fdr.com.br Open in urlscan Pro
2606:4700:3030::6815:55ad Public Scan

URL: https://www.youtube.com/channel/UCrzivgvHkZ5yWJmcNLppNxA
Title: YouTube

URL: https://www.facebook.com/FDRnoticias/
Title: Facebook

URL: https://www.fabiolobo.com.br/
Title: Fabio Lobo

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.fdr.com.br/ HTTP 301
https://fdr.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1614590220736&ns_c=UTF-8&cv=3.5&c8=FDR%20%C2%BB%20Finan%C3%A7as%2C%20Direitos%20e%20Renda%20%7C%20%C3%9Altimas%20Not%C3%ADcias&c7=https%3A%2F%2Ffdr.com.br%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1614590220736&ns_c=UTF-8&cv=3.5&c8=FDR%20%C2%BB%20Finan%C3%A7as%2C%20Direitos%20e%20Renda%20%7C%20%C3%9Altimas%20Not%C3%ADcias&c7=https%3A%2F%2Ffdr.com.br%2F&c9=&cs_ak_ss=1

Request Chain 86

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3146734388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=CLuk5aThju8CFRWYdwodC44Bzg;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3146734388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 118

https://um.simpli.fi/gp_match?google_gid=CAESEEZEK4PCOkTLBt5Ua94dCOo&google_cver=1&google_push=AQvitUJHCwA1NUlol93YAyEMMHyoRiONwxOP13jKSNuPY1szXMDGHNhOu0ZicYlHuI8F0ejMZuzAfoImG7_RzZ8mxSKtTt2xapE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=591BC7B1E89E4FD18851323C1A91CE20&google_push=AQvitUJHCwA1NUlol93YAyEMMHyoRiONwxOP13jKSNuPY1szXMDGHNhOu0ZicYlHuI8F0ejMZuzAfoImG7_RzZ8mxSKtTt2xapE

Request Chain 119

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAj1V8q_zG-RFJA4X2i4p1s&google_cver=1&google_push=AQvitULfgaBuScujBg8_Yxdyam_rcYLwcsZCchb7xu5NjL42UF9mMhfxqDEmMEA50o-FVBOEKheoeVW6TV6rzfZhfiHg5JHwSkw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wujlVP1dSPqvi5eCIAEbrQ2&google_push=AQvitULfgaBuScujBg8_Yxdyam_rcYLwcsZCchb7xu5NjL42UF9mMhfxqDEmMEA50o-FVBOEKheoeVW6TV6rzfZhfiHg5JHwSkw

Request Chain 120

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHyBpoak28WSRojmewFhcTg&google_cver=1&google_push=AQvitUJjjScXBrISwqZPUnfiMMhOxxXyFCaMTxT_O_HqeyGGAJVyYALL5W2gSDiUVCC1mHznjBtLxvYZUnVhflT25KRPXWdm2ek HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHyBpoak28WSRojmewFhcTg&google_cver=1&google_push=AQvitUJjjScXBrISwqZPUnfiMMhOxxXyFCaMTxT_O_HqeyGGAJVyYALL5W2gSDiUVCC1mHznjBtLxvYZUnVhflT25KRPXWdm2ek HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU2MDQ0NzQxNzgwMzM4MzI2Ng&google_push=AQvitUJjjScXBrISwqZPUnfiMMhOxxXyFCaMTxT_O_HqeyGGAJVyYALL5W2gSDiUVCC1mHznjBtLxvYZUnVhflT25KRPXWdm2ek

Request Chain 121

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENycNk9jhBWZCPt506X_WMw&google_cver=1&google_push=AQvitUL0ilwinF_U-Cfj-zNbimK2po_Vn8PP8INTW5_vkAJHJjUh0eMGkw3zGXtuAxYc5uVywWd10ilZ3eFjHl3r3JRHq0HtUw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xRREJXQ1YtMTEtRTRTSA==&google_push=AQvitUL0ilwinF_U-Cfj-zNbimK2po_Vn8PP8INTW5_vkAJHJjUh0eMGkw3zGXtuAxYc5uVywWd10ilZ3eFjHl3r3JRHq0HtUw

Request Chain 122

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFRYnu2l9b67DcBXsmZrGxw&google_cver=1&google_push=AQvitULi4NSWY_1BenCyfPT_CJSno8JEJ3G_d105VuL0afzAzg-HP5f8_B-8v_fTbzB91e9ANd7zj18f2yh9heB1cEnHkre4uUw HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFRYnu2l9b67DcBXsmZrGxw&google_cver=1&google_push=AQvitULi4NSWY_1BenCyfPT_CJSno8JEJ3G_d105VuL0afzAzg-HP5f8_B-8v_fTbzB91e9ANd7zj18f2yh9heB1cEnHkre4uUw&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULi4NSWY_1BenCyfPT_CJSno8JEJ3G_d105VuL0afzAzg-HP5f8_B-8v_fTbzB91e9ANd7zj18f2yh9heB1cEnHkre4uUw&google_hm=5724d97e64633c36e97d7926

Request Chain 123

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAbyderfNepav9Oc_XEuu-s&google_cver=1&google_push=AQvitUJNJYXNwaem2qukoYZrkKJAP1Wm3f7eMZKPG4akyGXU-Px13UpcT0sTLiJbwpF94vCfiDeKO3GeCzaq1LzZOHomEgWFdow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJNJYXNwaem2qukoYZrkKJAP1Wm3f7eMZKPG4akyGXU-Px13UpcT0sTLiJbwpF94vCfiDeKO3GeCzaq1LzZOHomEgWFdow&google_hm=OTY0Nzc4NTUxMTAxOTM1MDU5

Request Chain 148

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 149

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

146 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fdr.com.br/
Redirect Chain

https://www.fdr.com.br/
https://fdr.com.br/

114 KB
24 KB

1085ms
1063ms

Document
text/html

2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.11
Resource Hash: fd6284c1c0f2398d523032b7ab3dadbf81d4760ae641db095da46e08810fc4c7

Request headers

:method: GET
:authority: fdr.com.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d912c393061845efb57f74a326c1431291614590219; expires=Wed, 31-Mar-21 09:16:59 GMT; path=/; domain=.fdr.com.br; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
x-powered-by: PHP/7.4.11
link: <https://fdr.com.br/wp-json/>; rel="https://api.w.org/"
x-cache-status: HIT
cf-cache-status: DYNAMIC
cf-request-id: 088eacab7800004e98b91ab000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OY18dndBHpruVV%2BKoV30oH2cs5XkUqiHlZeBf4aZKfRi0nM6mi%2BGTk30%2B3BSyFrbBik1slT%2FpD8v11hWNYCRDHHWg9UREAuI3xOx6STzn8SBRckpC8Dk"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62914a258ca04e98-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: nginx/1.19.6
date: Mon, 01 Mar 2021 09:16:36 GMT
content-type: text/html; charset=UTF-8
location: https://fdr.com.br/
x-powered-by: PHP/7.4.11
expires: Mon, 01 Mar 2021 10:16:36 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
x-cache-status: MISS

GET
H2 200 proxima_nova_bold-webfont.woff2
fdr.com.br/wp-content/themes/fdr/assets/fonts/ 20 KB
20 KB 19ms
18ms Font
font/woff2 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff2
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53fd54d094b42da90646b3cb3d786d2bfda4fe4b861f46322700b564440112ea

Request headers

Origin: https://fdr.com.br
Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6470
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20060
cf-request-id: 088eacafa300004e98a0b2e000000001
last-modified: Tue, 13 Oct 2020 20:27:52 GMT
server: cloudflare
etag: "5f860dc8-4e5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lgKNyQDT3b09Bn3QFt5wEdA0oqripsSAV0TTdm614dPBw2QNl4jOzY1kwReNt8B%2BkHKTsxfo2u1PZPjYIdaZ4ve6OUby6lNECAyg2TvEP8V42qy0VbIQ"}],"max_age":604800}
content-type: font/woff2
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 62914a2c3fdd4e98-FRA

GET
H2 200 proxima_nova_bold-webfont.woff
fdr.com.br/wp-content/themes/fdr/assets/fonts/ 26 KB
26 KB 14ms
13ms Font
font/woff 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e58d20e144f05e48ff45c4766ddac2f71eeb6c462eaf041fcf3dfcb383c8b7a9

Request headers

Origin: https://fdr.com.br
Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1080284
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26332
cf-request-id: 088eacafa300004e98dc8c4000000001
last-modified: Tue, 13 Oct 2020 20:27:52 GMT
server: cloudflare
etag: "5f860dc8-66dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JwzfKviK0GKXTqV%2BMwQV%2FxgXiih11tQl3AvjlCzak%2FWIlEpGj07K6h3jlQX%2B5yciHCDYncodspMa4IUhMBAaaxSslnbJkgxRiN3kH1tLddAeCcN6r%2BEI"}],"max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62914a2c3fde4e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 roboto-regular-webfont.woff2
fdr.com.br/wp-content/themes/fdr/assets/fonts/ 19 KB
19 KB 12ms
11ms Font
font/woff2 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-regular-webfont.woff2
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 142d280650929d7324576d15ccb730ce0f106e0918cd171861c6bbd465728b85

Request headers

Origin: https://fdr.com.br
Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6470
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19244
cf-request-id: 088eacafa300004e98152ad000000001
last-modified: Tue, 13 Oct 2020 20:27:55 GMT
server: cloudflare
etag: "5f860dcb-4b2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ydHPQqIwhchxeNhf0zvdJ8LDnYnwenoCnJyq99Qm6JLcEsZut1PUeI4wfuLrFe08hy4ft0AS9nVYZocviVw7DvLn9OdY%2FWf9Lgk6DF9qP95%2FvCXf7TXA"}],"max_age":604800}
content-type: font/woff2
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 62914a2c3fdf4e98-FRA

GET
H2 200 roboto-regular-webfont.woff
fdr.com.br/wp-content/themes/fdr/assets/fonts/ 25 KB
26 KB 12ms
12ms Font
font/woff 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-regular-webfont.woff
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c13417b1f593fde72571e230d7f62c800d96a05ded4b8a98ff5cfbbe739872e

Request headers

Origin: https://fdr.com.br
Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1080284
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25996
cf-request-id: 088eacafa300004e98c18d5000000001
last-modified: Tue, 13 Oct 2020 20:27:55 GMT
server: cloudflare
etag: "5f860dcb-658c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ejQRNaCQv7c9fjwjYdfW2hwYJoDix%2FS3y6nJJO9IBNGiUHpCKtqh4QZ3c0RUD6Qrv5FkT7iY3leyNghheF7bEjCUkd2%2F5s7edwsD5nFIv%2BBWXxwaPPPK"}],"max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62914a2c3fe24e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme-structure.css
fdr.com.br/wp-content/themes/fdr/assets/styles/ 32 KB
6 KB 16ms
16ms Stylesheet
text/css 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdr.com.br/wp-content/themes/fdr/assets/styles/theme-structure.css
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0663d6178d4685f887bd95ceef2e51ec31755879bdbf52a85a24ea3ee6d56ec4

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1080285
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088eacafa400004e980f31a000000001
last-modified: Tue, 02 Feb 2021 14:58:58 GMT
server: cloudflare
etag: W/"601968b2-800b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P4fd6UterH5D9BciCQIOa2zXR1PMYbZl9jCTbmsl5E4YpfIWn2L27%2B1DmABv7G1ONXhM%2FQJpBVZOzZrDE6MBya8BPFAWVQyW89DjNdtN%2BXS1MTvigHBa"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62914a2c3fe44e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 41ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2467a9fefa378b8d57d62d9108794bcd476de6ce2cc1ba42ea85200fd73960b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49420
x-xss-protection: 0
server: cafe
etag: 13386428730629145965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 09:17:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 153ms
53ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

sffe /

Resource Hash

a5a8329f8e7cbd929097e9cb1d61827a3331fefb418128c9cd66d825eefd4cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "798 / 654 of 1000 / last-modified: 1614381619"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19371
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:17:00 GMT

GET
H2 200 prebid4.19.0.js Show response
ads.gridmidia.com/ 185 KB
60 KB 32ms
31ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.gridmidia.com/prebid4.19.0.js

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

0dee34418991cf9f53a61a884fb731e913604378bdf72b985de729878ac4d0f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordOps
content-length: 61364
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Tue, 15 Dec 2020 17:07:08 GMT
server: nginx
etag: "5fd8ed3c-2e3dd"
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-hw: 1614590220.cds041.sk1.hn,1614590220.cds015.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 grid_aps_ads.108.min.js Show response
ads.gridmidia.com/ 13 KB
4 KB 107ms
32ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.gridmidia.com/grid_aps_ads.108.min.js

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

cfabf2b25ab82639ef2d92769c3cef0fe264db225d11e127b13dfc3506f50caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordOps
content-length: 3817
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Fri, 26 Feb 2021 12:19:19 GMT
server: nginx
etag: W/"6038e747-334f"
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-hw: 1614590220.cds041.sk1.hn,1614590220.cds052.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11458372-19

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f874d9c486a3b301e68b7555311ff47f88b7a27551d84159b4d9ba5324cf0072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39358
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Mar 2021 09:17:00 GMT

GET
H2 200 f757e01b-c7ab-48ac-9399-494e0609adc8.js Show response
cdn.pn.vg/sites/ 2 KB
2 KB 38ms
11ms Script
text/javascript 2606:4700:3035::6815:3249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/f757e01b-c7ab-48ac-9399-494e0609adc8.js
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 589e4c39a30cdbebad94a44eed4542848d62a0e46a79eca5b3575f5791b83056

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6470
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088eacb02e00004ee5a0b5b000000001
last-modified: Tue, 23 Feb 2021 23:00:28 GMT
server: cloudflare
etag: W/"2f495dd7cb2af61f678efa4bd8334c5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fpVQTmagjHKXDlHvuxE%2FEgS6Ws8n2rp2oFzxB8G29ZvLur8KTaDlTw2M5u4gWYqW2e4U8ySUY1iZK%2FlQYevx%2BDXL2xprokL3%2Bt2cWcHWcpLdLuDay2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-amz-cf-pop: FRA6-C1
cf-ray: 62914a2d1d044ee5-FRA
x-amz-cf-id: S4AorvASZ5rQYrbZOyQOmp3KzTVXBpS_9yA7wtGTVYrh-WwOXRUaLQ==

GET
H2 200 contentpar.js Show response
s1.trrsf.com.br/metrics/js/br/ 4 KB
2 KB 660ms
151ms Script
application/x-javascript 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com.br/metrics/js/br/contentpar.js
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: cloudflare-nginx /
Resource Hash: 5daa36e8a9f6540b5076591de86299aaeb4534c48344bc7e15e4c85e26825503

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: br
last-modified: Mon, 06 May 2019 18:50:40 GMT
server: cloudflare-nginx
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
x-cdnterra-cache-status: HIT
timing-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 script Show response
p1.trrsf.com/cengine/igniter/ 5 KB
3 KB 180ms
135ms Script
text/javascript 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.trrsf.com/cengine/igniter/script?s=navbarPartners&title=economia&p=static
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7535787418136f0e0cf3c51c7828f77b9f649ab554de4462812760bbbfe24f80

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: gzip
x-ceng-uuid: f361ad54-e0cc-470f-852c-9497e917b0d3
x-cache-status: HIT
vary: Accept-Encoding
x-cdnterra-cache-status: STALE
content-type: text/javascript; charset=utf-8
cache-control: max-age=30, stale-while-revalidate=30, stale-if-error=864000
content-length: 3304
server: cloudflare-nginx

GET
H2 200 email-decode.min.js Show response
fdr.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 8ms
7ms Script
application/javascript 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdr.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 088eacafa600004e98fd1b4000000001
last-modified: Thu, 18 Feb 2021 13:46:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"602e6fce-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xc2%2Ffp1g7ezoQigVi0JKNDI%2BrEQ5ANX5r2XIJU07zbXsOCrmQeeNj03x%2BDKmNZ3xgmZQZ221F6fVf4MTKRNk14eeST4%2Fq3IsYJHfTeM%2FCtqQWxlZZ1bJ"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 62914a2c3fe94e98-FRA
expires: Wed, 03 Mar 2021 09:17:00 GMT

GET
H2 200 jquery.min.js Show response
fdr.com.br/wp-content/themes/fdr/assets/scripts/ 87 KB
30 KB 20ms
19ms Script
application/javascript 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdr.com.br/wp-content/themes/fdr/assets/scripts/jquery.min.js
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cd7b7e44c8f9f5f4b9e6c9d6302de0f5b373a8c37c7c5dccefe42e50722ef42

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1080284
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088eacafa800004e98eb0b9000000001
last-modified: Tue, 13 Oct 2020 20:28:01 GMT
server: cloudflare
etag: W/"5f860dd1-15be7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BP9SnV70J02yo9k8FAt1f80rTAmsaODcPvWRJWV5cC3tPwgqIg%2FrKM%2FEZ%2FNwCh1lAThJM9EFpv%2FaHoecrwSm4jzadqap1dvieb%2FFTZ7BFxYi6yqRg%2BSk"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62914a2c3fec4e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazysizes.js Show response
fdr.com.br/wp-content/themes/fdr/assets/scripts/ 7 KB
3 KB 22ms
21ms Script
application/javascript 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdr.com.br/wp-content/themes/fdr/assets/scripts/lazysizes.js
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 372a385bb6a672721c9312028df84900ceb8388329c001d6944bd84d492e611a

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1080284
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088eacafa600004e9813b7f000000001
last-modified: Tue, 13 Oct 2020 20:28:01 GMT
server: cloudflare
etag: W/"5f860dd1-1bff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H7l1YWpi5OXCvlzYnT%2BhtUEUXCzmtGaj7Z%2FGakq%2B8yDBm8Y1dPqFqxGC4jLiH9zbK53kmcY5%2FhexHb97rZeU6tuuyWUHXhPVgVtHAw8kZ7amz5i8p7L7"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62914a2c3fed4e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.js Show response
fdr.com.br/wp-content/themes/fdr/assets/scripts/ 2 KB
975 B 19ms
19ms Script
application/javascript 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdr.com.br/wp-content/themes/fdr/assets/scripts/scripts.js
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca488ca9ea79707e0330cc1fc2430e6aea954ddd5a2dde6106bb51b6210899af

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1080284
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088eacafa600004e98ffa13000000001
last-modified: Tue, 13 Oct 2020 20:28:02 GMT
server: cloudflare
etag: W/"5f860dd2-96e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=17Xf1a9u9Y0CkpXof0NM%2FqZw4KKFBXqp6FZjsT3BbNBLG80PlFfh73BJ5VKQd9mup6So6QZAzwVf%2BoZsFOahvkg6GTXhaZqn3Fb09dUrzCUlaWtQgXhX"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62914a2c3fee4e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 q2w3-fixed-widget.min.js Show response
fdr.com.br/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdr.com.br/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1080284
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088eacafa700004e98dfb49000000001
last-modified: Thu, 22 Oct 2020 13:49:58 GMT
server: cloudflare
etag: W/"5f918e06-1108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R7d0NsSZlGsLZBkBlCy0BHjYPDWxEy8EW1Nih4RCoOy8VwI%2BnPNs3EqhUYuraMc4NojxqfQO3uZX18yaGfwt4O%2FWS5WFk8%2Bb4Zq12X63GTTyz9P03QI5"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62914a2c3fef4e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 78 KB
31 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MHKNJGH

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f91ccdbfeb6c0695600b088e740ffe3d2839312ef2b302b26cb623afce0f3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31152
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Mar 2021 09:17:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/gridmidia-fdr/ 232 KB
26 KB 102ms
33ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/gridmidia-fdr/loader.js
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97fc75a10e5cd85da6888c0e006eb97c9a43a26597cddf7ab0d21348069be40e

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: FN0FZ1cI2fpWOcYsOk.3JFldToUB4KDZ
content-encoding: gzip
etag: "c3a2f55ac704ff3bff9cd8ef5222e55a"
age: 3357
x-cache: HIT
content-length: 25899
x-amz-id-2: LDneli8DFJer4zhFUqlkzq2BkW4qNaoKZKcusm6HowxYDkgWlZs9bV4S107ogM+D2xq4jTiAV1Y=
x-served-by: cache-hhn11553-HHN
last-modified: Mon, 01 Mar 2021 08:19:13 GMT
server: AmazonS3
x-timer: S1614590220.392813,VS0,VE1
date: Mon, 01 Mar 2021 09:17:00 GMT
vary: Accept-Encoding
x-amz-request-id: A97C4C190954AB96
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 55
x-cache-hits: 1

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 115 KB
30 KB 127ms
57ms Script
application/javascript 13.224.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/grid_aps_ads.108.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-34.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:16:11 GMT
content-encoding: gzip
server: Server
age: 48
etag: d7c8ebbead57940cf77ae4183f7ff01a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: pkiOsnrw5ub40d2SPOSAjPBBoA7O4uIM
x-amz-cf-id: je9HoFfoNgyJn4tOM2Qb5TeavmlKMNNSPvqEoTs-PsT2ieKO4BCqng==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11458372-19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4464
date: Mon, 01 Mar 2021 08:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 01 Mar 2021 10:02:36 GMT

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 147 KB
37 KB 19ms
19ms Script
application/javascript 2606:4700:3035::6815:3249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/f757e01b-c7ab-48ac-9399-494e0609adc8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c0bb279c0e6c3df3477c78e2178e02143152df573a04bb5f986c19acdf8924

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
via: 1.1 298295dc49d01ca277aeb7439bbb326f.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4977
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088eacb04b00004ee5be07a000000001
last-modified: Fri, 08 Jan 2021 12:01:04 GMT
server: cloudflare
etag: W/"80d0969265bee1df6751ca17ae2ed4f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aDcN3fEcHrkeZevY08ypN8G94OPt6TFtI5YDWNcbLGyNCfPaosZ%2ByHxCfc3iIUBMZ8Wl3Lo1yc5RfTT8IW8yornGLukJ0ExmzB%2BNNsnAWMiMlsz5P4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
x-amz-cf-pop: MXP64-C2
cf-ray: 62914a2d4d4d4ee5-FRA
x-amz-cf-id: Dr0D3OYvyZrwE9uarjFRI_hgn-f1yqSLIHmB0AbguZT0jOb3SMAEvg==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
27 B 46ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=250831652&t=pageview&_s=1&dl=https%3A%2F%2Ffdr.com.br%2F&ul=en-us&de=UTF-8&dt=FDR%20%C2%BB%20Finan%C3%A7as%2C%20Direitos%20e%20Renda%20%7C%20%C3%9Altimas%20Not%C3%ADcias&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=118336989&gjid=730203973&cid=1985854165.1614590220&tid=UA-11458372-19&_gid=1769890845.1614590220&_r=1&gtm=2ou2h0&z=1840020426

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fdr.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
121 B 40ms
12ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=250831652&t=pageview&_s=1&dl=https%3A%2F%2Ffdr.com.br%2F&ul=en-us&de=UTF-8&dt=FDR%20%C2%BB%20Finan%C3%A7as%2C%20Direitos%20e%20Renda%20%7C%20%C3%9Altimas%20Not%C3%ADcias&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1999613276&gjid=2035738785&cid=1985854165.1614590220&tid=UA-59848279-52&_gid=1769890845.1614590220&_r=1&gtm=2wg2h0MHKNJGH&cd0=fdr.com.br&z=1287168546

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fdr.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
384 B 24ms
20ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=250831652&t=event&ni=0&_s=1&dl=https%3A%2F%2Ffdr.com.br%2F&ul=en-us&de=UTF-8&dt=FDR%20%C2%BB%20Finan%C3%A7as%2C%20Direitos%20e%20Renda%20%7C%20%C3%9Altimas%20Not%C3%ADcias&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=fdr.com.br&ea=fdr.com.br&_u=YEDAAUABAAAAAC~&jid=&gjid=&cid=1985854165.1614590220&tid=UA-59848279-52&_gid=1769890845.1614590220&gtm=2wg2h0MHKNJGH&z=1516733485

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 12:04:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76373
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338319054d599b9f707b064448e10e042ec5e43061e923278bad9d2a3c704717

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86f2f42d5ca4458f9c2b3b090e777ecbbbb237999c1cfe71878c4e10a22dd6d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4d6ebb6e4328a678b3838c59e4866d0c29335bcacd93732f06d9c1165d0108

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ 227 KB
86 KB 63ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8128061848484930&plah=fdr.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 09:17:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/ Frame E9EA 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210224/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fdr.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fdr.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 01 Mar 2021 00:12:56 GMT
expires: Mon, 15 Mar 2021 00:12:56 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 32644
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 23EUqOMzaJw Show response
www.youtube.com/embed/ Frame 58D7 51 KB
22 KB 107ms
87ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f697992a5e92a920708a33c5c07adcc4fac8f6915f8031960a57478977d1fb3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/23EUqOMzaJw?feature=oembed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fdr.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fdr.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 01 Mar 2021 09:17:00 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=C190AlNJoos; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=9BcjQrufxDg; Domain=.youtube.com; Expires=Sat, 28-Aug-2021 09:17:00 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+700; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
141 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-11458372-19&cid=1985854165.1614590220&jid=118336989&gjid=730203973&_gid=1769890845.1614590220&_u=IEBAAUAAAAAAAC~&z=102174293

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 01 Mar 2021 09:17:00 GMT
content-type: text/plain
access-control-allow-origin: https://fdr.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f757e01b-c7ab-48ac-9399-494e0609adc8.json Show response
osp-assets.pn.vg/ 21 B
1 KB 35ms
13ms Fetch
application/json 2606:4700:3035::ac43:9ecd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://osp-assets.pn.vg/f757e01b-c7ab-48ac-9399-494e0609adc8.json
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deb68e16777fefa7c5ab4cefd475b2b9e9afaae5d243535a8eccc89c7fa3c17b

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
access-control-allow-methods: GET, HEAD, POST, PUT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 924907
cf-ray: 62914a2e0ec14a8b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21
x-amz-id-2: EH1ZB2+qO0NjIOthr5Yu8mzbyYLo2QZB6noU7pWn89e4NoDc1BCCfMNzui23rniB9jQEG3fJzI8=
last-modified: Thu, 24 Dec 2020 12:33:48 GMT
server: cloudflare
etag: "7e49c47a75dd2571802e6b32b46a36ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eeaavlPKZtEDFSlmlLLkdW2C%2FHvjU7m6lGhT9mpeOT0xaEI%2BRZX9eE%2Fkr2M72UM02Iigwklqr85wVpnLdDi3QVkmuRCh3VY2iRwhJzSOO2UKHx9a1AtArCqSjeUU"}],"max_age":604800,"group":"cf-nel"}
x-amz-request-id: 3HBZ8HEJEMCG7ZBW
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-request-id: 088eacb0ca00004a8be8827000000001
accept-ranges: bytes
content-type: application/json

GET
H2 200 pushnews-sw.js Show response
fdr.com.br/ 62 B
388 B 16ms
14ms XHR
application/javascript 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdr.com.br/pushnews-sw.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1080276
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088eacb0b500004e981797d000000001
last-modified: Thu, 16 Apr 2020 16:51:56 GMT
server: cloudflare
etag: W/"5e988d2c-3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GcsquDKBwSoj%2FO46MAladwjDjHj9ERv1budzRAlzx4nWp6bfPzR4TpG9yExK1dfsiCgfRgP%2FewFGvEksDSNy5SDZtuPS%2BV707z61qBLGN%2BYKzQR105nm"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62914a2deaaf4e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie.html Show response
cookies.pn.vg/ Frame 7233 5 KB
2 KB 20ms
12ms Document
text/html 2606:4700:3035::6815:3249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies.pn.vg/cookie.html
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60

Request headers

:method: GET
:authority: cookies.pn.vg
:scheme: https
:path: /cookie.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fdr.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cf_bm=36ba1bd964fd1bc99fbf3c8e11d8a680aa982ca3-1614590220-1800-AUpEFxQQAw89YchoRZ8ELap7TzRTa0F2PXvttcIZQSHypwiojo7j+jzJ39v4CTwpK6ie6ubrl9oDcAXXfzDvF2c=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fdr.com.br/

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-type: text/html
set-cookie: __cfduid=d734c5f1f0b8d9fb28b624f08fb7ec2921614590220; expires=Wed, 31-Mar-21 09:17:00 GMT; path=/; domain=.pn.vg; HttpOnly; SameSite=Lax
last-modified: Wed, 26 Aug 2020 15:02:00 GMT
x-cache: Hit from cloudfront
via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: rXKG9z9F8nx7ZyWkEZyY1PtRqfIPz6humwUmB8M7pc5dcRDf36q3ow==
age: 3497
cache-control: max-age=14400
cf-cache-status: HIT
cf-request-id: 088eacb0d200004ee5aba0a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6XEfUtNvOvAxv6Jg00kM41rm263zD5uzgu4g4sQf5OAVD9DSmAFJ7QHcH7HlmOnIHAHh0g5ZX3Z5K6VAxkb%2B7cYYK342c8ctwu8wQjLdn5MTpFKG5nWliJ0O"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 62914a2e1f014ee5-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
706 B 104ms
35ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid4.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 09:17:00 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.243:80
AN-X-Request-Uuid: 10162e28-55f5-48ac-8cce-fc9aa45d06a6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fdr.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
470 B 195ms
129ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c000176766b72e46bd74c240010&pos=8a9691980176766b76446cd96ff90039&cmd=bid&secure=1
Requested by: Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid4.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: ca393d58afa285ff8c9cafc918e867d857fa846cb67e4d1f89e08891513f678d

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 01 Mar 2021 09:17:00 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://fdr.com.br
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
470 B 239ms
172ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c000176766b72e46bd74c240010&pos=8a96943d0176766b7a5d6cd91fff0040&cmd=bid&secure=1
Requested by: Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid4.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 668f6d27342898293e068cc65f70e097bc7f7786dbba3c357944b790ba687bc5

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 01 Mar 2021 09:17:00 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://fdr.com.br
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
140 B 94ms
30ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.19.0&cb=3212798016
Requested by: Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid4.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fdr.com.br
date: Mon, 01 Mar 2021 09:17:00 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
1 KB 218ms
131ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid4.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 27b6473d2910f1ff98ca0997da5d4c3efab5ab56629e62fdcf3a7b18376250db

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b25%3b118
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fdr.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 855 B
949 B 228ms
142ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid4.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 9de00623a4bdc893c3c62118482acffab9346cf1db0cf1b8a30fabd9adab2fc1

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b21%3b110
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fdr.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

GET
H2 200 impl.20210301-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 468 KB
108 KB 33ms
32ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210301-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gridmidia-fdr/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9b31970a9134ca82a8199a1da600e0285145754b2a8f962cdbb23158c341f096

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: c0mTNXnPoNPuP3syitAdGi7H25WAmqgj
content-encoding: br
etag: "8d5832df73176bc2969c90d80b8c1361"
age: 4998
x-cache: HIT
content-length: 110100
x-amz-id-2: gTrLRBxqGjGrpMhZLJFetxqQ+S8PQ8MCBffUuBiFQHeelCIqZMUeNDQzFPaSh4xEZiAG273rylA=
x-served-by: cache-hhn11553-HHN
last-modified: Mon, 01 Mar 2021 07:52:40 GMT
server: AmazonS3-br
x-timer: S1614590221.580862,VS0,VE0
date: Mon, 01 Mar 2021 09:17:00 GMT
vary: Accept-Encoding
x-amz-request-id: A6E3A4D5EE23018C
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 69
x-cache-hits: 36372

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 112ms
35ms Script
application/x-javascript 184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gridmidia-fdr/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 09:17:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 02 Mar 2021 09:17:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
364 B 70ms
70ms XHR
text/javascript 13.224.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffdr.com.br%2F&pid=dUDmIaIMwZp4J&cb=0&ws=1600x1200&v=7.59.00&t=3000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22002220734%2Ffdr.com.br%2FFix_Desktop_Mobile%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22002220734%2Ffdr.com.br%2FTop_Desktop_Mobile%22%7D%5D&cfgv=0&pubid=10f6badb-0fd7-4f81-ab20-6a4f16559607&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-34.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://fdr.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Of4VjD1NwLCMo8Iaul9x_QpqI07ev6IgghjamcGdgHoRTfD_5w-c1Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 100ms
34ms XHR
application/javascript 13.224.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-34.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8kbPIzTLk7_TMvnggUSDACBTugDfX2qC
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 20797
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 06:42:57 GMT
server: AmazonS3
date: Mon, 01 Mar 2021 03:30:24 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: bdNuPaOeE7Y5tHtTOG7-sDOoxAY_jkx83Uf3H6Gf-seFrAWoLfEfvg==

GET
H2 200 imposto-de-renda-544x578.png
fdr.com.br/wp-content/uploads/2021/02/ 573 KB
574 KB 16ms
14ms Image
image/png 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdr.com.br/wp-content/uploads/2021/02/imposto-de-renda-544x578.png
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d06a042c2b6de6f8e539ddd8d69642ee0600ec260be5d1afed6fdee35e0d5e

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 66296
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 586675
cf-request-id: 088eacb12e00004e98cb248000000001
last-modified: Wed, 17 Feb 2021 17:49:57 GMT
server: cloudflare
etag: "602d5745-8f3b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BlDoxSsJWyghfOLsZoKsNC3boOBVTZoNz%2F%2FgB83gdntTHvg9fxytMF0xcCkjL%2FlWTU4OsAj3whN1KIjNukJb0TsjO7gshRNhZ%2Bm1q9xRrqIGV%2BXFZDzY"}],"max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62914a2eabe44e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 freestocks-ux53SGpRAHU-unsplash-1-350x280.jpg
fdr.com.br/wp-content/uploads/2020/06/ 6 KB
7 KB 839ms
838ms Image
image/jpeg 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdr.com.br/wp-content/uploads/2020/06/freestocks-ux53SGpRAHU-unsplash-1-350x280.jpg
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b82be8ad3082012ecc2808967e8f55b6cb1293b8091ba8ef6629b37a086d1119

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:01 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6584
cf-request-id: 088eacb12e00004e989ab61000000001
last-modified: Fri, 09 Oct 2020 22:09:22 GMT
server: cloudflare
etag: "5f80df92-19b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JNDKTERxd1nQSGYDjilpAB7jMrr7%2FRTPnfYSzLw%2BEPXXcuLVPriYY2CpjejotECRnQo3t7%2FyTH3L08Nl1RXQfKj7i53cm4kdCbprArlFVIGJilm1YA%2Bt"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62914a2eabe64e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bxblue-nova-prova-de-vida-inss-2020-biometria-facil-selfie-foto-1024x576-1-350x280.png
fdr.com.br/wp-content/uploads/2020/10/ 73 KB
74 KB 13ms
12ms Image
image/png 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdr.com.br/wp-content/uploads/2020/10/bxblue-nova-prova-de-vida-inss-2020-biometria-facil-selfie-foto-1024x576-1-350x280.png
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f904fa5d86464808b32c47cf6f9b92d1ed56363dceecc35176d0a4a45c6ede00

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 155945
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75144
cf-request-id: 088eacb12e00004e98e73f3000000001
last-modified: Fri, 16 Oct 2020 13:00:26 GMT
server: cloudflare
etag: "5f89996a-12588"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b5tIBvAKtLyeeFMCvoYR3EB5XcBzXV8%2BTAfS3QQxVx6xCqV2FBMvTjU7LKDinWa7ZHhu37zYUVooFQcj%2BllWHOqSs1WpHC2CY3fRCHJInzIEKj8LSLsW"}],"max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62914a2eabe74e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 age20200622029-350x280.jpg
fdr.com.br/wp-content/uploads/2021/02/ 23 KB
23 KB 12ms
11ms Image
image/jpeg 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdr.com.br/wp-content/uploads/2021/02/age20200622029-350x280.jpg
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8229759331a3e3367cfdc7478be22c6213aed70d0480fcc489c6b73a81f619c

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 47756
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23145
cf-request-id: 088eacb12e00004e98c3bdd000000001
last-modified: Fri, 26 Feb 2021 18:16:49 GMT
server: cloudflare
etag: "60393b11-5a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nr7q0ipkhag6CUZJx786%2FIVdFLq%2B1E7gBjB3xuuM0twutMPifIWug%2F1lvtcdyeFJ3oBJlPmofsNN2FiB54bwESbx3APSaEx9oAbMRNibeWLcUwi6HBgR"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62914a2eabe84e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 pubads_impl_2021022401.js Show response
securepubads.g.doubleclick.net/gpt/ 288 KB
101 KB 111ms
63ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060298

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ed61e775baaa0c010e0d575e6ffd15948898fd583abb85d8657214e0dbeb311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 09:37:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103521
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:17:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
437 B 81ms
78ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fdr.com.br&callback=_gfp_s_&client=ca-pub-8128061848484930

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8128061848484930&plah=fdr.com.br&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6236fdabc204620bbcbdf5b6fe17b78993dc3e31632d97d1019402601ff3ce23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fdr.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 39ms
19ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fdr.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 84C3 94 KB
31 KB 305ms
292ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=1318465118&adf=2941536569&pi=t.ma~as.8364879836&w=350&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220442&bpp=7&bdt=251&idt=161&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6566390679849&frm=20&pv=2&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1004&ady=896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBQVwzo45C&p=https%3A//fdr.com.br&dtd=179

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

743edd9353ac880a44d4d227b0fe35298b72a81c3926048cc91ff88e1c167e29

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COvUvqThju8CFciEhQodR98NpQ&gqi=DLE8YJ6bKMmt-waIzbaIBA&layout=/sadbundle/%24csp%253Der3%24/1555125210304583361/300x250/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=1318465118&adf=2941536569&pi=t.ma~as.8364879836&w=350&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220442&bpp=7&bdt=251&idt=161&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6566390679849&frm=20&pv=2&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1004&ady=896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBQVwzo45C&p=https%3A//fdr.com.br&dtd=179
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fdr.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fdr.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COvUvqThju8CFciEhQodR98NpQ&gqi=DLE8YJ6bKMmt-waIzbaIBA&layout=/sadbundle/%24csp%253Der3%24/1555125210304583361/300x250/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 01 Mar 2021 09:17:00 GMT
server: cafe
content-length: 31127
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 01-Mar-2021 09:32:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Mar 2021 09:17:00 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:17:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D962 399 B
330 B 263ms
262ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=2411550972&adf=3131156430&pi=t.ma~as.8364879836&w=1200&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220502&bpp=5&bdt=311&idt=134&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6566390679849&frm=20&pv=1&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=crGm43MTbk&p=https%3A//fdr.com.br&dtd=139

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb2bc3e91346f2dcecba9397d294116c917b40485694a1d6dda4b5ae3e07337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=2411550972&adf=3131156430&pi=t.ma~as.8364879836&w=1200&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220502&bpp=5&bdt=311&idt=134&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6566390679849&frm=20&pv=1&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=crGm43MTbk&p=https%3A//fdr.com.br&dtd=139
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fdr.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fdr.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 01 Mar 2021 09:17:00 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 01-Mar-2021 09:32:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Mar 2021 09:17:00 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 30AD 0
549 B 15ms
15ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&adk=1812271804&adf=3025194257&lmt=1614590220&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffdr.com.br%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614590220547&bpp=2&bdt=357&idt=102&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C1200x280&nras=1&correlator=6566390679849&frm=20&pv=1&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=109

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8128061848484930&output=html&adk=1812271804&adf=3025194257&lmt=1614590220&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffdr.com.br%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614590220547&bpp=2&bdt=357&idt=102&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C1200x280&nras=1&correlator=6566390679849&frm=20&pv=1&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=109
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fdr.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fdr.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 01 Mar 2021 09:17:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 01-Mar-2021 09:32:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Mar 2021 09:17:00 GMT
cache-control: private

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/4fe52f49/ Frame 58D7 340 KB
51 KB 37ms
23ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3343a4e8f05ab408911f4ea5f601801208a10a7d01f3a40a65bf4c6ec3900f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 318602
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52149
x-xss-protection: 0
expires: Fri, 25 Feb 2022 16:46:58 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/ Frame 58D7 157 KB
57 KB 43ms
30ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b15819c89eec43f6a9f25d77a37dc02960dad46caa0dabe10699df1fccf45101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 22:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 37287
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58416
x-xss-protection: 0
expires: Mon, 28 Feb 2022 22:55:33 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame 58D7 2 MB
502 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0080cb454fdee548ddf7fe5a570ec35de96ae2b2b1d5af2e178c0a717a35c423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 516
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 513497
x-xss-protection: 0
expires: Tue, 01 Mar 2022 09:08:24 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/ Frame 58D7 8 KB
3 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 04:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 16120
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Tue, 01 Mar 2022 04:48:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 58D7 10 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 276682
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 26 Feb 2022 04:25:38 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1614590220736&ns_c=UTF-8&cv=3.5&c8=FDR%20%C2%BB%20Finan%C3%A7as%2C%20Direitos%20e%20Renda%20%7C%20%C3%9Altimas%20Not%C3%ADcias&c7=http...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1614590220736&ns_c=UTF-8&cv=3.5&c8=FDR%20%C2%BB%20Finan%C3%A7as%2C%20Direitos%20e%20Renda%20%7C%20%C3%9Altimas%20Not%C3%ADcias&c7=htt...

0
528 B

40ms
40ms

Image
text/plain

184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1614590220736&ns_c=UTF-8&cv=3.5&c8=FDR%20%C2%BB%20Finan%C3%A7as%2C%20Direitos%20e%20Renda%20%7C%20%C3%9Altimas%20Not%C3%ADcias&c7=https%3A%2F%2Ffdr.com.br%2F&c9=&cs_ak_ss=1
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 09:17:00 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1614590220736&ns_c=UTF-8&cv=3.5&c8=FDR%20%C2%BB%20Finan%C3%A7as%2C%20Direitos%20e%20Renda%20%7C%20%C3%9Altimas%20Not%C3%ADcias&c7=https%3A%2F%2Ffdr.com.br%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 01 Mar 2021 09:17:00 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 58D7 113 B
536 B 39ms
39ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d502d3825481ed654c7dc593edd3ddfe3303516bc816c555bc84ae0f4d8321c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 58D7 29 B
407 B 26ms
6ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:11:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 303
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:26:57 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame 58D7 96 KB
32 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64620c4b38f39b52be7567a111c31cb9a516e243c6b689564e73103c69d3c2b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 05:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 13537
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32547
x-xss-protection: 0
expires: Tue, 01 Mar 2022 05:31:23 GMT

GET
H2 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
www.google.com/js/bg/ Frame 58D7 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 17:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 56829
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Mon, 28 Feb 2022 17:29:51 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame 58D7 29 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d619e1addf6b5ae77461e2ca5337064f47894441b8df71be6ad8fd5288a1aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 15:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 149497
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9681
x-xss-protection: 0
expires: Sun, 27 Feb 2022 15:45:23 GMT

GET
DATA 200
OK truncated
/ Frame 58D7 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnik1qcTakw_nSza8-DBVT0VbR1PfHPFOhfOIADe=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 58D7 4 KB
4 KB 40ms
20ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnik1qcTakw_nSza8-DBVT0VbR1PfHPFOhfOIADe=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0b179a62f51ef109779d74a0d336c50a1b97248a05841641a6637f22402adf70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3967
x-xss-protection: 0
server: fife
etag: "v38"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 27 Feb 2021 01:00:48 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/23EUqOMzaJw/ Frame 58D7 106 KB
106 KB 41ms
20ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/23EUqOMzaJw/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54a013a44aaa114936503381945215adecc01cb77ab8a4fcc727fa6a49945f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:00 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1610982164"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108480
x-xss-protection: 0
expires: Mon, 01 Mar 2021 11:17:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=fdr.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 09:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 43ms
29ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fdr.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060298

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 09:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 447 B
321 B 596ms
595ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3673388921457898&correlator=4226168900636041&output=ldjh&impl=fif&eid=31060111%2C31060298&vrg=2021022401&ptt=17&sc=1&sfv=1-0-37&ecs=20210301&iu_parts=22002220734%2Cfdr.com.br%2CFix_Desktop_Mobile&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90&prev_scp=reqOrd%3D1%26reloadable%3Dyes%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=fdr_id%3D0&cookie=ID%3Da43a80f8b470e85b-228b0305a3ba00df%3AT%3D1614590220%3ART%3D1614590220%3AS%3DALNI_MbFhDEYREptz70zSA8VcGbRGi97qg&bc=31&abxe=1&lmt=1614590221&dt=1614590221018&dlt=1614590220191&idt=795&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1110&adks=509187125&ucis=1&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffdr.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060298

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8c3e9b8bc19ae4a76c853e8633a338bad06d154a423bc505d6ba0a2b935af62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 239
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fdr.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 91ms
38ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060298
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 27ms
6ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060298
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
16 KB 382ms
381ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3673388921457898&correlator=4226168900636041&output=ldjh&impl=fif&eid=31060111%2C31060298&vrg=2021022401&ptt=17&sc=1&sfv=1-0-37&ecs=20210301&iu_parts=22002220734%2Cfdr.com.br%2CTop_Desktop_Mobile&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=reqOrd%3D1%26reloadable%3Dyes%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=fdr_id%3D0&cookie=ID%3Da43a80f8b470e85b-228b0305a3ba00df%3AT%3D1614590220%3ART%3D1614590220%3AS%3DALNI_MbFhDEYREptz70zSA8VcGbRGi97qg&bc=31&abxe=1&lmt=1614590221&dt=1614590221023&dlt=1614590220191&idt=795&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=138&adks=135373423&ucis=2&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffdr.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250&msz=1600x250&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060298

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39f4c021a8d31e656c5d99f5f58e632f203f86d3f0431299306b961bcbc2ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16148
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fdr.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 imposto-de-renda-350x280.jpg
fdr.com.br/wp-content/uploads/2020/11/ 20 KB
20 KB 11ms
10ms Image
image/jpeg 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdr.com.br/wp-content/uploads/2020/11/imposto-de-renda-350x280.jpg
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f685937746192008dc0b466f4f56341a7c5c8b6710abe12bf0ff2aeee908651d

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:01 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 41931
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20020
cf-request-id: 088eacb2f100004e98dfb7b000000001
last-modified: Tue, 03 Nov 2020 21:19:07 GMT
server: cloudflare
etag: "5fa1c94b-4e34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BRAs%2BfbzckX%2FbwoEANj1vdETl37axHmrGl0pz0Ob96lrlejRV0MtC3Kbs7I%2BaE0c4cp2i4nIjO9VoIo5PZPBvFN0P8gRExV5HFv13ApqVPL8y2clfNKZ"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62914a3188794e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
52 B 13ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=250831652&t=pageview&_s=1&dl=https%3A%2F%2Ffdr.com.br%2F&ul=en-us&de=UTF-8&dt=FDR%20%C2%BB%20Finan%C3%A7as%2C%20Direitos%20e%20Renda%20%7C%20%C3%9Altimas%20Not%C3%ADcias&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1272508835&gjid=1773384802&cid=1985854165.1614590220&tid=UA-54936151-1&_gid=1769890845.1614590220&_r=1&_slc=1&cd1=noticias&cd2=economia&cd3=fdr&cd4=contenido_digital&cd9=alianza&z=1960622189

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fdr.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 258 KB
23 KB 155ms
40ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-10969-0/CT-411
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/metrics/js/br/contentpar.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: c42e159bdc3efeafbd5f6ff2e7b32a71f8f6c749bafc5e634e296e778a7923bd

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 07:20:59 GMT
content-encoding: gzip
age: 6962
x-guploader-uploadid: ABg5-UxndriGW1TFKVkvj9hVGIXGvFgZg-b1SrmOS1LjGJJ2kMKGjUYU4WHnW101g7ie-AxYSlJR6duBjk36g3-TMG8RqAxaeg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 22911
last-modified: Thu, 18 Feb 2021 14:55:15 GMT
server: nginx/1.8.1
etag: "151a68d42195cdf8c8c02c90663de35c"
vary: Accept-Encoding
x-goog-hash: crc32c=zW/K8A==, md5=FRpo1CGVzfjIwCyQZj3jXA==
x-goog-generation: 1613660115125843
via: 1.1 google
cache-control: max-age=7200,public
x-goog-stored-content-length: 22911
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 01 Mar 2021 09:20:59 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 58D7 4 KB
2 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:17:01 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
528 B 37ms
37ms Image
text/plain 184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3000033&ns__t=1614590221075&ns_c=UTF-8&cv=3.5&c8=FDR%20%C2%BB%20Finan%C3%A7as%2C%20Direitos%20e%20Renda%20%7C%20%C3%9Altimas%20Not%C3%ADcias&c7=https%3A%2F%2Ffdr.com.br%2F&c9=
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 09:17:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 58D7 0
38 B 6ms
6ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?UVd3xg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/23EUqOMzaJw?feature=oembed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:01 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
420 B 41ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-54936151-1&cid=1985854165.1614590220&jid=1272508835&gjid=1773384802&_gid=1769890845.1614590220&_u=aEDAAUABAAAAAC~&z=1719881097

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 01 Mar 2021 09:17:01 GMT
content-type: text/plain
access-control-allow-origin: https://fdr.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/ Frame 4B11 2 KB
2 KB 36ms
22ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/index.html

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c167c4600200d759e4f52894544743237dbdbaf5c21e7b9d6a700a7486c6bb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/1555125210304583361/300x250/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=1318465118&adf=2941536569&pi=t.ma~as.8364879836&w=350&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220442&bpp=7&bdt=251&idt=161&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6566390679849&frm=20&pv=2&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1004&ady=896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBQVwzo45C&p=https%3A//fdr.com.br&dtd=179
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=1318465118&adf=2941536569&pi=t.ma~as.8364879836&w=350&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220442&bpp=7&bdt=251&idt=161&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6566390679849&frm=20&pv=2&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1004&ady=896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBQVwzo45C&p=https%3A//fdr.com.br&dtd=179

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 870
date: Fri, 26 Feb 2021 08:02:40 GMT
expires: Sat, 26 Feb 2022 08:02:40 GMT
last-modified: Thu, 18 Feb 2021 08:51:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 263661
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

B25368779.296294406;dc_pre=CLuk5aThju8CFRWYdwodC44Bzg;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3146734388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 5D86
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3146734388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=CLuk5aThju8CFRWYdwodC44Bzg;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3146734388;dc_lat=;dc_rdid=;tag...

42 B
515 B

106ms
65ms

Fetch
image/gif

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=CLuk5aThju8CFRWYdwodC44Bzg;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3146734388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=1318465118&adf=2941536569&pi=t.ma~as.8364879836&w=350&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220442&bpp=7&bdt=251&idt=161&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6566390679849&frm=20&pv=2&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1004&ady=896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBQVwzo45C&p=https%3A//fdr.com.br&dtd=179
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=CLuk5aThju8CFRWYdwodC44Bzg;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3146734388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5D86 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEnELDLE8YOueKciJlgTHvreoCrmzuMFh9-m2xOYN3NkeEAEgzY_dZWCVAqAB9Li_xQPIAQmoAwHIA0iqBMQBT9BkWJ41yq5yC4LrBak_WfV1_1cBVZQq2iaPH4MAPxIdIe3yDTB1ZBapwYCQHUrsdhicOywI8xbcS696RMUCwfGkWlVyrE1B2FMTJ0R1COaAhwM7zi6kfRbog5MZMCWa5EaDIr8heDAUFdpvNUX9kDqMQXGO7Gfi5zUkEazmaWU7f2EG_TIq0tbdpco_yr-Bh3VW2g1JONzMYb-NDGFyHyHfBVggCkNenqRshQtWZq7bCVpHwmqil8t2uwTBSCx4_JsDDMAE37GGs7QDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-yhqKYBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEMSrBNIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi04MTI4MDYxODQ4NDg0OTMw&sigh=z69t7ZWB8TE&template_id=419&tpd=AGWhJmvbODIk2byWwFM-LWG09POiz7A3F61NMVrBl4Mjsddsnw

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=1318465118&adf=2941536569&pi=t.ma~as.8364879836&w=350&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220442&bpp=7&bdt=251&idt=161&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6566390679849&frm=20&pv=2&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1004&ady=896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBQVwzo45C&p=https%3A//fdr.com.br&dtd=179
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 01 Mar 2021 09:17:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 5D86 18 KB
7 KB 33ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=1318465118&adf=2941536569&pi=t.ma~as.8364879836&w=350&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220442&bpp=7&bdt=251&idt=161&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6566390679849&frm=20&pv=2&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1004&ady=896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBQVwzo45C&p=https%3A//fdr.com.br&dtd=179

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=1318465118&adf=2941536569&pi=t.ma~as.8364879836&w=350&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220442&bpp=7&bdt=251&idt=161&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6566390679849&frm=20&pv=2&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1004&ady=896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBQVwzo45C&p=https%3A//fdr.com.br&dtd=179
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 09:15:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 5D86 3 KB
2 KB 32ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=1318465118&adf=2941536569&pi=t.ma~as.8364879836&w=350&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220442&bpp=7&bdt=251&idt=161&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6566390679849&frm=20&pv=2&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1004&ady=896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBQVwzo45C&p=https%3A//fdr.com.br&dtd=179
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 09:16:11 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D86 107 KB
33 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=1318465118&adf=2941536569&pi=t.ma~as.8364879836&w=350&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220442&bpp=7&bdt=251&idt=161&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6566390679849&frm=20&pv=2&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1004&ady=896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBQVwzo45C&p=https%3A//fdr.com.br&dtd=179
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:17:01 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 5D86 14 KB
6 KB 31ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=1318465118&adf=2941536569&pi=t.ma~as.8364879836&w=350&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220442&bpp=7&bdt=251&idt=161&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6566390679849&frm=20&pv=2&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1004&ady=896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBQVwzo45C&p=https%3A//fdr.com.br&dtd=179
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:16:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 09:16:30 GMT

GET
H2 200 chave-da-casa-propria-imovel-financiamento-imobiliario-1581355536750_v2_1920x1280-350x280.jpg
fdr.com.br/wp-content/uploads/2020/12/ 16 KB
16 KB 15ms
15ms Image
image/jpeg 2606:4700:3030::6815:55ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdr.com.br/wp-content/uploads/2020/12/chave-da-casa-propria-imovel-financiamento-imobiliario-1581355536750_v2_1920x1280-350x280.jpg
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:55ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a259db08b78a087d1a3131445ec07cf996f30732e76b6c6b457f26031707001

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:01 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 56827
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16411
cf-request-id: 088eacb39e00004e98c3803000000001
last-modified: Mon, 21 Dec 2020 14:05:18 GMT
server: cloudflare
etag: "5fe0ab9e-401b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EFSdD1hKIdzQMYTfB6OzWWH7WCjV1F3hTOS41apb3En1W%2BJo2c%2FcN1YzKSXVNDgcjM%2BYzMcpYUkJexnmlKuU2SS3CXApu827j7zHYPeette3yK30Sr3W"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62914a329a5b4e98-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
112 B 19ms
18ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-54936151-1&cid=1985854165.1614590220&jid=1272508835&_u=aEDAAUABAAAAAC~&z=253863168

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-54936151-1&cid=1985854165.1614590220&jid=1272508835&_u=aEDAAUABAAAAAC~&z=253863168

Requested by

Host: fdr.com.br
URL: https://fdr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdr.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 744D 143 B
216 B 7ms
7ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=1318465118&adf=2941536569&pi=t.ma~as.8364879836&w=350&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220442&bpp=7&bdt=251&idt=161&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6566390679849&frm=20&pv=2&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1004&ady=896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBQVwzo45C&p=https%3A//fdr.com.br&dtd=179
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlw8pWmxfFvAe5okaBv9VseL1WGgGxl0XlDcs9j3ONEpWr6iRB7eYovrBMX; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128061848484930&output=html&h=280&slotname=8364879836&adk=1318465118&adf=2941536569&pi=t.ma~as.8364879836&w=350&fwrn=4&fwrnh=100&lmt=1614590220&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Ffdr.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614590220442&bpp=7&bdt=251&idt=161&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6566390679849&frm=20&pv=2&ga_vid=1985854165.1614590220&ga_sid=1614590221&ga_hid=250831652&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1004&ady=896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066923%2C21068946&oid=3&pvsid=3673388921457898&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBQVwzo45C&p=https%3A//fdr.com.br&dtd=179

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 01 Mar 2021 08:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2137
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4B11 9 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 02 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4B11 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 01 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/ Frame 4B11 140 KB
39 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d09da0c3245664a4a6b03f0e4d6b132db88ce994750d8324640403f93814d6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 263661
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40127
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 08:51:14 GMT
server: sffe
date: Fri, 26 Feb 2021 08:02:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 08:02:40 GMT

GET
DATA 200
OK truncated
/ Frame 5D86 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 503549a6b5a7ffefa72b58810c2c27625d380b28819465d2eb8defdd2d1d7b8d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/ Frame 4B11 169 KB
19 KB 34ms
21ms XHR
application/json 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1555125210304583361/300x250/lottie_light.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5df49066d0931eba03084d6afedc6437ec64795eac643b5900027e946f28e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 263640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18117
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 08:51:14 GMT
server: sffe
date: Fri, 26 Feb 2021 08:03:01 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 08:03:01 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 744D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
133 B

39ms
39ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlw8pWmxfFvAe5okaBv9VseL1WGgGxl0XlDcs9j3ONEpWr6iRB7eYovrBMX; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 01 Mar 2021 09:17:01 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 01-Mar-2021 10:17:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Mar 2021 09:17:01 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 01 Mar 2021 09:17:01 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B11 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 3572
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Tue, 01 Mar 2022 08:17:29 GMT

GET
H3-Q050 200 container.html Show response
db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 5F09 6 KB
3 KB 34ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060298

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fdr.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fdr.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 01 Mar 2021 09:17:01 GMT
expires: Tue, 01 Mar 2022 09:17:01 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 5F09 2 KB
634 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
URL: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02cd60655fcce9585457a7cd041767aba7c4aeef590805801be7090b5fe3fd5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 08:37:51 GMT
server: ESF
date: Mon, 01 Mar 2021 09:17:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 09:17:01 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 5F09 2 KB
1015 B 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
URL: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 09:15:04 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5F09 0
0 76ms
75ms Fetch
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cxh1fDbE8YLueBZKv3wPgvbWYCIP78s5hicX73bgLioSYw4YaEAEgqb_kfGDRgbmC0AegAYCC09QCyAEJqQJ3e6T20dB_PuACAKgDAcgDmwSqBOgBT9DgcaYixUwUNanT2F5_OehpRvevv4ELpQycpg-pyDSEQEC7s1MOWHf-vwj4ueiB8R8mWymaVEdGagbgeS2iGIqFUJ6rbTC8jfg4NjMZxLmEygAfztGfqChiz0LtpdOSL0jt-5zCeqIhXAKBN-Zd658z0NJfPxz8XnkgvyR_kNPtuzp7Bpn2LMVjT7x9NCNB3FCERivY4wIG9Un_D6CSDgoYd-XuOK1gdu_veXcefyDN6WUEVcVJD8unFOew6-4IprnLQIvKioYx8eGv5FXGfT2C_4u36HJexJf0GdsU6tT3H4dhDg75CsAEo6jT2IkD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-j9rKsBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCxlwjSCAkIgOGAEBABGB2ACgPICwHYEw6yFxoKGAgAEhRwdWItODA1NTQxMjAwMzg2MjY1Mw&sigh=0h25iucfqAk&template_id=494&tpd=AGWhJmv8EuXRfMUdtcXcuKdDvluy82tQKcpQWgboIneVkCA0Ew
Requested by: Host: fdr.com.br
URL: https://fdr.com.br/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 5F09 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Host: db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
URL: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 09:15:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 5F09 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Host: db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
URL: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 09:16:11 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F09 107 KB
33 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
URL: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:17:01 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 5F09 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
URL: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 09:16:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 09:16:30 GMT

GET
H3-Q050 200 5d4b6918ba53c75bacf90c3e9a55021e.js Show response
www.gstatic.com/mysidia/ Frame 5F09 25 KB
11 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d4b6918ba53c75bacf90c3e9a55021e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
URL: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 01:31:13 GMT
server: sffe
age: 84440
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10833
x-xss-protection: 0
expires: Sat, 29 May 2021 09:49:41 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 5F09 18 KB
19 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRMPGhIppVNWPnl4AIQP-6UevR2N5t8A7LiuuPPHeZB4vueMr0licmXUaQneQ&usqp=CAI

Requested by

Host: db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
URL: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afe8ccad8f1bc99785dc857c709cc75d20381d9c5d2bfb623a46c2e2658e701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:36:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 19:04:17 GMT
server: sffe
age: 182420
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18885
x-xss-protection: 0
expires: Sun, 27 Feb 2022 06:36:41 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 5F09 14 KB
14 KB 33ms
12ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRhlC8d9B78BoRRSBZS1OtOpz2x-VAK68KxXzgPEhjN7X4AETrVangfffg1TA&usqp=CAI

Requested by

Host: db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
URL: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f49a3f8f4055f817a651ee0d22094e6a31151c3549af949ced4f4e1c9cc13ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 22:20:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Aug 2020 11:20:06 GMT
server: sffe
age: 384966
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13989
x-xss-protection: 0
expires: Thu, 24 Feb 2022 22:20:55 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 844C 1 KB
858 B 6ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
URL: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 01 Mar 2021 03:14:09 GMT
expires: Tue, 02 Mar 2021 03:14:09 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 21772
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5F09 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ad6ea46223133eb4dd290ef791bb61682dbb29f94b2532b3024ceb46af16959

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oT3ZQZQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 5F09 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oT3ZQZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2deb82c585f891ba79a0cc6e27caf804cd5308c9fc91f5487549d64f3bb84b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 09:31:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:36 GMT
server: sffe
age: 258316
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14516
x-xss-protection: 0
expires: Sat, 26 Feb 2022 09:31:45 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 844C 0
104 B 93ms
64ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMN299ceU0_YHxYeDPrfe3c&google_cver=1&google_push=AQvitUJCLxOPcEgfgc1--rODWcK1TqYQs3fcaIz1CTjhz6X6dOrjH-wa4EvbNzqXnYQdt9SO0gIWUa1l0k3-7rX7rR1h_lt_hJc
Requested by: Host: db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
URL: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 844C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEZEK4PCOkTLBt5Ua94dCOo&google_cver=1&google_push=AQvitUJHCwA1NUlol93YAyEMMHyoRiONwxOP13jKSNuPY1szXMDGHNhOu0ZicYlHuI8F0ejMZuzAfoImG7_RzZ8mxSKtTt2xapE
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=591BC7B1E89E4FD18851323C1A91CE20&google_push=AQvitUJHCwA1NUlol93YAyEMMHyoRiONwxOP13jKSNuPY1szXMDGHNhOu0ZicYlHuI8F0ejMZuzAfoImG7_RzZ8...

170 B
232 B

42ms
42ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=591BC7B1E89E4FD18851323C1A91CE20&google_push=AQvitUJHCwA1NUlol93YAyEMMHyoRiONwxOP13jKSNuPY1szXMDGHNhOu0ZicYlHuI8F0ejMZuzAfoImG7_RzZ8mxSKtTt2xapE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 01 Mar 2021 09:17:01 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=591BC7B1E89E4FD18851323C1A91CE20&google_push=AQvitUJHCwA1NUlol93YAyEMMHyoRiONwxOP13jKSNuPY1szXMDGHNhOu0ZicYlHuI8F0ejMZuzAfoImG7_RzZ8mxSKtTt2xapE
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 28 Feb 2021 09:17:01 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 844C
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAj1V8q_zG-RFJA4X2i4p1s&google_cver=1&google_push=AQvitULfgaBuScujBg8_Yxdyam_rcYLwcsZCchb7xu5NjL42UF9mMhfxqDEmMEA50o-FVBOEKheoeVW6TV6rzfZh...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wujlVP1dSPqvi5eCIAEbrQ2&google_push=AQvitULfgaBuScujBg8_Yxdyam_rcYLwcsZCchb7xu5NjL42UF9mMhfxqDEmMEA50o-FVBOEKheoeVW6TV6rzfZhfiHg5JHwSkw

170 B
232 B

42ms
42ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wujlVP1dSPqvi5eCIAEbrQ2&google_push=AQvitULfgaBuScujBg8_Yxdyam_rcYLwcsZCchb7xu5NjL42UF9mMhfxqDEmMEA50o-FVBOEKheoeVW6TV6rzfZhfiHg5JHwSkw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 01 Mar 2021 09:17:01 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wujlVP1dSPqvi5eCIAEbrQ2&google_push=AQvitULfgaBuScujBg8_Yxdyam_rcYLwcsZCchb7xu5NjL42UF9mMhfxqDEmMEA50o-FVBOEKheoeVW6TV6rzfZhfiHg5JHwSkw
x-host: tde-deliveryengine-production-85f9bdccff-c6b2g
alt-svc: clear
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 844C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHyBpoak28WSRojmewFhcTg&google_cver=1&google_push=AQvitUJjjScXBrISwqZPUnfiMMhOxxXyFCaMTxT_O_HqeyGGAJVyYALL5W2gSDiUVCC1mHznjBtLxvYZ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHyBpoak28WSRojmewFhcTg&google_cver=1&google_push=AQvitUJjjScXBrISwqZPUnfiMMhOxxXyFCaMTxT_O_HqeyGGAJVyYALL5W2gSDiUVCC1mHznjBt...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU2MDQ0NzQxNzgwMzM4MzI2Ng&google_push=AQvitUJjjScXBrISwqZPUnfiMMhOxxXyFCaMTxT_O_HqeyGGAJVyYALL5W2gSDiUVCC1mHznjBtLxv...

170 B
329 B

42ms
42ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU2MDQ0NzQxNzgwMzM4MzI2Ng&google_push=AQvitUJjjScXBrISwqZPUnfiMMhOxxXyFCaMTxT_O_HqeyGGAJVyYALL5W2gSDiUVCC1mHznjBtLxvYZUnVhflT25KRPXWdm2ek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:01 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU2MDQ0NzQxNzgwMzM4MzI2Ng&google_push=AQvitUJjjScXBrISwqZPUnfiMMhOxxXyFCaMTxT_O_HqeyGGAJVyYALL5W2gSDiUVCC1mHznjBtLxvYZUnVhflT25KRPXWdm2ek
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 844C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENycNk9jhBWZCPt506X_WMw&google_cver=1&google_push=AQvitUL0ilwinF_U-Cfj-zNbimK2po_Vn8PP8INTW5_vkAJHJjUh0eMGkw3zGXtuAxYc5uVywWd...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xRREJXQ1YtMTEtRTRTSA==&google_push=AQvitUL0ilwinF_U-Cfj-zNbimK2po_Vn8PP8INTW5_vkAJHJjUh0eMGkw3zGXtuAxYc5uVywWd10ilZ3eFjHl3r3JRHq0HtUw

170 B
190 B

98ms
57ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xRREJXQ1YtMTEtRTRTSA==&google_push=AQvitUL0ilwinF_U-Cfj-zNbimK2po_Vn8PP8INTW5_vkAJHJjUh0eMGkw3zGXtuAxYc5uVywWd10ilZ3eFjHl3r3JRHq0HtUw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xRREJXQ1YtMTEtRTRTSA==&google_push=AQvitUL0ilwinF_U-Cfj-zNbimK2po_Vn8PP8INTW5_vkAJHJjUh0eMGkw3zGXtuAxYc5uVywWd10ilZ3eFjHl3r3JRHq0HtUw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 844C
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFRYnu2l9b67DcBXsmZrGxw&google_cver=1&google_push=AQvitULi4NSWY_1BenCyfPT_CJSno8JEJ3G_d105VuL0afzAzg-HP5f8_B-8v_fTbzB91e9ANd7zj18f2yh9heB1c...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFRYnu2l9b67DcBXsmZrGxw&google_cver=1&google_push=AQvitULi4NSWY_1BenCyfPT_CJSno8JEJ3G_d105VuL0afzAzg-HP5f8_B-8v_fTbzB91e9ANd7zj18f2yh9heB1c...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULi4NSWY_1BenCyfPT_CJSno8JEJ3G_d105VuL0afzAzg-HP5f8_B-8v_fTbzB91e9ANd7zj18f2yh9heB1cEnHkre4uUw&google_hm=5724d97e64633c36e97d7926

170 B
484 B

83ms
56ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULi4NSWY_1BenCyfPT_CJSno8JEJ3G_d105VuL0afzAzg-HP5f8_B-8v_fTbzB91e9ANd7zj18f2yh9heB1cEnHkre4uUw&google_hm=5724d97e64633c36e97d7926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 01 Mar 2021 09:17:01 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULi4NSWY_1BenCyfPT_CJSno8JEJ3G_d105VuL0afzAzg-HP5f8_B-8v_fTbzB91e9ANd7zj18f2yh9heB1cEnHkre4uUw&google_hm=5724d97e64633c36e97d7926
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 844C
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAbyderfNepav9Oc_XEuu-s&google_cver=1&google_push=AQvitUJNJYXNwaem2qukoYZrkKJAP1Wm3f7eMZKPG4akyGXU-Px13UpcT0sTLiJbwpF94vCfiDeKO3...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJNJYXNwaem2qukoYZrkKJAP1Wm3f7eMZKPG4akyGXU-Px13UpcT0sTLiJbwpF94vCfiDeKO3GeCzaq1LzZOHomEgWFdow&google_hm=OTY0Nzc4NTU...

170 B
190 B

85ms
56ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJNJYXNwaem2qukoYZrkKJAP1Wm3f7eMZKPG4akyGXU-Px13UpcT0sTLiJbwpF94vCfiDeKO3GeCzaq1LzZOHomEgWFdow&google_hm=OTY0Nzc4NTUxMTAxOTM1MDU5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 09:17:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJNJYXNwaem2qukoYZrkKJAP1Wm3f7eMZKPG4akyGXU-Px13UpcT0sTLiJbwpF94vCfiDeKO3GeCzaq1LzZOHomEgWFdow&google_hm=OTY0Nzc4NTUxMTAxOTM1MDU5
date: Mon, 01 Mar 2021 09:17:01 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 844C 0
227 B 122ms
41ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JhZ57lPPLtDpLJiJQVRIuOLRKv9C351V6tW8DzqLTg43qJcwYmjprrxOlmwPkug_WQWlbF

Requested by

Host: db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com
URL: https://db6d334dc1e1793d40313dc5815c0497.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS