1KU5sLp00e1Efo0_2GvUBt1UDVpM0AAuMgh3-Cpv2cLLon7b31B-SrGHOkhhUhf0SXijO6zvUzEjs4pUQkTy8Atg_r4NT3x5J7yOddUdoldLeuJHWB0q-ELy3RCD5a4ncFmSadRQKQMkR79VCj6vIJ7xfrPcvPr3PV0U22Ir3QT7wpp9mJ9VaBqvzKY5OuiRSp57lUYi3DVY0HP6EO80k4LBY&cid=CAQSTADUE5ymWz4jJpJ2vnMSFflfxZYxYSud4VfOA0k3mcJiaTlXzot2LnUfHZbVYb--f3rcLvlOxRc7pIAFqsr3-TevU5fnt95ruWWyCVYYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.foregon.com%2F&ds=l&xdt=1&iif=1&cor=5421928201896270000&adk=2857193498&idt=90&cac=0&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 13:42:53 GMT content-encoding gzip x-content-type-options nosniff age 194121 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 20 Feb 2024 13:42:53 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 4640	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 194121 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 20 Feb 2023 13:42:53 GMT expires Tue, 20 Feb 2024 13:42:53 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response pagead2.googlesyndication.com/bg/ Frame 4640	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 09:11:21 GMT content-encoding br x-content-type-options nosniff age 37613 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14233 x-xss-protection 0 last-modified Mon, 13 Feb 2023 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 22 Feb 2024 09:11:21 GMT
GET H2	200	adj Show response bid.g.doubleclick.net/xbbe/creative/ Frame 5536 Redirect Chain https://fw.adsafeprotected.com/rfw/bgd/1135760/69474500/xbbe/creative/adj?p=APEucNWNxtS6oej_8a29Y8PExH4pS_T1GmCwTS8503Bi8HV4A7XArvs&d=CokBAKAmf-AvVL9-s1y3FuQwmhN5V5_jqYHnWrvM-zMNUlFno8ERG2tx8Ti08gv... https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWNxtS6oej_8a29Y8PExH4pS_T1GmCwTS8503Bi8HV4A7XArvs&d=CokBAKAmf-AvVL9-s1y3FuQwmhN5V5_jqYHnWrvM-zMNUlFno8ERG2tx8Ti08gv2Nd1dfv5oFlEKZ2CWJlBt51qei...	65 KB 23 KB	106ms 43ms	Script text/javascript	142.250.27.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWNxtS6oej_8a29Y8PExH4pS_T1GmCwTS8503Bi8HV4A7XArvs&d=CokBAKAmf-AvVL9-s1y3FuQwmhN5V5_jqYHnWrvM-zMNUlFno8ERG2tx8Ti08gv2Nd1dfv5oFlEKZ2CWJlBt51qeiavA9_LxUm3RdYvUcQLBcUH7np2fpADJ6yRoITW8riMjLyDAsN3O6JG1R2LYKjnTctePM7fv1RP9x8tnqHEqtDfjteo41DVZEX4SyRQAoCZ_4KieX8OZSgU9KJCdvVotk3Dc6tbBLp7WdRQyrNcMpmf0dHkECg5xDh6TF2IZjzc43B58YmKUckrFiU306GuPISU72uvKrjPTbmTsvMlAhXVuZ6g1EbUG2aEpj053Ft09NFlpIq_pkYZTolB3-Rl-YqyS8lYYa018GQ17vQrFgkQabDtYNnUnoNMD3OO7eEwPXy6cwBS7R9pyX9AldG_o-COGcMF3IRYiZnVkrbxm5RPaQZtfGjEUxT3OZPHsfuBqcs0AEzFbr_WjhB9CwTyDIOAXQILP8DloLljphBU5QH4ktWZk0vBWriSpFkJCjHkjij464HPIFBdb0_mF00gRqGOfWXtlI3jEw-QXsq1Z0MAHdgY2Gz1Fsp0Tlm3MrMBJzB2vdDFA3V5dP4Y44O71B6JRM2ALKAbbaMHDnyqLNQqYGnRNiPMa6alqVjI8bsff1ao7H-fLIdDd0cX23ew15J0aHUil0jKAUoDBhZBQWDSzRpVAfsf-xd0enuenEEr1BQOB2zERNpted8-kePiUWwVzcBVUI_pGOxrvq0qYoHNpYRGs5cOEq0YSsEat8_2ugxf65Q1jrw4Tr_zKNNNLntQhWWIaNfuaowBhuh-l1q5qjsVjEL6gkJtdKPDQgR33lNzEIKdfFo9Nlb2QC_j5oSsrTDmSgT0itY_0f3JIuHnxlq9WsQhu91H9SIdumpxjIA5rrlP6UQyRICLeaHtL3aGegnE6OCgT4pP_5QvhDfD8ttQdI9Q8X2bnqsFMYLkC0Z-j-utv86kMXDHk8RJN2c3Kho62Rm7c-UTza84-dCYKBzk4CFMyYpPZGyoZmn9uMXueD4H0ob4748vOZJyaVHv3wwywW8LzFUK9LKEUkPGG37P_LA7BErd3vOXzSctpW6B6A_qHuOfZ_wRNWlUEGpyhC6R8HnVXqQwAtI_AjfJes7JXXLlJb5Ew93wJYKW7pEYvtRW5iBaxr-n5udCxDQv3VOSTVb8JCsAUb03etXQphTn5SJY46bMC5R7iTyY41B-qL3O_6Pzv_ezll3pI_oyk9JIcaxSjqvlgulWlWvy4hbMDCkovbi79DopnbI7vUn9W4cBHowFPReSK7s4npsHHFKo3hehngaIjXQkFFo1_VyPWIPMhd4_YFlNAP4GqzrQkTrATY3XXY9zE9HWr7lXRJYwLkILkbn2v6RMGHuPdAFWZBjqje7rk8up48h_Y46IOSytA2cx0OmO8Q7BKUYZoHW9w9jjHqviWXCC0THD-L4EV8q3DtWg_Hcp4uNz4f_pvueCeqNrpyDj-0TKdzNDmZFU1XB7CDHcMAj9y68h9L_7xLzDEp2A-Yz30CzDBD31rmu4tZskYYbZVZNWnwa1rr8ZOJ_ySpLJunAOM0zVr_TsqZl1VRRbfaAzvhRJuzu9MntDG1P0tfFi1YjfXlYjCW-jD3DtZ3nMcL3P5t_KXsjvd6F4bEeSro7lbYCUeihuXsDbjG_7LoIQkI8XFRfDCkeC6I_cLxWOqRIVamyNUWf2y8p-QJ0BSQlNowlzur-pYyqCP_C8C-uX48lDB7D-IcKya6mVOkrDrxcksAatX5buswEPGjowB-7Sr8KG8ppaV_LpcPdduLPnRs95RlST0YJrwIi61iKrD3RT4EmT-AOn9cHWXQA9jnfURpNhQQ2fmtAq-qGU8MB__roP0pgPgMsKp_j80XI0n27vpKK9erWEw_JMuMu2Mf4-Bo83JpphLG5QM2WFoP2zfMpGvzLA5BxQZazCzPEkSAcGL-PM6r63SyzE8fr31isjuBOn4MGpy04QDPkpyYaoHuRPVwdeIKXqC7m128kUQsa0geb_JQzo6ddAVv8mb0fDXcXV6RZGvcK37RYMw5B1Bx9S-DxgWibtfwQt9ACtDD46gkFztiRuYUbeRYl5bzlZZn7SxcTcr7RrjmjZZE4LeOjK6C4zJM4eQcI74n1oEEgL_69C88NNit9RQ_I5gaqsVwaHEwxJWdcbDt_hfavUe59J8zPW93rBl6s2Hvn9GkBdxxHiJuU3gYYxjp76-UJy43x0d8CYQBmQ2Ne6olMT6XlZrklUWLlIiXBpynhSdZIJw7rHJ__ut_JzNlKOFqoMLeAeHu_pB2WOr07G24GVDPzaKfUiyFZCWfqSzXn9-cCQCerKgsFdo-f05M-6PZWQkMWS4tBgg-gmq2cSha-NLatOCIF3lGUOP4M5xvENIXsOp69Q0p76OTKMEc2B0DkVwVpWomw1WvH6W4Wd3jZUZGQqQ2ex3nncrUykqdFv04stEI1xDBYcHUZnlmUyJrES8YVX5hb7wfGYiEDRaJlBCTNZ2pJPNHNry4yuXGxYXREtMdrYnyLUvK-_0I8hPXkh65TW8fXy1UO9VkftsBjzDR55-iEf9tlKTvuoIMxfyN8smElzFYWlghqsN0wueECZ_4qQdLMjgZzFbtJeCAIQLP93J7pFj5s8MA979fnjOhd7cSQR5CGS_NmMXqgcOH8NAAsJJuV2UlXckf2zzQzB30qmnACT13VDN6VqjpgjTWKtVKyx5U-ez8HOYcw3HQEoMvDqSVswxXQwIO3PysopJMnEak2bPkIzXYXgbvP9dv8iKncShkXfHO4y_TWf-sne5GBU-DKOsO1hUnbGIGsf9dlm04_QXpsObKD7XTjNhCjZtZ2fL_BhBTYv_zqaULU502xhcmddmvFx8Z3ait8iFC7Rf5gRlJmw7TnP69oI66Z9ABiKsceGm2wJugtIqSjeV5EWCNbhRVTzOHDjkaMk2LzAvMujnH4a-xuPhsvL3GQgQ_5D6d2ZpZdEw205fD6Tpz8XZgorXKFyzOA3mtPKGvcO0lB9xQRqEYXvYIwi8CZhenpwcQ4EC5jwFH9sJtiU0aTnastm_Q6vB19yvIhTVEFPOb1TW0BdKYKZyBhCk_taHXSqmFmn1qXd77KG5u64mGx8z67HnQwujCijeTW5MK1ubLm90kJkPHS5Sq75eizuo_mueVi_RTRyMgJqx0txRF_PEPwsWy-gaAxmX6i4RBbU6yB8Fjv25LSNnj3YnylMv-j426WhgAJtHaGXOukbjv1xxL1A4QLAfbsbuvCksl8WxRLnIFMjg15llzcJEel2v2zPGseO0X1E-5eYi0oyeE-dpZK39pZFzujvzi2nSOWA6Cn1EL0OxA-lyoOIW6ZVtLD_-5SjigfyfB8k6ETD9XmqoJ4KX65MJPuWwYIlDsRXdhtIhHVo8PDPLn977XwJstKoLVbchn1XLNXv1t--O_rp8812HI_EkZulj7DQEC-EelCt1cqEbzBJqC7ftpisZu9TgMdbM8s_vhy7S_0O_G4SD58gU6-3ayhNgQ_tjy89yZXKeGC3EpvBDCELJSJqlcunDtnQPuBMLacFP-AHjN5u8RuhvapbjnrE5Fs_O__6FhvR43wWdkDfSo5QXB9oJ6KCW1sYVji6uG1GL5bKN7ruWoipEUy97Db_qjsX-PJH4lslGrtHsr4DAr1p3hrqJblBDjxllohpSCAQSTADUE5ymWz4jJpJ2vnMSFflfxZYxYSud4VfOA0k3mcJiaTlXzot2LnUfHZbVYb--f3rcLvlOxRc7pIAFqsr3-TevU5fnt95ruWWyCVYYAWAB&bundleId= Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 142.250.27.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS ra-in-f157.1e100.net Software cafe / Resource Hash 80976058fa2d54e7ce282734a385271fc1d43e2e5db77a2428d7e81b218c43f3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:14 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23034 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 22 Feb 2023 19:38:14 GMT server nginx x-server-name app01.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWNxtS6oej_8a29Y8PExH4pS_T1GmCwTS8503Bi8HV4A7XArvs&d=CokBAKAmf-AvVL9-s1y3FuQwmhN5V5_jqYHnWrvM-zMNUlFno8ERG2tx8Ti08gv2Nd1dfv5oFlEKZ2CWJlBt51qeiavA9_LxUm3RdYvUcQLBcUH7np2fpADJ6yRoITW8riMjLyDAsN3O6JG1R2LYKjnTctePM7fv1RP9x8tnqHEqtDfjteo41DVZEX4SyRQAoCZ_4KieX8OZSgU9KJCdvVotk3Dc6tbBLp7WdRQyrNcMpmf0dHkECg5xDh6TF2IZjzc43B58YmKUckrFiU306GuPISU72uvKrjPTbmTsvMlAhXVuZ6g1EbUG2aEpj053Ft09NFlpIq_pkYZTolB3-Rl-YqyS8lYYa018GQ17vQrFgkQabDtYNnUnoNMD3OO7eEwPXy6cwBS7R9pyX9AldG_o-COGcMF3IRYiZnVkrbxm5RPaQZtfGjEUxT3OZPHsfuBqcs0AEzFbr_WjhB9CwTyDIOAXQILP8DloLljphBU5QH4ktWZk0vBWriSpFkJCjHkjij464HPIFBdb0_mF00gRqGOfWXtlI3jEw-QXsq1Z0MAHdgY2Gz1Fsp0Tlm3MrMBJzB2vdDFA3V5dP4Y44O71B6JRM2ALKAbbaMHDnyqLNQqYGnRNiPMa6alqVjI8bsff1ao7H-fLIdDd0cX23ew15J0aHUil0jKAUoDBhZBQWDSzRpVAfsf-xd0enuenEEr1BQOB2zERNpted8-kePiUWwVzcBVUI_pGOxrvq0qYoHNpYRGs5cOEq0YSsEat8_2ugxf65Q1jrw4Tr_zKNNNLntQhWWIaNfuaowBhuh-l1q5qjsVjEL6gkJtdKPDQgR33lNzEIKdfFo9Nlb2QC_j5oSsrTDmSgT0itY_0f3JIuHnxlq9WsQhu91H9SIdumpxjIA5rrlP6UQyRICLeaHtL3aGegnE6OCgT4pP_5QvhDfD8ttQdI9Q8X2bnqsFMYLkC0Z-j-utv86kMXDHk8RJN2c3Kho62Rm7c-UTza84-dCYKBzk4CFMyYpPZGyoZmn9uMXueD4H0ob4748vOZJyaVHv3wwywW8LzFUK9LKEUkPGG37P_LA7BErd3vOXzSctpW6B6A_qHuOfZ_wRNWlUEGpyhC6R8HnVXqQwAtI_AjfJes7JXXLlJb5Ew93wJYKW7pEYvtRW5iBaxr-n5udCxDQv3VOSTVb8JCsAUb03etXQphTn5SJY46bMC5R7iTyY41B-qL3O_6Pzv_ezll3pI_oyk9JIcaxSjqvlgulWlWvy4hbMDCkovbi79DopnbI7vUn9W4cBHowFPReSK7s4npsHHFKo3hehngaIjXQkFFo1_VyPWIPMhd4_YFlNAP4GqzrQkTrATY3XXY9zE9HWr7lXRJYwLkILkbn2v6RMGHuPdAFWZBjqje7rk8up48h_Y46IOSytA2cx0OmO8Q7BKUYZoHW9w9jjHqviWXCC0THD-L4EV8q3DtWg_Hcp4uNz4f_pvueCeqNrpyDj-0TKdzNDmZFU1XB7CDHcMAj9y68h9L_7xLzDEp2A-Yz30CzDBD31rmu4tZskYYbZVZNWnwa1rr8ZOJ_ySpLJunAOM0zVr_TsqZl1VRRbfaAzvhRJuzu9MntDG1P0tfFi1YjfXlYjCW-jD3DtZ3nMcL3P5t_KXsjvd6F4bEeSro7lbYCUeihuXsDbjG_7LoIQkI8XFRfDCkeC6I_cLxWOqRIVamyNUWf2y8p-QJ0BSQlNowlzur-pYyqCP_C8C-uX48lDB7D-IcKya6mVOkrDrxcksAatX5buswEPGjowB-7Sr8KG8ppaV_LpcPdduLPnRs95RlST0YJrwIi61iKrD3RT4EmT-AOn9cHWXQA9jnfURpNhQQ2fmtAq-qGU8MB__roP0pgPgMsKp_j80XI0n27vpKK9erWEw_JMuMu2Mf4-Bo83JpphLG5QM2WFoP2zfMpGvzLA5BxQZazCzPEkSAcGL-PM6r63SyzE8fr31isjuBOn4MGpy04QDPkpyYaoHuRPVwdeIKXqC7m128kUQsa0geb_JQzo6ddAVv8mb0fDXcXV6RZGvcK37RYMw5B1Bx9S-DxgWibtfwQt9ACtDD46gkFztiRuYUbeRYl5bzlZZn7SxcTcr7RrjmjZZE4LeOjK6C4zJM4eQcI74n1oEEgL_69C88NNit9RQ_I5gaqsVwaHEwxJWdcbDt_hfavUe59J8zPW93rBl6s2Hvn9GkBdxxHiJuU3gYYxjp76-UJy43x0d8CYQBmQ2Ne6olMT6XlZrklUWLlIiXBpynhSdZIJw7rHJ__ut_JzNlKOFqoMLeAeHu_pB2WOr07G24GVDPzaKfUiyFZCWfqSzXn9-cCQCerKgsFdo-f05M-6PZWQkMWS4tBgg-gmq2cSha-NLatOCIF3lGUOP4M5xvENIXsOp69Q0p76OTKMEc2B0DkVwVpWomw1WvH6W4Wd3jZUZGQqQ2ex3nncrUykqdFv04stEI1xDBYcHUZnlmUyJrES8YVX5hb7wfGYiEDRaJlBCTNZ2pJPNHNry4yuXGxYXREtMdrYnyLUvK-_0I8hPXkh65TW8fXy1UO9VkftsBjzDR55-iEf9tlKTvuoIMxfyN8smElzFYWlghqsN0wueECZ_4qQdLMjgZzFbtJeCAIQLP93J7pFj5s8MA979fnjOhd7cSQR5CGS_NmMXqgcOH8NAAsJJuV2UlXckf2zzQzB30qmnACT13VDN6VqjpgjTWKtVKyx5U-ez8HOYcw3HQEoMvDqSVswxXQwIO3PysopJMnEak2bPkIzXYXgbvP9dv8iKncShkXfHO4y_TWf-sne5GBU-DKOsO1hUnbGIGsf9dlm04_QXpsObKD7XTjNhCjZtZ2fL_BhBTYv_zqaULU502xhcmddmvFx8Z3ait8iFC7Rf5gRlJmw7TnP69oI66Z9ABiKsceGm2wJugtIqSjeV5EWCNbhRVTzOHDjkaMk2LzAvMujnH4a-xuPhsvL3GQgQ_5D6d2ZpZdEw205fD6Tpz8XZgorXKFyzOA3mtPKGvcO0lB9xQRqEYXvYIwi8CZhenpwcQ4EC5jwFH9sJtiU0aTnastm_Q6vB19yvIhTVEFPOb1TW0BdKYKZyBhCk_taHXSqmFmn1qXd77KG5u64mGx8z67HnQwujCijeTW5MK1ubLm90kJkPHS5Sq75eizuo_mueVi_RTRyMgJqx0txRF_PEPwsWy-gaAxmX6i4RBbU6yB8Fjv25LSNnj3YnylMv-j426WhgAJtHaGXOukbjv1xxL1A4QLAfbsbuvCksl8WxRLnIFMjg15llzcJEel2v2zPGseO0X1E-5eYi0oyeE-dpZK39pZFzujvzi2nSOWA6Cn1EL0OxA-lyoOIW6ZVtLD_-5SjigfyfB8k6ETD9XmqoJ4KX65MJPuWwYIlDsRXdhtIhHVo8PDPLn977XwJstKoLVbchn1XLNXv1t--O_rp8812HI_EkZulj7DQEC-EelCt1cqEbzBJqC7ftpisZu9TgMdbM8s_vhy7S_0O_G4SD58gU6-3ayhNgQ_tjy89yZXKeGC3EpvBDCELJSJqlcunDtnQPuBMLacFP-AHjN5u8RuhvapbjnrE5Fs_O__6FhvR43wWdkDfSo5QXB9oJ6KCW1sYVji6uG1GL5bKN7ruWoipEUy97Db_qjsX-PJH4lslGrtHsr4DAr1p3hrqJblBDjxllohpSCAQSTADUE5ymWz4jJpJ2vnMSFflfxZYxYSud4VfOA0k3mcJiaTlXzot2LnUfHZbVYb--f3rcLvlOxRc7pIAFqsr3-TevU5fnt95ruWWyCVYYAWAB&bundleId= cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame CA5A	91 KB 23 KB	54ms 7ms	Script application/javascript	2600:9000:214f:4c00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 21 Sep 2022 15:36:17 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 13320118 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id Yjq1mVZpJapgO4QQE8kokH09hoGV62L2GTMp-TH2J8BJQF79PQyGCA==
GET H2	200	dt dt.adsafeprotected.com/ Frame 5536	43 B 215 B	630ms 169ms	Image image/gif	2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=6215a89e-db51-c8d4-4cda-a68721f7fd0b&tv=%7Bc:4YPXnP,pingTime:-3,time:56,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:56,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B48~0%5D,as:%5B48~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:twCGqml+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1135760-69474500%7C181%7C1821,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:27%7D&br=c Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:15 GMT server nginx x-server-name dt09.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 5536	43 B 215 B	628ms 170ms	Image image/gif	2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=6215a89e-db51-c8d4-4cda-a68721f7fd0b&tv=%7Bc:4YPXnR,pingTime:-6,time:58,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:58,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:twCGqml+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1135760-69474500%7C181%7C1821,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:27%7D&tpiLookup=ao:www.foregon.com*&br=c Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:15 GMT server nginx x-server-name dt07.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 5536	43 B 215 B	616ms 170ms	Image image/gif	2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=6215a89e-db51-c8d4-4cda-a68721f7fd0b&tv=%7Bc:4YPXo3,pingTime:-2,time:70,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:289,beZ:291,mfA:294,cmA:295,inA:296,inZ:301,prA:301,prZ:308,si:315,poA:317,poZ:340,cmZ:340,mfZ:340,loA:347,loZ:350,ltA:359,ltZ:359%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:70,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:twCGqml+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1135760-69474500%7C181%7C1821,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:27,sinceFw:42,readyFired:false%7D&br=c Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:15 GMT server nginx x-server-name dt05.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4640	0 20 B	57ms 57ms	Image image/gif	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVXBXJm_2Y7mTEavG7_UPyM2W-AwAAAAAOAHgBAI&bg=!8vGl8aXNAAZYlHKzeJQ7ADkAdvg8WrTZ8d7GxAb6Hx4CRZ_Hw4FLA35vLKCJ-FWDgn_MJzTm-6wwprz4_ArJtltneAcZSQ7bwC8CAAAAj1IAAAACaAEHCgA0GDZZmkBcBT65iE7QAqw9mBvIaa2lmMlO-P3W8FZDR090XYDMGqjtXge7ALj65YsB3GRcUJkC8qkaMxmEsGkpeOfB1VEv3E1n-ZUqDh2OnaNRa_lYc3RH2MUATGx0LUHHiRm7NxOjUEe6-g-zvdX4KkmbpmQNudsvFcXkq0wQV9PhKpDLSPPVf5JwPVhBASvWzD7wCmkRe4su_oG3aNHxkB1dqs9VL14Nmw3lmHmvcuCI7ckJH5bcDR7E6FNiJbLWPOIK2lRe48Zj3Cs4YlfSXZRET8zlszhqanCcVNJdbSR00A61bCHlPH6FvfLfaS25sh3KXmCFmpRufCpEzc21RSC8cwmWzsLJZcxueKpQ-H6qoaYLzCqAOqNnLTwnboUlexQnLqEF7dGodeRBUTUC8ETC2FA4Tx3TgQy92w_k2zjczEclFXeGjks0E7VXtOvzmYgJ3JJUDZkehh-GfU93HRmOakClP-qHhegHL4BJWdSiSHqzWb6YUbJOV0g1rCnr_kk8Rr7bL4PfMwZCFZirdR5nNbxOhHR-F9-yMz9lc_bA0OG6ZcJ4-C1piq55hmKJ5cxbiHVFjm2dFElJWmCBc5ITO4Jh-8H8vOYOOfl-nmLBGQokcASIJxr1KkA6xdGWVXJMAGzaSZxFx-VZFpJIA4gMbWcThECsVpvdquPby26500AMKQRhMrALlX3Oi9i3UDJ5-Z1vb22F6Hbg2MJMQhUDt0EjPGGOGugmIkGgprUodcquJaLHqNFn0xeCYUNNOc6D6Pg4HdGZRHHMxv2Ym7yTHs43JYNj-kTKyxKUd29t_yDU1ktd5ynfiBh-uqzzx-HfAxJ3RB7YrJhM9NE5sIdicgO7hRFu30NiEm3kkGacjlHU6lw-mpQQN1eg5pNpQVku_OaiBPuv1NKb4jRF3E2y-z0rLGUaZj4AzJwjTB4wIGWZHJxf8Wcs-GmG8JqcNCWTskbZlprT6zf-zgcjDNhwswujrNXdJJE2AkBGqHwRkhbzr0pqUfMQqtz0vRDvYqVssXR9Sxpk4jy5nrV7TVhiIBsX_6U5io581zBg0PZoDt8fx5t2d7E Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	55ms 54ms	Image text/html	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021601&jk=1376429943478330&bg=!1Nel14PNAAZYlHKzeJQ7ADkAdvg8Wuw4fK7Q1MsBkzcxvZj61KV58B-vgTO_hnJ7W2h2jXPaorAKPUvSTvowxrD3-8IANlqcQusCAAAAblIAAAACaAEHCgDkKheFPDhSb2uQYsG0-rq7A6EdAAURRYAVwtBmPQ6Iut93YMB83Fv5T2o9snz3iN4xp8x2lUxI-Z-ipH60ANBVSefOYG1d9_B_fLqXP_PikYRss6gK-JYJQ41K2yogWv5j5E1i2616wBbRvRuXNGskqBFaoeljE-KVB_TgnW_ofavIZ68p_ImjMJqfeXuoDWMV6jamb2FurUqSZgD3BLDhqZ1pJcp2qWBZF9ka27qxrbiqxjWjMNRdWA7Q5_5VKEYw46LKD85iARSUgWOv2WCMKNu1uI98pFDAxN1GPokokCwRBEc3mQKUM2Tw9-C09ZbjebwXbRzqwpfCepz0IfxfKJ1bN4arp0R3GuAWZ_342Aki-QH-FdX_HrNGKNuT34MKa-PD9AjBTYEGK2AsJMZTyMpGqdYr77OkslHEnnY631NbfS0QBijnK5Iq2LHUsOnq56huZ05l09Nd8DpE3Di7nffHk7jQV0gdIChh6vH0GE9z754f30mZ2hOKA-u4hjmV6ynct-FcZH9RU8WXfxCKcSffV82kDPFFMEUuPsqY3sAyrkMF4aJaSNaIKJtLFvK0IZs4pJ3RVK7YM1wkca8x7L0Y3o4EncViovS37dMggLI6ArSZ596y9q3dY8fnd9zJITTRjdbu-ZQp9vSoZZIDG0l4dFL8hvjum4sk1qrcmP36Ecp5xUoQqnvLvJEL47mKYY-uy5rnLk9dzp1iARNVcBr_9eAoZn87uJJp6R682ZD7E8L58mOY2ykVqztVVqzmNLma8nVTgnbSM_V6lotFYxwAZxya6AQ8pm9gq2BycHCeAVzpAJKoVNdqd0I-TcY58J7FkDYTWyCiVDNnrjo193IPF64MGC6IaK7QLfpc1zs7V--fdkaaG-QIUdMc6PcOQK-mmB_u3FL0_3oGVx2Itd5xr70tbwOBqgnxsMnOXcf6IHZjTa4qOMKdOU7llgWTwc8lIdPcd0h5YRk6EmFsmLK_xpnlP6xfZi8s3DpwD5si8tuSSQGDPzfxYGUKMuv0e-bdNaitlouxjQy9uUyte0O-VKfm-E21QzZMPxlnVcFu4u3iaT940xIwnuru6_jBP3BUhc1WsK9R44uZxuTEXBU4mlez-h1AgiewO033KG6BuhF46u_VuZATgtFhL55QvjghB9gZvJK8z0exE-0lQWtqCZEC1YDbEazB Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers
POST H2	204	collect Show response i.clarity.ms/	0 48 B	98ms 98ms	XHR text/plain	52.167.85.21 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://i.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/eus2-c/s/0.7.2/clarity.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://www.foregon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-origin https://www.foregon.com date Wed, 22 Feb 2023 19:38:14 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 vary Origin request-context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
GET H2	200	express_html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame 5536	106 KB 37 KB	48ms 8ms	Script text/javascript	2a00:1450:4001:809::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ Origin https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 23:10:48 GMT content-encoding gzip x-content-type-options nosniff age 73646 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37872 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 22 Feb 2023 23:10:48 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/ Frame 5536	8 KB 3 KB	20ms 20ms	Script text/javascript	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/omrhp.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/69474500/xbbe/creative/adj?p=APEucNWNxtS6oej_8a29Y8PExH4pS_T1GmCwTS8503Bi8HV4A7XArvs&d=CokBAKAmf-AvVL9-s1y3FuQwmhN5V5_jqYHnWrvM-zMNUlFno8ERG2tx8Ti08gv2Nd1dfv5oFlEKZ2CWJlBt51qeiavA9_LxUm3RdYvUcQLBcUH7np2fpADJ6yRoITW8riMjLyDAsN3O6JG1R2LYKjnTctePM7fv1RP9x8tnqHEqtDfjteo41DVZEX4SyRQAoCZ_4KieX8OZSgU9KJCdvVotk3Dc6tbBLp7WdRQyrNcMpmf0dHkECg5xDh6TF2IZjzc43B58YmKUckrFiU306GuPISU72uvKrjPTbmTsvMlAhXVuZ6g1EbUG2aEpj053Ft09NFlpIq_pkYZTolB3-Rl-YqyS8lYYa018GQ17vQrFgkQabDtYNnUnoNMD3OO7eEwPXy6cwBS7R9pyX9AldG_o-COGcMF3IRYiZnVkrbxm5RPaQZtfGjEUxT3OZPHsfuBqcs0AEzFbr_WjhB9CwTyDIOAXQILP8DloLljphBU5QH4ktWZk0vBWriSpFkJCjHkjij464HPIFBdb0_mF00gRqGOfWXtlI3jEw-QXsq1Z0MAHdgY2Gz1Fsp0Tlm3MrMBJzB2vdDFA3V5dP4Y44O71B6JRM2ALKAbbaMHDnyqLNQqYGnRNiPMa6alqVjI8bsff1ao7H-fLIdDd0cX23ew15J0aHUil0jKAUoDBhZBQWDSzRpVAfsf-xd0enuenEEr1BQOB2zERNpted8-kePiUWwVzcBVUI_pGOxrvq0qYoHNpYRGs5cOEq0YSsEat8_2ugxf65Q1jrw4Tr_zKNNNLntQhWWIaNfuaowBhuh-l1q5qjsVjEL6gkJtdKPDQgR33lNzEIKdfFo9Nlb2QC_j5oSsrTDmSgT0itY_0f3JIuHnxlq9WsQhu91H9SIdumpxjIA5rrlP6UQyRICLeaHtL3aGegnE6OCgT4pP_5QvhDfD8ttQdI9Q8X2bnqsFMYLkC0Z-j-utv86kMXDHk8RJN2c3Kho62Rm7c-UTza84-dCYKBzk4CFMyYpPZGyoZmn9uMXueD4H0ob4748vOZJyaVHv3wwywW8LzFUK9LKEUkPGG37P_LA7BErd3vOXzSctpW6B6A_qHuOfZ_wRNWlUEGpyhC6R8HnVXqQwAtI_AjfJes7JXXLlJb5Ew93wJYKW7pEYvtRW5iBaxr-n5udCxDQv3VOSTVb8JCsAUb03etXQphTn5SJY46bMC5R7iTyY41B-qL3O_6Pzv_ezll3pI_oyk9JIcaxSjqvlgulWlWvy4hbMDCkovbi79DopnbI7vUn9W4cBHowFPReSK7s4npsHHFKo3hehngaIjXQkFFo1_VyPWIPMhd4_YFlNAP4GqzrQkTrATY3XXY9zE9HWr7lXRJYwLkILkbn2v6RMGHuPdAFWZBjqje7rk8up48h_Y46IOSytA2cx0OmO8Q7BKUYZoHW9w9jjHqviWXCC0THD-L4EV8q3DtWg_Hcp4uNz4f_pvueCeqNrpyDj-0TKdzNDmZFU1XB7CDHcMAj9y68h9L_7xLzDEp2A-Yz30CzDBD31rmu4tZskYYbZVZNWnwa1rr8ZOJ_ySpLJunAOM0zVr_TsqZl1VRRbfaAzvhRJuzu9MntDG1P0tfFi1YjfXlYjCW-jD3DtZ3nMcL3P5t_KXsjvd6F4bEeSro7lbYCUeihuXsDbjG_7LoIQkI8XFRfDCkeC6I_cLxWOqRIVamyNUWf2y8p-QJ0BSQlNowlzur-pYyqCP_C8C-uX48lDB7D-IcKya6mVOkrDrxcksAatX5buswEPGjowB-7Sr8KG8ppaV_LpcPdduLPnRs95RlST0YJrwIi61iKrD3RT4EmT-AOn9cHWXQA9jnfURpNhQQ2fmtAq-qGU8MB__roP0pgPgMsKp_j80XI0n27vpKK9erWEw_JMuMu2Mf4-Bo83JpphLG5QM2WFoP2zfMpGvzLA5BxQZazCzPEkSAcGL-PM6r63SyzE8fr31isjuBOn4MGpy04QDPkpyYaoHuRPVwdeIKXqC7m128kUQsa0geb_JQzo6ddAVv8mb0fDXcXV6RZGvcK37RYMw5B1Bx9S-DxgWibtfwQt9ACtDD46gkFztiRuYUbeRYl5bzlZZn7SxcTcr7RrjmjZZE4LeOjK6C4zJM4eQcI74n1oEEgL_69C88NNit9RQ_I5gaqsVwaHEwxJWdcbDt_hfavUe59J8zPW93rBl6s2Hvn9GkBdxxHiJuU3gYYxjp76-UJy43x0d8CYQBmQ2Ne6olMT6XlZrklUWLlIiXBpynhSdZIJw7rHJ__ut_JzNlKOFqoMLeAeHu_pB2WOr07G24GVDPzaKfUiyFZCWfqSzXn9-cCQCerKgsFdo-f05M-6PZWQkMWS4tBgg-gmq2cSha-NLatOCIF3lGUOP4M5xvENIXsOp69Q0p76OTKMEc2B0DkVwVpWomw1WvH6W4Wd3jZUZGQqQ2ex3nncrUykqdFv04stEI1xDBYcHUZnlmUyJrES8YVX5hb7wfGYiEDRaJlBCTNZ2pJPNHNry4yuXGxYXREtMdrYnyLUvK-_0I8hPXkh65TW8fXy1UO9VkftsBjzDR55-iEf9tlKTvuoIMxfyN8smElzFYWlghqsN0wueECZ_4qQdLMjgZzFbtJeCAIQLP93J7pFj5s8MA979fnjOhd7cSQR5CGS_NmMXqgcOH8NAAsJJuV2UlXckf2zzQzB30qmnACT13VDN6VqjpgjTWKtVKyx5U-ez8HOYcw3HQEoMvDqSVswxXQwIO3PysopJMnEak2bPkIzXYXgbvP9dv8iKncShkXfHO4y_TWf-sne5GBU-DKOsO1hUnbGIGsf9dlm04_QXpsObKD7XTjNhCjZtZ2fL_BhBTYv_zqaULU502xhcmddmvFx8Z3ait8iFC7Rf5gRlJmw7TnP69oI66Z9ABiKsceGm2wJugtIqSjeV5EWCNbhRVTzOHDjkaMk2LzAvMujnH4a-xuPhsvL3GQgQ_5D6d2ZpZdEw205fD6Tpz8XZgorXKFyzOA3mtPKGvcO0lB9xQRqEYXvYIwi8CZhenpwcQ4EC5jwFH9sJtiU0aTnastm_Q6vB19yvIhTVEFPOb1TW0BdKYKZyBhCk_taHXSqmFmn1qXd77KG5u64mGx8z67HnQwujCijeTW5MK1ubLm90kJkPHS5Sq75eizuo_mueVi_RTRyMgJqx0txRF_PEPwsWy-gaAxmX6i4RBbU6yB8Fjv25LSNnj3YnylMv-j426WhgAJtHaGXOukbjv1xxL1A4QLAfbsbuvCksl8WxRLnIFMjg15llzcJEel2v2zPGseO0X1E-5eYi0oyeE-dpZK39pZFzujvzi2nSOWA6Cn1EL0OxA-lyoOIW6ZVtLD_-5SjigfyfB8k6ETD9XmqoJ4KX65MJPuWwYIlDsRXdhtIhHVo8PDPLn977XwJstKoLVbchn1XLNXv1t--O_rp8812HI_EkZulj7DQEC-EelCt1cqEbzBJqC7ftpisZu9TgMdbM8s_vhy7S_0O_G4SD58gU6-3ayhNgQ_tjy89yZXKeGC3EpvBDCELJSJqlcunDtnQPuBMLacFP-AHjN5u8RuhvapbjnrE5Fs_O__6FhvR43wWdkDfSo5QXB9oJ6KCW1sYVji6uG1GL5bKN7ruWoipEUy97Db_qjsX-PJH4lslGrtHsr4DAr1p3hrqJblBDjxllohpSCAQSTADUE5ymWz4jJpJ2vnMSFflfxZYxYSud4VfOA0k3mcJiaTlXzot2LnUfHZbVYb--f3rcLvlOxRc7pIAFqsr3-TevU5fnt95ruWWyCVYYAWAB&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-2444794068370795&ias_chanId=1&ias_placementId=18132950335&bidurl=https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gEfCswVKLbgTmkz_088_4d&adsafe_url=https%3A%2F%2Fwww.foregon.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.foregon.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6215a89e-db51-c8d4-4cda-a68721f7fd0b,c:4YPXnk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-597dfc9cc-zjs6r,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:twCGqml+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1135760-69474500%7C181%7C1821,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:26,oid:729cf8c6-b2e8-11ed-be7d-eebb50dc2583,v:19.8.396,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 09:11:20 GMT content-encoding br x-content-type-options nosniff age 37614 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2986 x-xss-protection 0 server cafe etag 3296546412363819624 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 08 Mar 2023 09:11:20 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/ Frame 5536	28 KB 11 KB	20ms 20ms	Script text/javascript	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/abg_lite.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/69474500/xbbe/creative/adj?p=APEucNWNxtS6oej_8a29Y8PExH4pS_T1GmCwTS8503Bi8HV4A7XArvs&d=CokBAKAmf-AvVL9-s1y3FuQwmhN5V5_jqYHnWrvM-zMNUlFno8ERG2tx8Ti08gv2Nd1dfv5oFlEKZ2CWJlBt51qeiavA9_LxUm3RdYvUcQLBcUH7np2fpADJ6yRoITW8riMjLyDAsN3O6JG1R2LYKjnTctePM7fv1RP9x8tnqHEqtDfjteo41DVZEX4SyRQAoCZ_4KieX8OZSgU9KJCdvVotk3Dc6tbBLp7WdRQyrNcMpmf0dHkECg5xDh6TF2IZjzc43B58YmKUckrFiU306GuPISU72uvKrjPTbmTsvMlAhXVuZ6g1EbUG2aEpj053Ft09NFlpIq_pkYZTolB3-Rl-YqyS8lYYa018GQ17vQrFgkQabDtYNnUnoNMD3OO7eEwPXy6cwBS7R9pyX9AldG_o-COGcMF3IRYiZnVkrbxm5RPaQZtfGjEUxT3OZPHsfuBqcs0AEzFbr_WjhB9CwTyDIOAXQILP8DloLljphBU5QH4ktWZk0vBWriSpFkJCjHkjij464HPIFBdb0_mF00gRqGOfWXtlI3jEw-QXsq1Z0MAHdgY2Gz1Fsp0Tlm3MrMBJzB2vdDFA3V5dP4Y44O71B6JRM2ALKAbbaMHDnyqLNQqYGnRNiPMa6alqVjI8bsff1ao7H-fLIdDd0cX23ew15J0aHUil0jKAUoDBhZBQWDSzRpVAfsf-xd0enuenEEr1BQOB2zERNpted8-kePiUWwVzcBVUI_pGOxrvq0qYoHNpYRGs5cOEq0YSsEat8_2ugxf65Q1jrw4Tr_zKNNNLntQhWWIaNfuaowBhuh-l1q5qjsVjEL6gkJtdKPDQgR33lNzEIKdfFo9Nlb2QC_j5oSsrTDmSgT0itY_0f3JIuHnxlq9WsQhu91H9SIdumpxjIA5rrlP6UQyRICLeaHtL3aGegnE6OCgT4pP_5QvhDfD8ttQdI9Q8X2bnqsFMYLkC0Z-j-utv86kMXDHk8RJN2c3Kho62Rm7c-UTza84-dCYKBzk4CFMyYpPZGyoZmn9uMXueD4H0ob4748vOZJyaVHv3wwywW8LzFUK9LKEUkPGG37P_LA7BErd3vOXzSctpW6B6A_qHuOfZ_wRNWlUEGpyhC6R8HnVXqQwAtI_AjfJes7JXXLlJb5Ew93wJYKW7pEYvtRW5iBaxr-n5udCxDQv3VOSTVb8JCsAUb03etXQphTn5SJY46bMC5R7iTyY41B-qL3O_6Pzv_ezll3pI_oyk9JIcaxSjqvlgulWlWvy4hbMDCkovbi79DopnbI7vUn9W4cBHowFPReSK7s4npsHHFKo3hehngaIjXQkFFo1_VyPWIPMhd4_YFlNAP4GqzrQkTrATY3XXY9zE9HWr7lXRJYwLkILkbn2v6RMGHuPdAFWZBjqje7rk8up48h_Y46IOSytA2cx0OmO8Q7BKUYZoHW9w9jjHqviWXCC0THD-L4EV8q3DtWg_Hcp4uNz4f_pvueCeqNrpyDj-0TKdzNDmZFU1XB7CDHcMAj9y68h9L_7xLzDEp2A-Yz30CzDBD31rmu4tZskYYbZVZNWnwa1rr8ZOJ_ySpLJunAOM0zVr_TsqZl1VRRbfaAzvhRJuzu9MntDG1P0tfFi1YjfXlYjCW-jD3DtZ3nMcL3P5t_KXsjvd6F4bEeSro7lbYCUeihuXsDbjG_7LoIQkI8XFRfDCkeC6I_cLxWOqRIVamyNUWf2y8p-QJ0BSQlNowlzur-pYyqCP_C8C-uX48lDB7D-IcKya6mVOkrDrxcksAatX5buswEPGjowB-7Sr8KG8ppaV_LpcPdduLPnRs95RlST0YJrwIi61iKrD3RT4EmT-AOn9cHWXQA9jnfURpNhQQ2fmtAq-qGU8MB__roP0pgPgMsKp_j80XI0n27vpKK9erWEw_JMuMu2Mf4-Bo83JpphLG5QM2WFoP2zfMpGvzLA5BxQZazCzPEkSAcGL-PM6r63SyzE8fr31isjuBOn4MGpy04QDPkpyYaoHuRPVwdeIKXqC7m128kUQsa0geb_JQzo6ddAVv8mb0fDXcXV6RZGvcK37RYMw5B1Bx9S-DxgWibtfwQt9ACtDD46gkFztiRuYUbeRYl5bzlZZn7SxcTcr7RrjmjZZE4LeOjK6C4zJM4eQcI74n1oEEgL_69C88NNit9RQ_I5gaqsVwaHEwxJWdcbDt_hfavUe59J8zPW93rBl6s2Hvn9GkBdxxHiJuU3gYYxjp76-UJy43x0d8CYQBmQ2Ne6olMT6XlZrklUWLlIiXBpynhSdZIJw7rHJ__ut_JzNlKOFqoMLeAeHu_pB2WOr07G24GVDPzaKfUiyFZCWfqSzXn9-cCQCerKgsFdo-f05M-6PZWQkMWS4tBgg-gmq2cSha-NLatOCIF3lGUOP4M5xvENIXsOp69Q0p76OTKMEc2B0DkVwVpWomw1WvH6W4Wd3jZUZGQqQ2ex3nncrUykqdFv04stEI1xDBYcHUZnlmUyJrES8YVX5hb7wfGYiEDRaJlBCTNZ2pJPNHNry4yuXGxYXREtMdrYnyLUvK-_0I8hPXkh65TW8fXy1UO9VkftsBjzDR55-iEf9tlKTvuoIMxfyN8smElzFYWlghqsN0wueECZ_4qQdLMjgZzFbtJeCAIQLP93J7pFj5s8MA979fnjOhd7cSQR5CGS_NmMXqgcOH8NAAsJJuV2UlXckf2zzQzB30qmnACT13VDN6VqjpgjTWKtVKyx5U-ez8HOYcw3HQEoMvDqSVswxXQwIO3PysopJMnEak2bPkIzXYXgbvP9dv8iKncShkXfHO4y_TWf-sne5GBU-DKOsO1hUnbGIGsf9dlm04_QXpsObKD7XTjNhCjZtZ2fL_BhBTYv_zqaULU502xhcmddmvFx8Z3ait8iFC7Rf5gRlJmw7TnP69oI66Z9ABiKsceGm2wJugtIqSjeV5EWCNbhRVTzOHDjkaMk2LzAvMujnH4a-xuPhsvL3GQgQ_5D6d2ZpZdEw205fD6Tpz8XZgorXKFyzOA3mtPKGvcO0lB9xQRqEYXvYIwi8CZhenpwcQ4EC5jwFH9sJtiU0aTnastm_Q6vB19yvIhTVEFPOb1TW0BdKYKZyBhCk_taHXSqmFmn1qXd77KG5u64mGx8z67HnQwujCijeTW5MK1ubLm90kJkPHS5Sq75eizuo_mueVi_RTRyMgJqx0txRF_PEPwsWy-gaAxmX6i4RBbU6yB8Fjv25LSNnj3YnylMv-j426WhgAJtHaGXOukbjv1xxL1A4QLAfbsbuvCksl8WxRLnIFMjg15llzcJEel2v2zPGseO0X1E-5eYi0oyeE-dpZK39pZFzujvzi2nSOWA6Cn1EL0OxA-lyoOIW6ZVtLD_-5SjigfyfB8k6ETD9XmqoJ4KX65MJPuWwYIlDsRXdhtIhHVo8PDPLn977XwJstKoLVbchn1XLNXv1t--O_rp8812HI_EkZulj7DQEC-EelCt1cqEbzBJqC7ftpisZu9TgMdbM8s_vhy7S_0O_G4SD58gU6-3ayhNgQ_tjy89yZXKeGC3EpvBDCELJSJqlcunDtnQPuBMLacFP-AHjN5u8RuhvapbjnrE5Fs_O__6FhvR43wWdkDfSo5QXB9oJ6KCW1sYVji6uG1GL5bKN7ruWoipEUy97Db_qjsX-PJH4lslGrtHsr4DAr1p3hrqJblBDjxllohpSCAQSTADUE5ymWz4jJpJ2vnMSFflfxZYxYSud4VfOA0k3mcJiaTlXzot2LnUfHZbVYb--f3rcLvlOxRc7pIAFqsr3-TevU5fnt95ruWWyCVYYAWAB&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-2444794068370795&ias_chanId=1&ias_placementId=18132950335&bidurl=https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gEfCswVKLbgTmkz_088_4d&adsafe_url=https%3A%2F%2Fwww.foregon.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.foregon.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6215a89e-db51-c8d4-4cda-a68721f7fd0b,c:4YPXnk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-597dfc9cc-zjs6r,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:twCGqml+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1135760-69474500%7C181%7C1821,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:26,oid:729cf8c6-b2e8-11ed-be7d-eebb50dc2583,v:19.8.396,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 139c36234c15d74808b6156ef8e3d533a4a2dfd4ea6447428091ad4b6916b8da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 09:11:20 GMT content-encoding br x-content-type-options nosniff age 37614 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10784 x-xss-protection 0 server cafe etag 15652644324719269315 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 08 Mar 2023 09:11:20 GMT
GET DATA	200 OK	truncated / Frame 5536	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d428fc015b186b3dc7afd54d03462e632b6e0cf6e133bfe9332700c6b6889428 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/10380136082583727788/DE-DEU_XA-10_0_300x250_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/ Frame F1F8	164 KB 93 KB	24ms 10ms	Document text/html	2a00:1450:4001:809::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/10380136082583727788/DE-DEU_XA-10_0_300x250_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 512d6f6098561695d29744a5b08fc7a89316bfdb805092f35a6aed870bd417ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 523261 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 95119 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Thu, 16 Feb 2023 18:17:13 GMT expires Fri, 16 Feb 2024 18:17:13 GMT last-modified Wed, 08 Feb 2023 08:42:05 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 5536	0 0	160ms 60ms	Fetch image/gif	142.251.39.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuybe1Vvtg9K6MQO_xYljOWsP4vGTpMpwLxFAlTPQpRzZmxzp65wvOXd34bNIAEWMbBiKdoKUBq3RugbCBDaWvW0AlQkvB_K-5OAk6lWbc-9LAgL1TUu8o53lMjaOWycqv6BRNi6Erg-AU2tDVUlYlIM0gZae8Pf26WciPTZu_rVjAqvrtSVjJGWieIjfZSSoChVR_PWnWvkFc&sai=AMfl-YQVFlyMctaNgvpe3qbSUjRyF40OFPhdUmRk3pTM5eLk4VgWHrWqa7E6oPiQneLReUF3izm1jkDc_eQfKqYXyPuOkEecrqt29YNuiP0Moz_Ui1_15pDHmcNjN6YYfJ4TImIKpJSc6ChJUvWIfvy3SbA1AB8&sig=Cg0ArKJSzCIRH4q3hovqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=99&cbvp=1&cstd=95&cisv=r20230216.49165&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.39.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS bud02s38-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:14 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 22 Feb 2023 19:38:14 GMT
GET H3	200	Cisco_Logo_no_TM_Midnight_Blue-RGB.svg.js Show response s0.2mdn.net/sadbundle/10380136082583727788/DE-DEU_XA-10_0_300x250_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/ Frame F1F8	2 KB 936 B	8ms 8ms	Script application/x-javascript	2a00:1450:4001:809::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/10380136082583727788/DE-DEU_XA-10_0_300x250_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/Cisco_Logo_no_TM_Midnight_Blue-RGB.svg.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10380136082583727788/DE-DEU_XA-10_0_300x250_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c7d61645f8cbb1f1dead0070107773bba8127040e5dd2f09ed979d0c96e839cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10380136082583727788/DE-DEU_XA-10_0_300x250_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 18:17:14 GMT content-encoding gzip x-content-type-options nosniff age 523260 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 907 x-xss-protection 0 last-modified Wed, 08 Feb 2023 08:42:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 16 Feb 2024 18:17:14 GMT
GET DATA	200 OK	truncated / Frame F1F8	73 KB 73 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956 Request headers Referer Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 5536	0 0	103ms 60ms	Fetch image/gif	142.251.39.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuybe1Vvtg9K6MQO_xYljOWsP4vGTpMpwLxFAlTPQpRzZmxzp65wvOXd34bNIAEWMbBiKdoKUBq3RugbCBDaWvW0AlQkvB_K-5OAk6lWbc-9LAgL1TUu8o53lMjaOWycqv6BRNi6Erg-AU2tDVUlYlIM0gZae8Pf26WciPTZu_rVjAqvrtSVjJGWieIjfZSSoChVR_PWnWvkFc&sai=AMfl-YQVFlyMctaNgvpe3qbSUjRyF40OFPhdUmRk3pTM5eLk4VgWHrWqa7E6oPiQneLReUF3izm1jkDc_eQfKqYXyPuOkEecrqt29YNuiP0Moz_Ui1_15pDHmcNjN6YYfJ4TImIKpJSc6ChJUvWIfvy3SbA1AB8&sig=Cg0ArKJSzCIRH4q3hovqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=155&vt=11&dtpt=56&dett=3&cstd=95&cisv=r20230216.49165&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.39.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS bud02s38-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:14 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 22 Feb 2023 19:38:14 GMT
GET H3	200	Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png s0.2mdn.net/sadbundle/10380136082583727788/DE-DEU_XA-10_0_300x250_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/ Frame F1F8	148 KB 148 KB	14ms 13ms	Image image/png	2a00:1450:4001:809::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10380136082583727788/DE-DEU_XA-10_0_300x250_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png? Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b2e79c5634b3f6b5ca04800d8ddbb60eb8878fee0dbafd518f2c687c74b6b0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10380136082583727788/DE-DEU_XA-10_0_300x250_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 05:02:45 GMT x-content-type-options nosniff age 225329 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 151623 x-xss-protection 0 last-modified Wed, 08 Feb 2023 08:42:05 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 20 Feb 2024 05:02:45 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 5536	43 B 216 B	242ms 168ms	Image image/gif	2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=6215a89e-db51-c8d4-4cda-a68721f7fd0b&tv=%7Bc:4YPXu4,pingTime:-10,time:443,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xMDAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1677094694876%7C%7Ce7fe38f366ae1eecf215c625a9edc310%7C%7C41c5992836ce3b548d2ab9f4e4ccb0b4%7C%7C94a86700fda9de71825d4ebe115ebb08%7C%7C8405af54c76a727800fa2f06295485f8%7C%7C06315a33df69f7fe2d065f619d3c111c%7C%7Cbd528d382fda612d4a8188873204b12b%7C%7C2304fe9e2e67db497a697a19caa9a578%7C%7C1663701684%7D Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:15 GMT server nginx x-server-name dt06.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png s0.2mdn.net/sadbundle/10380136082583727788/DE-DEU_XA-10_0_300x250_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/ Frame F1F8	148 KB 148 KB	10ms 10ms	Image image/png	2a00:1450:4001:809::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10380136082583727788/DE-DEU_XA-10_0_300x250_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png? Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10380136082583727788/DE-DEU_XA-10_0_300x250_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b2e79c5634b3f6b5ca04800d8ddbb60eb8878fee0dbafd518f2c687c74b6b0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10380136082583727788/DE-DEU_XA-10_0_300x250_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 05:02:45 GMT x-content-type-options nosniff age 225329 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 151623 x-xss-protection 0 last-modified Wed, 08 Feb 2023 08:42:05 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 20 Feb 2024 05:02:45 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 5536	43 B 215 B	287ms 286ms	Image image/gif	2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=6215a89e-db51-c8d4-4cda-a68721f7fd0b&tv=%7Bc:4YPXw2,time:565,type:e,im:%7Bpci:%7Btdr:506%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:565,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B556~0%5D,as:%5B556~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:twCGqml+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1135760-69474500%7C181%7C1821,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:27,sis:212%7D&br=c Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:15 GMT server nginx x-server-name dt18.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	container.html Show response b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F844	6 KB 3 KB	8ms 8ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.foregon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 22 Feb 2023 19:38:13 GMT expires Thu, 22 Feb 2024 19:38:13 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	css2 fonts.googleapis.com/ Frame F844	4 KB 1 KB	59ms 10ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 22 Feb 2023 19:38:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 22 Feb 2023 19:09:31 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 22 Feb 2023 19:38:15 GMT
GET H2	200	030db783cd93f01ccad1528166361a91.js Show response www.gstatic.com/mysidia/ Frame 44BB	9 KB 5 KB	198ms 20ms	Script text/javascript	2a00:1450:400d:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/030db783cd93f01ccad1528166361a91.js?tag=client_fast_engine_2019 Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3deda25f1d4dacb2dcb6291e32e305b3390f6225a657f45ce798101dcfcb9865 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 00:53:05 GMT content-encoding gzip x-content-type-options nosniff age 585910 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4099 x-xss-protection 0 last-modified Wed, 15 Feb 2023 00:53:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 17 May 2023 00:53:05 GMT
GET H2	200	109a38e5e9267c338ba465f7374e9b45.js Show response www.gstatic.com/mysidia/ Frame 44BB	150 KB 56 KB	204ms 27ms	Script text/javascript	2a00:1450:400d:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/109a38e5e9267c338ba465f7374e9b45.js?tag=gpa/dynamic_fig_web_banner_v2 Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e57b42d07e7286198e4c9f3a375fe053d1b7b3fccdb466e3dd1f78f6fc60b735 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:25:36 GMT content-encoding gzip x-content-type-options nosniff age 65559 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56794 x-xss-protection 0 last-modified Tue, 21 Feb 2023 18:15:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 23 May 2023 01:25:36 GMT
GET H2	200	css fonts.googleapis.com/ Frame 44BB	6 KB 992 B	51ms 14ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400 Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e5868a14238ba3fd43b1922aa6db736f4b05970b5162451f6e89c0fd70e84b08 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 22 Feb 2023 19:38:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 22 Feb 2023 19:13:18 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 22 Feb 2023 19:38:15 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 44BB	2 KB 765 B	8ms 8ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 09:00:32 GMT content-encoding br x-content-type-options nosniff age 38263 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 08 Mar 2023 09:00:32 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230216/r20110914/ Frame 44BB	22 KB 9 KB	25ms 23ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/abg_lite_fy2021.js Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 09:00:32 GMT content-encoding br x-content-type-options nosniff age 38263 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8814 x-xss-protection 0 server cafe etag 11378319237421819138 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 08 Mar 2023 09:00:32 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 44BB	3 KB 1 KB	21ms 19ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 13:43:21 GMT content-encoding br x-content-type-options nosniff age 21294 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 08 Mar 2023 13:43:21 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 44BB	20 KB 8 KB	24ms 22ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 09:00:31 GMT content-encoding br x-content-type-options nosniff age 38264 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8274 x-xss-protection 0 server cafe etag 9471482037410804447 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 08 Mar 2023 09:00:31 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 44BB	157 KB 48 KB	82ms 79ms	Script text/javascript	2a00:1450:400d:80a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:38:15 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49018 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1676996822105882" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 22 Feb 2023 19:38:15 GMT
GET H2	200	ed8ae2896763956dad3710d8730c1299.js Show response www.gstatic.com/mysidia/ Frame 44BB	33 KB 14 KB	195ms 21ms	Script text/javascript	2a00:1450:400d:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: www.foregon.com URL: https://www.foregon.com/blog/bradesco-exclusive-e-prime-quais-sao-os-beneficios/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 19:00:31 GMT content-encoding gzip x-content-type-options nosniff age 520664 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14007 x-xss-protection 0 last-modified Wed, 15 Feb 2023 00:53:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 17 May 2023 19:00:31 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/ Frame F844	19 KB 8 KB	23ms 10ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:31:51 GMT content-encoding br x-content-type-options nosniff age 65184 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8251 x-xss-protection 0 server cafe etag 12882883664474914621 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 08 Mar 2023 01:31:51 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame F844	205 B 294 B	248ms 80ms	Image image/png	2a00:1450:400d:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:31:06 GMT x-content-type-options nosniff age 429 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 22 Feb 2024 19:31:06 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame F844	604 B 917 B	231ms 64ms	Image image/png	2a00:1450:400d:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:37:33 GMT x-content-type-options nosniff age 42 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 22 Feb 2024 19:37:33 GMT
POST H2	204	csi csi.gstatic.com/ Frame 44BB	0 234 B	106ms 40ms	Ping image/gif	2a00:1450:400a:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~leg2voz5&c=4362752833209&slotId=2181376416604.5&qqid=CJeW_cvwqf0CFYIMiwod8rIFTQ&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/109a38e5e9267c338ba465f7374e9b45.js?tag=gpa/dynamic_fig_web_banner_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400a:800::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:15 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	hq1.jpg i1.ytimg.com/vi/gUS7D7Jx4x8/ Frame 44BB	10 KB 11 KB	55ms 11ms	Image image/jpeg	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i1.ytimg.com/vi/gUS7D7Jx4x8/hq1.jpg Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2e0fc7538a37b66844d96f8d96bb5bc5ff3f482f0a31b52e33d81a0b38e8c315 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 19:33:33 GMT x-content-type-options nosniff age 282 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10575 x-xss-protection 0 server sffe etag "0" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/jpeg cache-control public, max-age=7200 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 22 Feb 2023 21:33:33 GMT
GET H/1.1	206 Partial Content	videoplayback rr4---sn-4g5ednds.googlevideo.com/ Frame 44BB	453 KB 454 KB	74ms 8ms	Media video/mp4	2a00:1450:4001:19::9 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr4---sn-4g5ednds.googlevideo.com/videoplayback?expire=1677123495&ei=J2_2Y67sAvnax_APormIiAQ&ip=2001:ac8:20:271::1e&id=8144bb0fb271e31f&itag=18&source=youtube&requiressl=yes&mh=Lo&mm=31&mn=sn-4g5ednds&ms=au&mv=m&mvi=4&pl=53&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.054&lmt=1665229552440508&mt=1677094389&txp=5430434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAOC4ITnMhJLDAvwPVYXWmAqTMEUu_S3MgdIliEf2q836AiASPKgQKjEhJ8Ck2zzVpF8qNuAYy-3ngCf_jrk6nQPG1A==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAI6gY2SGAk0wZ75sEKGw42FZQLlqj34rGEX0sIMLk1wbAiAb4cFN8cKWYM87lLOLcbisR_iYbT-yiTvvK5vAMcK8CQ==&cpn=x7J6gAJtB4qsMSxN Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:19::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 6493d1dcb705fe8f15a7c03d09e9a3fee26c8d1d3eb1683d6fd2da211810885e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Range bytes=0- Response headers Date Wed, 22 Feb 2023 19:38:15 GMT X-Content-Type-Options nosniff Last-Modified Sat, 08 Oct 2022 11:45:52 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Content-Range bytes 0-464282/464283 Cache-Control private, max-age=28500 Cross-Origin-Resource-Policy cross-origin Connection close Accept-Ranges bytes Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 464283 Expires Wed, 22 Feb 2023 19:38:15 GMT
GET H3	200	7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response pagead2.googlesyndication.com/bg/ Frame 9CBA	36 KB 14 KB	21ms 20ms	Script text/javascript	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Requested by Host: b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com URL: https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 09:11:21 GMT content-encoding br x-content-type-options nosniff age 37614 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14233 x-xss-protection 0 last-modified Mon, 13 Feb 2023 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 22 Feb 2024 09:11:21 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 5536	42 B 174 B	59ms 55ms	Fetch image/gif	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1R9jpiYh0NumPJFilwwEhUTOGDWU_WE5D6qXSnwChzzaET_xi8J3llQFb3HJMFRzASon4L0Gloa4HslhwY-tOWweaBUx6ot4g3TKR8s8QfrJW_1j6PXoWg2Bg5y3LfN3dzAgHsA&sai=AMfl-YQ57ZK4RnvXH4TPcm4xxG5HRc-VO3AbllUvRfPjf-C1GiLe7BJ0SPl8rPPonfQN7ALlIGcgSNZuYWu3aV_5O-PdAw4i_B5xDrybVpKyty_k3dvE-Xig6IKN-YtO6JPwj8-v7Ah6s3ueywzA6A&sig=Cg0ArKJSzPzLOTh30QynEAE&cid=CAQSTADUE5ymWz4jJpJ2vnMSFflfxZYxYSud4VfOA0k3mcJiaTlXzot2LnUfHZbVYb--f3rcLvlOxRc7pIAFqsr3-TevU5fnt95ruWWyCVYYAQ&id=lidar2&mcvt=1022&p=479,442,729,742&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20230221&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1639472916&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677094694144&rpt=566&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:15 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 7ms	Image image/gif	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j99&a=2030150786&t=event&_s=3&dl=https%3A%2F%2Fwww.foregon.com%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&dp=%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&ul=en-us&de=UTF-8&dt=Bradesco%20Exclusive%20ou%20Prime%3A%20Qual%20o%20Melhor%20Segmento%3F%20%7C%20Foregon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=web-vitals&ea=FCP&el=v3-1677094693036-6978318464879&ev=151&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=236445490.1677094693&tid=UA-644185-4&_gid=1668408195.1677094693&gtm=457e32f0&z=919824372 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Tue, 21 Feb 2023 23:33:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 72307 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	8ms 7ms	Image image/gif	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j99&a=2030150786&t=event&_s=4&dl=https%3A%2F%2Fwww.foregon.com%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&dp=%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&ul=en-us&de=UTF-8&dt=Bradesco%20Exclusive%20ou%20Prime%3A%20Qual%20o%20Melhor%20Segmento%3F%20%7C%20Foregon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=header-blog&ea=showed&el=%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&ev=0&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=236445490.1677094693&tid=UA-644185-4&_gid=1668408195.1677094693&gtm=457e32f0&z=819646147 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Tue, 21 Feb 2023 23:33:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 72307 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 7ms	Image image/gif	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j99&a=2030150786&t=event&_s=5&dl=https%3A%2F%2Fwww.foregon.com%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&dp=%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&ul=en-us&de=UTF-8&dt=Bradesco%20Exclusive%20ou%20Prime%3A%20Qual%20o%20Melhor%20Segmento%3F%20%7C%20Foregon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=blog&ea=showed&el=%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&ev=0&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=236445490.1677094693&tid=UA-644185-4&_gid=1668408195.1677094693&gtm=457e32f0&z=559087806 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Tue, 21 Feb 2023 23:33:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 72307 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	8ms 7ms	Image image/gif	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j99&a=2030150786&t=event&_s=6&dl=https%3A%2F%2Fwww.foregon.com%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&dp=%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&ul=en-us&de=UTF-8&dt=Bradesco%20Exclusive%20ou%20Prime%3A%20Qual%20o%20Melhor%20Segmento%3F%20%7C%20Foregon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=query-cpf-blog&ea=showed&el=%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&ev=0&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=236445490.1677094693&tid=UA-644185-4&_gid=1668408195.1677094693&gtm=457e32f0&z=565071220 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Tue, 21 Feb 2023 23:33:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 72307 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 7ms	Image image/gif	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j99&a=2030150786&t=event&_s=7&dl=https%3A%2F%2Fwww.foregon.com%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&dp=%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&ul=en-us&de=UTF-8&dt=Bradesco%20Exclusive%20ou%20Prime%3A%20Qual%20o%20Melhor%20Segmento%3F%20%7C%20Foregon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=blog-digitalaccount-2063&ea=showed&el=%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&ev=0&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=236445490.1677094693&tid=UA-644185-4&_gid=1668408195.1677094693&gtm=457e32f0&z=1328618571 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.foregon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Tue, 21 Feb 2023 23:33:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 72307 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5536	0 20 B	52ms 52ms	Ping image/gif	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7132953405346&version=m202301230201&ct=76&x=1&cor=5421928201896270000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:16 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 44BB	0 54 B	42ms 41ms	Ping image/gif	2a00:1450:400a:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~leg2vozf&c=4362752833209&slotId=2181376416604.5&qqid=CJeW_cvwqf0CFYIMiwod8rIFTQ&umsem=0&ple=1&ape=1 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/109a38e5e9267c338ba465f7374e9b45.js?tag=gpa/dynamic_fig_web_banner_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400a:800::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:16 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 5536	43 B 215 B	169ms 168ms	Image image/gif	2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=6215a89e-db51-c8d4-4cda-a68721f7fd0b&tv=%7Bc:4YPXZZ,pingTime:1,time:2422,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:25%7D,%7Bpiv:100,vs:i,r:,t:1420%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1003,o:1419,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1411~0,0~100%5D,as:%5B1411~300.250%5D%7D%7D,%7Bsl:i,t:1419,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:290,fm:twCGqml+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1135760-69474500%7C181%7C1821,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:27,sis:212%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:16 GMT server nginx x-server-name dt23.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 5536	43 B 215 B	169ms 169ms	Image image/gif	2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=6215a89e-db51-c8d4-4cda-a68721f7fd0b&tv=%7Bc:4YPXZZ,pingTime:1,time:2422,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:25%7D,%7Bpiv:100,vs:i,r:,t:1420%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1003,o:1419,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1411~0,0~100%5D,as:%5B1411~300.250%5D%7D%7D,%7Bsl:i,t:1419,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:290,fm:twCGqml+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1135760-69474500%7C181%7C1821,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:27,sis:212%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7781:14f1:ac9e:f8d4:4ca5 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://b1e153088e30617f83bd6437c3822f43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:16 GMT server nginx x-server-name dt24.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
POST H2	204	collect Show response i.clarity.ms/	0 48 B	396ms 110ms	XHR text/plain	52.167.85.21 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://i.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/eus2-c/s/0.7.2/clarity.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://www.foregon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-origin https://www.foregon.com date Wed, 22 Feb 2023 19:38:17 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 vary Origin request-context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	14ms 14ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-X5591DWC6R&gtm=45je32f0&_p=2030150786&cid=236445490.1677094693&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1677094693&sct=1&seg=0&dl=https%3A%2F%2Fwww.foregon.com%2Fblog%2Fbradesco-exclusive-e-prime-quais-sao-os-beneficios%2F&dt=Bradesco%20Exclusive%20ou%20Prime%3A%20Qual%20o%20Melhor%20Segmento%3F%20%7C%20Foregon&_s=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-X5591DWC6R Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.foregon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 22 Feb 2023 19:38:18 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.foregon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT