dicastop.blog.br Open in urlscan Pro
104.21.80.94  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://dicastop.blog.br/ HTTP 301
   https://dicastop.blog.br/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

• https://pixel.onaudience.com/?partner=137085098&mapped=4C30163552686818DA744AE6D229037C HTTP 302
• https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
• https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=5a707b4f5a843c2c HTTP 302
• https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=5a707b4f5a843c2c HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlZpQU5mck5rRE9KcGJnMjMxTHo3VG0zc19jOEg5YzNtSjVXOW9TYlBQd00&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
• https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEDiWaghJCY9vfYd6cvm39OM&google_cver=1 HTTP 302
• https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
• https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2777770084308048165&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
• https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
• https://ps.eyeota.net/match?bid=7vi0rg0&uid=8eef617c-28d4-4e00-a6aa-9dddd54bfdbf&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
• https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90&_test=YXwo1QAAlooAxABG HTTP 302
• https://ps.eyeota.net/match?uid=YXwo1QAAlooAxABG&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90&_test=YXwo1QAAlooAxABG HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
• https://ps.eyeota.net/match?uid=106a4c32-0a07-4ec9-a1eb-37e2c41e2b2d&bid=1e2n4ou

Request Chain 109

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKMc_ISlWnoOK8Cto1-EmOMJFl1DjrVCxzcAHH_dayeg5OLV0Dt20wZDfsBkNgiTPxBBMA4m8YXZVnOW0s5VrtnaU1evpAr&google_gid=CAESEPhH-5Tk2EdgIjul8Bqlqu8&google_cver=1 HTTP 302
• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKMc_ISlWnoOK8Cto1-EmOMJFl1DjrVCxzcAHH_dayeg5OLV0Dt20wZDfsBkNgiTPxBBMA4m8YXZVnOW0s5VrtnaU1evpAr&google_gid=CAESEPhH-5Tk2EdgIjul8Bqlqu8&google_cver=1&rd=Y HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMjkxNzAxMDkwMDAxMzQzNzk3Nzk2Mg%3D%3D&google_push=AYg5qPKMc_ISlWnoOK8Cto1-EmOMJFl1DjrVCxzcAHH_dayeg5OLV0Dt20wZDfsBkNgiTPxBBMA4m8YXZVnOW0s5VrtnaU1evpAr

Request Chain 131

• https://rtb.openx.net/sync/dds?google_gid=CAESEEezEG8K41gRs-y3rj2UY8U&google_cver=1&google_push=AYg5qPIKWkpeyE073M6Fk3ToimgpoKW_gd-8bZqKLjInvWZTYb7-p6EnqdXmFDOFlGkQGrL9ZlFXp0bguwLGmGZy6utuoR9Iq8h0 HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEEezEG8K41gRs-y3rj2UY8U&google_cver=1&google_push=AYg5qPIKWkpeyE073M6Fk3ToimgpoKW_gd-8bZqKLjInvWZTYb7-p6EnqdXmFDOFlGkQGrL9ZlFXp0bguwLGmGZy6utuoR9Iq8h0&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIKWkpeyE073M6Fk3ToimgpoKW_gd-8bZqKLjInvWZTYb7-p6EnqdXmFDOFlGkQGrL9ZlFXp0bguwLGmGZy6utuoR9Iq8h0&google_hm=UI2h22kYyH4S_63uzw0GRQ==

Request Chain 132

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGMLLvfArntf7VPr984luRU&google_cver=1&google_push=AYg5qPLvfzAXm8fGIAhqAM84rRQay5RcYj7AqaSzT4LH5-76BBvQlK91I38E0nS4dynK8Y38ikHqeEoOMRdHt3Aca7rZWES5Yykl HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGMLLvfArntf7VPr984luRU&google_cver=1&google_push=AYg5qPLvfzAXm8fGIAhqAM84rRQay5RcYj7AqaSzT4LH5-76BBvQlK91I38E0nS4dynK8Y38ikHqeEoOMRdHt3Aca7rZWES5Yykl&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aP5DktUxQ5atbMXCe0yHhw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLvfzAXm8fGIAhqAM84rRQay5RcYj7AqaSzT4LH5-76BBvQlK91I38E0nS4dynK8Y38ikHqeEoOMRdHt3Aca7rZWES5Yykl

Request Chain 133

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAsIIroba4w4CYUVDPzI7s4&google_cver=1&google_push=AYg5qPJxKAguEoOXPTUOZbcGsBZxK10G-ulMEsIKPX5QwaPWhtH4dOSaaegHM0ZG9XnUtBlzyKwydDL5S54XEs6oZXoykVU_Wm4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZDTUdYNlUtMjctRjlFRA==&google_push=AYg5qPJxKAguEoOXPTUOZbcGsBZxK10G-ulMEsIKPX5QwaPWhtH4dOSaaegHM0ZG9XnUtBlzyKwydDL5S54XEs6oZXoykVU_Wm4

Request Chain 134

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i

Request Chain 135

• https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO7O6gXXFHguXMX3NwE5TSo&google_cver=1&google_push=AYg5qPLpbA5QhUidktjMlhtCmFQLzikrlOuWBGJiq57Mlo5QrEnc1h065W20z69RtsU8Tdi6Tv42XFPIz3y5LX7JqUPkDquTDmnEnw HTTP 301
• https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLpbA5QhUidktjMlhtCmFQLzikrlOuWBGJiq57Mlo5QrEnc1h065W20z69RtsU8Tdi6Tv42XFPIz3y5LX7JqUPkDquTDmnEnw&google_hm=

Request Chain 159

• https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=2ab9403ace4548975727f3be5d5c55ee&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=2ab9403ace4548975727f3be5d5c55ee&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=b86a0def-f7b4-4f61-b4f8-307adf91c958

Request Chain 160

• https://loadm.exelator.com/load/?p=204&g=260&buid=2ab9403ace4548975727f3be5d5c55ee&j=0 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=260&buid=2ab9403ace4548975727f3be5d5c55ee&j=0&xl8blockcheck=1

Request Chain 162

• https://dpm.demdex.net/ibs:dpid=121998&dpuuid=2ab9403ace4548975727f3be5d5c55ee&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=2ab9403ace4548975727f3be5d5c55ee&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
• https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=32002282311819115753082993678249236458

Request Chain 165

• https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=2ab9403ace4548975727f3be5d5c55ee HTTP 302
• https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=2ab9403ace4548975727f3be5d5c55ee

Request Chain 167

• https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
• https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
• https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=1920e833-38a0-4dbb-9f45-6284985b6f6d?gdpr=1&gdpr_consent=

Request Chain 168

• https://ps.eyeota.net/match?bid=51mdg9u&uid=2ab9403ace4548975727f3be5d5c55ee HTTP 302
• https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D1%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526dc_rc%253D1%2526dc_mr%253D5%2526dc_orig%253D51mdg9u%2526 HTTP 302
• https://ps.eyeota.net/match?uid=5239885301804891749&bid=2cr76e1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& HTTP 302
• https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
• https://ps.eyeota.net/match?bid=9sn4omv&uid=agLsDrHo1MGvfE5&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
• https://dpm.demdex.net/ibs:dpid=30064&dpuuid=17cccff7ead-6c9d0000010f5029&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
• https://ps.eyeota.net/match?bid=6j5b2cv&uid=32002282311819115753082993678249236458&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& HTTP 302
• https://ml314.com/utsync.ashx?eid=50052&et=0&fp=25Qtlv07HLPGqcjoReSsGqXvr9C_TVXB70ta1WPxLmdo&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
• https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&dc_rc=4&dc_mr=5&dc_orig=51mdg9u& HTTP 302
• https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
• https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-D7hy0WdE2pVIkOo0yrquI9qNw7TGkjOKAlo-~A

Request Chain 169

• https://dt-secure.videohub.tv/v1/usync/lo HTTP 303
• https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-5407e32f5be32881b2bff2c31a218b5f

Request Chain 170

• https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
• https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=8eef617c-28d4-4e00-a6aa-9dddd54bfdbf

Request Chain 171

• https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
• https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
• https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=bd78b0cc-7658-4172-b6a2-a0cb98dfb91b-617c28d6-5553

Request Chain 172

• https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
• https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=DnGYUi6V1MGvfE5

Request Chain 173

• https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YXwo1QAAlooAxABG

Request Chain 177

• https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/2ab9403ace4548975727f3be5d5c55ee/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
• https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2777770084308048165

Request Chain 178

• https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=681914373%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 302
• https://sync.crwdcntrl.net/map/c=281/rand=681914373/tpid=5239885301804891749/tp=ANXS

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response dicastop.blog.br/ Redirect Chain http://dicastop.blog.br/ https://dicastop.blog.br/	40 KB 10 KB	471ms 431ms	Document text/html	104.21.80.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.80.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d17528bb040db2bf3b70bbf6491aac9d5fd0cc3690ee822eac1cf4b9d40888ec Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding link <https://dicastop.blog.br/wp-json/>; rel="https://api.w.org/", <https://wp.me/bVuS0>; rel=shortlink x-xss-protection 1; mode=block x-frame-options SAMEORIGIN referrer-policy strict-origin-when-cross-origin x-cache HIT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75ALQhb%2Bf9BTTmVLr5fNdSgHedcNA2EZhCmih83BW2xUY2v7gsHgpNf4nJ6ky%2FcfMUu22n9GsszhmiI5%2BROkDy5j4m0dKWyhNBWmbEZxaigSx%2Fm6JLBvF%2FD5%2B4sHrhVj3rve"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a5df6c4fdb1cd83-CDG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers Date Fri, 29 Oct 2021 17:01:06 GMT Transfer-Encoding chunked Connection keep-alive Cache-Control max-age=3600 Expires Fri, 29 Oct 2021 18:01:06 GMT Location https://dicastop.blog.br/ Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jztBUUbV6X%2FZ5Adu12tTozeZtAhD7QPUYRYXlq3IQIeMkXrvoGayolQgqbfn3bbKLj0GjnBb9%2BXGBbneXUqlt%2F0CidIV4EDJL8NQ6hJMd%2BA2ZQoNFWt9xqn3NcxF4rSbBLG"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary Accept-Encoding Server cloudflare CF-RAY 6a5df6c48fbb400d-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	style.min.css c0.wp.com/c/5.8.1/wp-includes/css/dist/block-library/	79 KB 10 KB	22ms 6ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.8.1/wp-includes/css/dist/block-library/style.min.css Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nc HIT hhn 2 date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br last-modified Wed, 01 Sep 2021 04:05:58 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 29 Oct 2022 17:01:07 GMT
GET H2	200	mediaelementplayer-legacy.min.css c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/	11 KB 2 KB	22ms 6ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nc HIT hhn 2 date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br last-modified Tue, 29 Sep 2020 15:53:06 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 29 Oct 2022 17:01:07 GMT
GET H2	200	wp-mediaelement.min.css c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/	4 KB 1 KB	22ms 6ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/wp-mediaelement.min.css Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nc HIT hhn 2 date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br last-modified Fri, 07 Jun 2019 20:45:02 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 29 Oct 2022 17:01:07 GMT
GET H2	200	virp-frontend.css dicastop.blog.br/wp-content/plugins/vi-random-posts-widget/css/	213 B 421 B	439ms 437ms	Stylesheet text/css	104.21.80.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dicastop.blog.br/wp-content/plugins/vi-random-posts-widget/css/virp-frontend.css Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.80.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a39109413936412901dd25403243a6f65ab2c3a4e84e768666369ef0386c64c1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Fri, 18 Jun 2021 19:43:59 GMT server cloudflare etag W/"60ccf77f-d5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvR5rBY3wuOe%2Bu4wzG6pJn8mbDX5ovJpVRPjpqVBaMvRTecCHePx%2FAjBk2mAgG%2FuBcdW7gL27oSWD7Y9VcOkfP%2B4cAy3U5w%2FfDN9LceMd4oiFL28R1fPKnGsiVQWrOkPfjUh"}],"group":"cf-nel","max_age":604800} content-type text/css vary Accept-Encoding cache-control max-age=315360000 cf-ray 6a5df6c7d916cd83-CDG expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	font-awesome.css dicastop.blog.br/wp-content/plugins/vi-random-posts-widget/css/	26 KB 5 KB	423ms 421ms	Stylesheet text/css	104.21.80.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dicastop.blog.br/wp-content/plugins/vi-random-posts-widget/css/font-awesome.css Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.80.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 295074933a25ae5d6646f86705412ae194ca64508e04984857c61ef495c66ec2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Fri, 18 Jun 2021 19:43:59 GMT server cloudflare etag W/"60ccf77f-681b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2%2FmBxMTyUc6mPxHtbgECq7semiiZDW6kHQDH%2FLK6YZQ6Vohv2zaBq9oMvW4YTHI7sCxveN1ul8sQNUb2G%2FTxvx6U4OYSoR3gp4ZnX5nBKBvv3%2F2hQmTGADOQG%2FF%2B4ZfU7dR"}],"group":"cf-nel","max_age":604800} content-type text/css vary Accept-Encoding cache-control max-age=315360000 cf-ray 6a5df6c7d918cd83-CDG expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	style-main-new.min.css dicastop.blog.br/wp-content/themes/neve/	40 KB 9 KB	421ms 419ms	Stylesheet text/css	104.21.80.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dicastop.blog.br/wp-content/themes/neve/style-main-new.min.css?ver=3.0.3 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.80.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d29225c0eb1258126196517201ad90763235815400311be89e00cc40b36f4ac Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Fri, 10 Sep 2021 20:02:30 GMT server cloudflare etag W/"613bb9d6-9f2a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sbl3Oz4xasa5G6HZ4FabG9%2BC7oGWmDHSHq8NIBkllGfdtAR5FZO5tyRKq3owS2tZOq%2B0%2FsfyN4%2FqOXfgoMHBLq8LcZbjR4jx61shabb8g6RmttXKjMOsIUFQ2wEEBvHZLBPO"}],"group":"cf-nel","max_age":604800} content-type text/css vary Accept-Encoding cache-control max-age=315360000 cf-ray 6a5df6c7d919cd83-CDG expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jetpack.css c0.wp.com/p/jetpack/10.1/css/	85 KB 16 KB	25ms 10ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/10.1/css/jetpack.css Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 4c71cab3e2b7defd9022059c922d2c91359df1ba71dd47e8543b108c70537f25 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nc HIT hhn 2 date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br last-modified Tue, 07 Sep 2021 15:38:53 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 29 Oct 2022 17:01:07 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 51 KB	90ms 54ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e584db4e3f9bda7c58c4278e33159d16e1df91ccf71bf7778b80759665740f86 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51580 x-xss-protection 0 server cafe etag 11105086456680704219 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 29 Oct 2021 17:01:07 GMT
GET H3	200	frontend.js Show response dicastop.blog.br/wp-content/themes/neve/assets/js/build/modern/	6 KB 3 KB	31ms 31ms	Script application/javascript	104.21.80.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dicastop.blog.br/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.0.3 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.80.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eef1c99ddcac19dca8e9f0691e9fe02bb7198cdeb90775cd935c0657f217162f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 91202 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Fri, 10 Sep 2021 20:02:30 GMT server cloudflare etag W/"613bb9d6-17f7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yU7134sReha0SXtG3rMscjiCx5QLuUxYm4E8mALgr%2BRYz1nDMwdNOJVhBPa5XwD9lTdOeUjWznssky%2BGLHoHWWCsbH%2F%2BJ%2BlWR50Vic%2BlcHLAF97IvjBPpmMfyjF1Z09WJ7MD"}],"group":"cf-nel","max_age":604800} content-type application/javascript vary Accept-Encoding cache-control max-age=315360000 cf-ray 6a5df6ca9c770843-CDG expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	wp-embed.min.js Show response c0.wp.com/c/5.8.1/wp-includes/js/	1 KB 736 B	25ms 11ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.8.1/wp-includes/js/wp-embed.min.js Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nc HIT hhn 2 date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br last-modified Wed, 06 Jan 2021 15:29:24 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 29 Oct 2022 17:01:07 GMT
GET H2	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	9 KB 3 KB	49ms 17ms	Script application/javascript	104.18.225.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.225.52 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br cf-cache-status HIT server cloudflare age 1323 etag W/"cf0cbe7aadaadd0a12673a93ac7780e1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 6a5df6cacf15fae5-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 01 Nov 2021 17:01:07 GMT
GET H2	200	e-202143.js Show response stats.wp.com/	9 KB 3 KB	21ms 6ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202143.js Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nc HIT hhn date Fri, 29 Oct 2021 17:01:07 GMT content-encoding gzip server nginx etag W/"5c6340e3-350a" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Sun, 16 Oct 2022 21:07:39 GMT
GET H3	200	wp-emoji-release.min.js Show response dicastop.blog.br/wp-includes/js/	18 KB 5 KB	444ms 444ms	Script application/javascript	104.21.80.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dicastop.blog.br/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.80.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Tue, 20 Jul 2021 17:38:41 GMT server cloudflare etag W/"60f70a21-4705" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awzNTCoUvHAQM%2BAVkJ7l5VnWXvaSQcZLz1jTFL6183S3zBNAjXzbzsQJe5Y%2B88p3Gpstm5qeyPvS8F9rYoVw5SS131Y9VRUgSar83%2BOu2Yer4FkBqmT3fdLu32%2F375pEFDHa"}],"group":"cf-nel","max_age":604800} content-type application/javascript vary Accept-Encoding cache-control max-age=315360000 cf-ray 6a5df6ca9c7a0843-CDG expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	agua_floresta.jpg dicastop.blog.br/wp-content/uploads/2021/08/	138 KB 139 KB	537ms 536ms	Image image/jpeg	104.21.80.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dicastop.blog.br/wp-content/uploads/2021/08/agua_floresta.jpg Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.80.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb5b59cb5903a226d938e14dab60670e67bd5e1fb66c58cccd0687aee3d9fa4b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 11 Aug 2021 13:37:54 GMT server cloudflare etag W/"6113d2b2-22852" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyRJy9%2Fb%2BufIWABwnJfDfsAvOnsSXfwu0aJ7eduxsi9d%2FWJTeUbmcHChliOlrmcF%2F7ZB8jCLbK5k7%2B0UMIX5%2Ftybs57Rs79IgrHj5%2F7xEAJdWzEc6XhMRo%2FfAtgpqRSyWftF"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=315360000 cf-ray 6a5df6cabca00843-CDG expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	Trabalhe-Conosco-Ricardo-Eletro-2.png dicastop.blog.br/wp-content/uploads/2021/08/	257 KB 257 KB	556ms 555ms	Image image/png	104.21.80.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dicastop.blog.br/wp-content/uploads/2021/08/Trabalhe-Conosco-Ricardo-Eletro-2.png Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.80.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 189922d817d1b754c812464dd877851ad7dd6b13056b73f7a7b925ad4275160d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Thu, 05 Aug 2021 18:02:21 GMT server cloudflare etag W/"610c27ad-402d6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuBUtHyY9X7it1Fy%2BVDWinT0tkosqkGoWcByh8aVTz8ZnK2KKSwa2hORF7OP%2BCh8I%2FYTi59PQP1lY5jnEFs8N6j%2B4f88IpDEP63Ti8P4eurmLpzHaJe3kaYySiFbtNlA2mku"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=315360000 cf-ray 6a5df6cabca20843-CDG expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	Vagas-de-emprego-Casas-Bahia.png dicastop.blog.br/wp-content/uploads/2021/07/	83 KB 84 KB	542ms 541ms	Image image/png	104.21.80.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dicastop.blog.br/wp-content/uploads/2021/07/Vagas-de-emprego-Casas-Bahia.png Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.80.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ada515e765501ab132eb2dc6557eece35bf59de52f4ed2c9044b3e3ba4363a15 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Fri, 30 Jul 2021 12:59:11 GMT server cloudflare etag W/"6103f79f-14d66" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jIZbXyygfL9rkBPexjmTa7ZQyWUPRyxmQtLKdnLvN7KRAz6WfJWIxUlNXCIaxE29rPaFeP%2F5JPYVq57VSNfAZLJ%2B%2FMq1tTYWrHKj9y6uf9TYVhYqLTTeuC26B52KSHCYDJQ"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=315360000 cf-ray 6a5df6cabca40843-CDG expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	BOSCH.jpg dicastop.blog.br/wp-content/uploads/2021/07/	106 KB 106 KB	519ms 518ms	Image image/jpeg	104.21.80.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dicastop.blog.br/wp-content/uploads/2021/07/BOSCH.jpg Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.80.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb0978a4e9efc72993e1407c58a47b7d5345c2d376e6f7fe0498e09186b8696f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 19 Jul 2021 13:07:37 GMT server cloudflare etag W/"60f57919-1a623" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YRamSlfqOaRIKKWK8SthPR5hn3dk9YPBy3%2FNc1gCbIIv2Y7kvKuTxhJKS5%2BRbNppGLMe2SxKo02fDXszLTVaXJtF4NUtHmYMOd3ta9B%2FSEShqxEj41paHX0cc7VmI5K0n2Q"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=315360000 cf-ray 6a5df6cabca60843-CDG expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	embraer-aviao.jpg dicastop.blog.br/wp-content/uploads/2021/07/	76 KB 77 KB	611ms 611ms	Image image/jpeg	104.21.80.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dicastop.blog.br/wp-content/uploads/2021/07/embraer-aviao.jpg Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.80.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a885c3fbd8c118f7a05de8b871f8857f37677fb8f4970583c60f5f127b65156b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Tue, 13 Jul 2021 19:29:02 GMT server cloudflare etag W/"60ede97e-130d5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utkWg%2F5PDqWZUCWA1UkWdsc5%2Bl5PejYPKpCKi0YvIElM%2F8r%2B1Er01TwQsYAtmSbYkLm8vphm9LYyph17yJDYCYniupMsxrCx1Mb0YbL9jr0DeWCScj%2FGVOztTMEJq3wQJAqU"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=315360000 cf-ray 6a5df6cabca80843-CDG expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	mtc.js Show response empregandoja.com/mautic/	98 KB 29 KB	2465ms 2416ms	Script application/javascript	104.21.85.50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://empregandoja.com/mautic/mtc.js Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.85.50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.24 Resource Hash a8768e24fe4c114751fdcd6ada35b1d05044569300e2724601887dffce74cc81 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.4.24 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpCraaFkGO0zCMi7raZOz8FiGvhhlylXqC9ARA2wvYHNXx3CQ9ryl67frxo6ZdUmAV6q48RaA85cZV60Zxkji4BmwWfos3bPY3qNsVurb6LDU%2Bfb2Nw818p4MpltCily%2F4mO"}],"group":"cf-nel","max_age":604800} content-type application/javascript vary Accept-Encoding,User-Agent,User-Agent cache-control max-age=0, must-revalidate, private x-turbo-charged-by LiteSpeed cf-ray 6a5df6cb0e203b31-CDG expires Fri, 29 Oct 2021 17:01:09 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	100 KB 39 KB	74ms 38ms	Script application/javascript	172.217.18.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N359B8M Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f104.1e100.net Software Google Tag Manager / Resource Hash 5e606e25184fdc2cfac3e515bbdb9c8356a8bc394caef485d734b673b28d8ea4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39100 x-xss-protection 0 last-modified Fri, 29 Oct 2021 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 29 Oct 2021 17:01:07 GMT
GET H2	200	g.gif pixel.wp.com/	50 B 93 B	7ms 6ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&j=1%3A10.1&blog=176243060&post=0&tz=3&srv=dicastop.blog.br&host=dicastop.blog.br&ref=&fcp=0&rand=0.9059701641631157 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers access-control-allow-origin * date Fri, 29 Oct 2021 17:01:07 GMT cache-control no-cache server nginx content-length 50 content-type image/gif
GET H3	200	OneSignalPageSDKES6.js Show response cdn.onesignal.com/sdks/	284 KB 68 KB	39ms 26ms	Script application/javascript	104.18.225.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.225.52 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br cf-cache-status HIT server cloudflare age 1325 etag W/"fff10df2ca37ad0e879283b24dd072d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 6a5df6cafb3d2175-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 01 Nov 2021 17:01:07 GMT
GET H3	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/	269 KB 96 KB	75ms 51ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6689957433256669&plah=dicastop.blog.br Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash ed20f860c7487e455c5f062562e3f9809f37a921a483f43a8297f02601ad4149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 98670 x-xss-protection 0 server cafe etag 3085467189109875038 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 29 Oct 2021 17:01:07 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/ Frame 0EBB	10 KB 5 KB	52ms 16ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Fri, 29 Oct 2021 16:23:50 GMT expires Fri, 12 Nov 2021 16:23:50 GMT content-type text/html; charset=UTF-8 etag 15765991816257340444 x-content-type-options nosniff content-encoding gzip server cafe content-length 4703 x-xss-protection 0 age 2237 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	web Show response onesignal.com/api/v1/sync/1f4f5409-e3aa-4446-8e59-e83853573e49/	3 KB 2 KB	1150ms 1142ms	Script text/javascript	104.18.225.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/sync/1f4f5409-e3aa-4446-8e59-e83853573e49/web?callback=__jp0 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.225.52 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8a81a51d6bc1a98daac713e33563b273b9b0def112030a7d8a4a519506d60b4 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS status 200 OK alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id be0cb225-28fa-4959-b34e-7b9d897b3bf2 x-runtime 0.035725 referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options SAMEORIGIN etag W/"f8a81a51d6bc1a98daac713e33563b27" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 cf-ray 6a5df6cb8809fae5-DUS access-control-allow-headers SDK-Version expires Fri, 29 Oct 2021 18:01:08 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	52ms 17ms	Script text/javascript	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N359B8M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 26 Oct 2021 23:24:02 GMT server Golfe2 age 3633 date Fri, 29 Oct 2021 16:00:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Fri, 29 Oct 2021 18:00:34 GMT
GET H2	200	d.js Show response waust.at/	13 KB 7 KB	76ms 29ms	Script application/x-javascript	104.26.4.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://waust.at/d.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N359B8M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 726 last-modified Mon, 03 May 2021 17:48:39 GMT server cloudflare etag W/"60903777-3444" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B57IZ33l%2FwTf7ZXmAc6uFpt6MosTchVvhhOVD4qUdRCgqdN9MGiF%2FSrZ8RSDKTY7xm9z2%2BT1CS6icalSSIObzDt%2Ffym1wB7mEtOInV0UG0dCjCa7uXf3x7Ki"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * cache-control max-age=86400 cf-ray 6a5df6cbdea0778b-LHR expires Sat, 30 Oct 2021 16:49:01 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	125 KB 48 KB	61ms 39ms	Script application/javascript	172.217.18.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-MS4KP914PV&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N359B8M Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f104.1e100.net Software Google Tag Manager / Resource Hash 5a5281747c4e97a851ff84937a3c92cc131666959363bb3cde898ff44866fc53 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49597 x-xss-protection 0 expires Fri, 29 Oct 2021 17:01:07 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	91 KB 36 KB	64ms 43ms	Script application/javascript	172.217.18.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-171539047-1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N359B8M Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f104.1e100.net Software Google Tag Manager / Resource Hash 2ae8941cace606eb36b317378e3be8e5fa9d49f601ac614698c348bc765dee24 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36655 x-xss-protection 0 expires Fri, 29 Oct 2021 17:01:07 GMT
GET H2	200	diffuser.js Show response diffuser-cdn.app-us1.com/diffuser/	24 KB 6 KB	47ms 17ms	Script application/javascript	104.17.145.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.145.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding gzip cf-cache-status HIT age 107 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 21 Oct 2021 17:42:06 GMT server cloudflare etag W/"4d482a43613d3966f353ec9d97452e0c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript via 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront) cache-control public, max-age=300 x-amz-cf-pop FRA2-C1 cf-ray 6a5df6cbbe022199-DUS x-amz-cf-id 06Md-IKTiQmqlYnrakoRyzILa1BcM4MfCimr4L-oRvVhelV01Nj8tw==
GET H2	200	/ Show response prism.app-us1.com/	246 B 390 B	458ms 447ms	Script application/javascript	104.17.145.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prism.app-us1.com/?a=90732584&u=https%3A%2F%2Fdicastop.blog.br%2F Requested by Host: diffuser-cdn.app-us1.com URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.145.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 156c34ca436af1ff0e0d4b04d446a55bf9ece083e60714955cbaa68c2941107d Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.2.34 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/javascript cache-control no-cache, private cf-ray 6a5df6cbfe342199-DUS
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	42ms 21ms	XHR text/plain	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1647733481&t=pageview&_s=1&dl=https%3A%2F%2Fdicastop.blog.br%2F&ul=en-us&de=UTF-8&dt=Dicas%20Top%20-%20Seu%20Guia%20de%20Dicas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1727489639&gjid=72775169&cid=608567289.1635526868&tid=UA-171539047-1&_gid=849180038.1635526868&_r=1&gtm=2wgar0N359B8M&z=1875160995 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://dicastop.blog.br/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://dicastop.blog.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	21ms 15ms	Image image/gif	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j93&a=1647733481&t=pageview&_s=1&dl=https%3A%2F%2Fdicastop.blog.br%2F&ul=en-us&de=UTF-8&dt=Dicas%20Top%20-%20Seu%20Guia%20de%20Dicas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=608567289.1635526868&tid=UA-171539047-1&_gid=849180038.1635526868&gtm=2wgar0N359B8M&z=571186267 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 28 Oct 2021 19:03:33 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 79054 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	21ms 14ms	Image image/gif	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j93&a=1647733481&t=pageview&_s=1&dl=https%3A%2F%2Fdicastop.blog.br%2F&ul=en-us&de=UTF-8&dt=Dicas%20Top%20-%20Seu%20Guia%20de%20Dicas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=608567289.1635526868&tid=UA-171539047-1&_gid=849180038.1635526868&gtm=2wgar0N359B8M&z=1493725316 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 28 Oct 2021 19:03:33 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 79054 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	21ms 15ms	Image image/gif	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j93&a=1647733481&t=pageview&_s=1&dl=https%3A%2F%2Fdicastop.blog.br%2F&ul=en-us&de=UTF-8&dt=Dicas%20Top%20-%20Seu%20Guia%20de%20Dicas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=608567289.1635526868&tid=UA-171539047-1&_gid=849180038.1635526868&gtm=2wgar0N359B8M&z=585233511 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 28 Oct 2021 19:03:33 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 79054 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	206 B 640 B	59ms 22ms	Script text/javascript	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=dicastop.blog.br&callback=_gfp_s_&client=ca-pub-6689957433256669 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6689957433256669&plah=dicastop.blog.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software cafe / Resource Hash fba706d4a86e726c69210ebb639468e5e8f620639b2121c3d7dcbb9f615e1f8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 195 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	67ms 29ms	Script application/javascript	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=dicastop.blog.br Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6689957433256669&plah=dicastop.blog.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Fri, 29 Oct 2021 17:01:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	62ms 26ms	Script application/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=dicastop.blog.br Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6689957433256669&plah=dicastop.blog.br Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Fri, 29 Oct 2021 17:01:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 1E69	233 KB 52 KB	579ms 556ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&adk=3105533540&adf=2621220088&lmt=1635526867&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdicastop.blog.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526867727&bpp=2&bdt=581&idt=140&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8329824939384&frm=20&pv=2&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=156 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6689957433256669&plah=dicastop.blog.br Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 3b974bde6c6e953958312c75751e2a3d34e6289343cd00eeb9ecbc32a42c5365 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 29 Oct 2021 17:01:08 GMT server cafe content-length 52874 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 29 Oct 2021 17:01:08 GMT cache-control private
POST H3	204	collect www.google-analytics.com/g/	0 17 B	20ms 20ms	Ping text/plain	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-MS4KP914PV&gtm=2oear0&_p=1647733481&sr=1600x1200&ul=en-us&cid=608567289.1635526868&_s=1&dl=https%3A%2F%2Fdicastop.blog.br%2F&dt=Dicas%20Top%20-%20Seu%20Guia%20de%20Dicas&sid=1635526867&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-MS4KP914PV&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://dicastop.blog.br/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:07 GMT server Golfe2 content-type text/plain access-control-allow-origin https://dicastop.blog.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 442 B	63ms 21ms	XHR text/plain	74.125.133.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-171539047-1&cid=608567289.1635526868&jid=1727489639&gjid=72775169&_gid=849180038.1635526868&_u=YEBAAAAAAAAAAC~&z=178673872 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.133.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS wo-in-f156.1e100.net Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dicastop.blog.br/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 29 Oct 2021 17:01:07 GMT content-type text/plain access-control-allow-origin https://dicastop.blog.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/i/	8 KB 9 KB	316ms 98ms	Script application/javascript	158.69.139.229 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/i/?l=https%3A%2F%2Fdicastop.blog.br%2F&j= Requested by Host: waust.at URL: https://waust.at/d.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip229.ip-158-69-139.net Software nginx/1.14.0 (Ubuntu) / Resource Hash 97b3eab0a30e4b5e9533bf8cc559a1eaf58be47b4e8928e5790e2a41cd495d4a Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:08 GMT X-T 0.551 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Connection close X-S mtl3 Expires Fri, 29 Oct 2021 17:01:07 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	20ms 20ms	XHR text/plain	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1647733481&t=pageview&_s=1&dl=https%3A%2F%2Fdicastop.blog.br%2F&ul=en-us&de=UTF-8&dt=Dicas%20Top%20-%20Seu%20Guia%20de%20Dicas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=127460278&gjid=1646008648&cid=608567289.1635526868&tid=UA-171539047-1&_gid=849180038.1635526868&_r=1&gtm=2ouar0&z=1594376085 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://dicastop.blog.br/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://dicastop.blog.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response whos.amung.us/pingjs/	28 B 144 B	329ms 108ms	Script text/javascript	67.202.114.214 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/pingjs/?k=xhuoovrm6v&t=Dicas%20Top%20-%20Seu%20Guia%20de%20Dicas&c=d&x=https%3A%2F%2Fdicastop.blog.br%2F&y=&a=0&v=27&r=6058 Requested by Host: waust.at URL: https://waust.at/d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.202.114.214 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS amung.us Software / Resource Hash 74de87a6b72a1906585c1dbd9db13f2d1511fa4433d8f1e39c5f90e5c49b6dfb Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT content-encoding gzip content-type text/javascript;charset=UTF-8
GET H2	200	/ Show response whos.amung.us/pingjs/	28 B 144 B	328ms 108ms	Script text/javascript	67.202.114.214 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/pingjs/?k=xhuoovrm6v&t=Dicas%20Top%20-%20Seu%20Guia%20de%20Dicas&c=d&x=https%3A%2F%2Fdicastop.blog.br%2F&y=&a=1&v=27&r=958 Requested by Host: waust.at URL: https://waust.at/d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.202.114.214 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS amung.us Software / Resource Hash 545d813a1cb41d59e45840fea7cbbec22db1a685f3949b350b0e65f5ddf8f4d3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT content-encoding gzip content-type text/javascript;charset=UTF-8
GET H2	200	/ Show response whos.amung.us/pingjs/	28 B 144 B	328ms 107ms	Script text/javascript	67.202.114.214 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/pingjs/?k=xhuoovrm6v&t=Dicas%20Top%20-%20Seu%20Guia%20de%20Dicas&c=d&x=https%3A%2F%2Fdicastop.blog.br%2F&y=&a=2&v=27&r=3744 Requested by Host: waust.at URL: https://waust.at/d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.202.114.214 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS amung.us Software / Resource Hash 797512ee7db1abfa185c7535d51cc2d1b0eddf7a0587fe8d365a2c34e8de2c68 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT content-encoding gzip content-type text/javascript;charset=UTF-8
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	21ms 21ms	XHR text/plain	74.125.133.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-171539047-1&cid=608567289.1635526868&jid=127460278&gjid=1646008648&_gid=849180038.1635526868&_u=aEDAAUABAAAAAC~&z=1238449752 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.133.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS wo-in-f156.1e100.net Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dicastop.blog.br/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 29 Oct 2021 17:01:07 GMT content-type text/plain access-control-allow-origin https://dicastop.blog.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	76ms 39ms	Image image/gif	142.250.185.228 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-171539047-1&cid=608567289.1635526868&jid=1727489639&_u=YEBAAAAAAAAAAC~&z=757074247 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:08 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	76ms 41ms	Image image/gif	216.58.212.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-171539047-1&cid=608567289.1635526868&jid=1727489639&_u=YEBAAAAAAAAAAC~&z=757074247 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:08 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	75ms 40ms	Image image/gif	142.250.185.228 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-171539047-1&cid=608567289.1635526868&jid=127460278&_u=aEDAAUABAAAAAC~&z=147834182 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:08 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	65ms 42ms	Image image/gif	216.58.212.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-171539047-1&cid=608567289.1635526868&jid=127460278&_u=aEDAAUABAAAAAC~&z=147834182 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:08 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/idg/ Frame 1820	1 KB 752 B	281ms 92ms	Document text/html	158.69.139.229 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/idg/?su=4C30163552686818DA744AE6D229037C Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fdicastop.blog.br%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip229.ip-158-69-139.net Software nginx/1.14.0 (Ubuntu) / Resource Hash f96c112deb70cf5f9fcd68920f42eee1dff3ba69b1bfbe7ff5e56e21b98ba17c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ Response headers Server nginx/1.14.0 (Ubuntu) Date Fri, 29 Oct 2021 17:01:08 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Expires Fri, 29 Oct 2021 17:01:07 GMT Cache-Control no-cache Content-Encoding gzip
GET H2	200	tag.min.js Show response get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/	30 KB 10 KB	46ms 7ms	Script text/javascript	52.222.214.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fdicastop.blog.br%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.22 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-22.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-amz-version-id BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY content-encoding gzip last-modified Thu, 03 Jun 2021 13:27:46 GMT server AmazonS3 age 44744 etag W/"a1c6ef0f57fd5dc66dd46feb78238adf" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront) cache-control max-age=86400 date Fri, 29 Oct 2021 04:37:17 GMT x-amz-cf-pop FRA56-P3 x-amz-cf-id yM7oALbeXcjQojTSQ7nq346f-KFek-JmCxb6_ctli2i9baG3-KJWMg==
GET H/1.1	204 No Content	dtscout Show response pd.sharethis.com/pd/	0 88 B	50ms 16ms	Script text/plain	18.195.98.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pd.sharethis.com/pd/dtscout Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fdicastop.blog.br%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.98.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-98-10.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Connection keep-alive Date Fri, 29 Oct 2021 17:01:08 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/pv/	50 B 317 B	302ms 100ms	Script application/javascript	158.69.139.229 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=dicastop.blog.br&_ss=3wtzv4851u&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=42s4&_cb=_dtspv.c Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fdicastop.blog.br%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip229.ip-158-69-139.net Software nginx/1.14.0 (Ubuntu) / Resource Hash a4dc70540383825d971f66fd2d0079acde341a3951e9c8fbce233cdfdc206f93 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:08 GMT X-T 0.19 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked X-C 0 Content-Type application/javascript Cache-Control no-cache Connection close Expires Fri, 29 Oct 2021 17:01:07 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/idg/ Frame 74EC	1 KB 750 B	293ms 98ms	Document text/html	158.69.139.229 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/idg/?su=4C30163552686818DA744AE6D229037C Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fdicastop.blog.br%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip229.ip-158-69-139.net Software nginx/1.14.0 (Ubuntu) / Resource Hash 5aa8e4daf089155ac47a21bc5ea88ff3bfef8e95c33be4abf03c92e973165b83 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ Response headers Server nginx/1.14.0 (Ubuntu) Date Fri, 29 Oct 2021 17:01:08 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Expires Fri, 29 Oct 2021 17:01:07 GMT Cache-Control no-cache Content-Encoding gzip
GET H/1.1	200 OK	/ Show response t.dtscout.com/idg/ Frame 633F	1 KB 752 B	296ms 100ms	Document text/html	158.69.139.229 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/idg/?su=4C30163552686818DA744AE6D229037C Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fdicastop.blog.br%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip229.ip-158-69-139.net Software nginx/1.14.0 (Ubuntu) / Resource Hash a2914bcef9ddc73e6ccbb69b0465d4b1a1c618245cf3588f59774cecafaa1436 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ Response headers Server nginx/1.14.0 (Ubuntu) Date Fri, 29 Oct 2021 17:01:08 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Expires Fri, 29 Oct 2021 17:01:07 GMT Cache-Control no-cache Content-Encoding gzip
GET H2	200	tc.js Show response cdn.tynt.com/	17 KB 7 KB	60ms 17ms	Script application/javascript	104.18.28.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/tc.js Requested by Host: waust.at URL: https://waust.at/d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.28.199 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 27 Aug 2021 20:58:37 GMT server cloudflare age 244873 etag W/"612951fd-431d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 6a5df6ceee5a717e-DUS expires Mon, 01 Nov 2021 17:01:08 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H2	200	t_prism_sitemessages.php Show response trackcmp.net/	0 362 B	149ms 115ms	Script text/javascript	104.18.0.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trackcmp.net/t_prism_sitemessages.php?trackid=90732584&prismid=f7914afd-ee96-4bab-a2c8-be82f3fe8710&url=https%3A%2F%2Fdicastop.blog.br%2F Requested by Host: diffuser-cdn.app-us1.com URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.0.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.33 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.1.33 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" content-type text/javascript;charset=UTF-8 cache-control no-cache, private x-privacy-policy You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/ cf-ray 6a5df6cf3fd1218d-DUS content-length 0
GET H2	200	/ Show response onetag-geo.s-onetag.com/	555 B 963 B	341ms 314ms	Fetch application/json	18.66.112.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront), 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1, FRA56-P5 x-amzn-requestid 0b1e38a1-d8b4-4cca-bc2b-8deb41b30f47 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=86400 x-amz-apigw-id H-tRQEJ0iYcFgOA= content-length 555 x-amz-cf-id NdVS0zSpjBYz-K0J51UD7WBZpGPrnRZVs1PdXwEnJ5AuOrQph6n9ww==
GET H2	200	/ Show response onetag-geo.s-onetag.com/	555 B 960 B	339ms 315ms	Fetch application/json	18.66.112.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront), 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1, FRA56-P5 x-amzn-requestid 0b1e38a1-d8b4-4cca-bc2b-8deb41b30f47 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=86400 x-amz-apigw-id H-tRQEJ0iYcFgOA= content-length 555 x-amz-cf-id hJu2H2BuP6oqPxrhzZ3acXBxR7tIe1meBTiG6pJn_-UIbn_Pz0DgmQ==
GET H2	200	/ Show response onetag-geo.s-onetag.com/	555 B 962 B	338ms 316ms	Fetch application/json	18.66.112.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront), 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1, FRA56-P5 x-amzn-requestid 0b1e38a1-d8b4-4cca-bc2b-8deb41b30f47 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=86400 x-amz-apigw-id H-tRQEJ0iYcFgOA= content-length 555 x-amz-cf-id EN5WWHwUoorD1gjIHFXi8GVb7miKtMEC1WEWI8uoekJBWYGXqoHqvw==
GET H2	204	p ic.tynt.com/b/	0 227 B	360ms 117ms	Image text/plain	67.202.105.32 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xhuoovrm6v&lm=0&ts=1635526868333&dn=TC&iso=0&ct=Dicas%20Top&t=Dicas%20Top%20-%20Seu%20Guia%20de%20Dicas&cu=https%3A%2F%2Fdicastop.blog.br%2F Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip32.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H3	200	reactive_library_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/	143 KB 52 KB	36ms 36ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/reactive_library_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6689957433256669&plah=dicastop.blog.br Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash fe7abc6930c5d2aca1bd1d15833f2a1931e52f15f90c7c4ffed4447cb3273c07 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52737 x-xss-protection 0 server cafe etag 670483609669614945 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 29 Oct 2021 17:01:08 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	47ms 25ms	Script application/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=dicastop.blog.br Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6689957433256669&plah=dicastop.blog.br Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Fri, 29 Oct 2021 17:01:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	63ms 30ms	Script application/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=dicastop.blog.br Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6689957433256669&plah=dicastop.blog.br Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Fri, 29 Oct 2021 17:01:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame CC52	87 KB 30 KB	906ms 905ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6689957433256669&plah=dicastop.blog.br Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash d753e74bd6c324cfa6d5cc37ba9457e92b373d37af09a391368bb0622ccefcc1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 29 Oct 2021 17:01:09 GMT server cafe content-length 30523 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 29 Oct 2021 17:01:09 GMT cache-control private
GET H2	200	lt.min.js Show response tags.crwdcntrl.net/lt/c/3825/	41 KB 13 KB	46ms 7ms	Script text/javascript	18.66.97.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fdicastop.blog.br%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 352b946d2aa4d0b2da6236769fbb46cab48ee1d8378df1dd5b28aa84fa875536 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 13:45:12 GMT content-encoding gzip etag W/"8f03358821acd3f05de8b930eb1e5ef2" last-modified Tue, 19 Oct 2021 13:13:55 GMT server AmazonS3 age 11757 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront) cache-control max-age: 86400 x-amz-cf-pop FRA56-P2 x-amz-cf-id FPNAnLmr6ty6PMWG3Su-FkL6PZdPLXN-flpN1nBf-Fbl3u3VhToo2Q==
GET H/1.1	200 OK	/ Show response t.dtscdn.com/widget/	0 407 B	371ms 93ms	Script application/javascript	45.55.120.93 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://t.dtscdn.com/widget/?d=4C30163552686818DA744AE6D229037C&nid=0&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fdicastop.blog.br%2F&r= Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fdicastop.blog.br%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.55.120.93 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:04:47 GMT X-T 0.97 x-server web15.ny1.dtscdn.com Cache-Control no-cache Content-Type application/javascript; charset=UTF-8 Transfer-Encoding chunked Expires Fri, 29 Oct 2021 17:04:46 GMT
GET H/1.1	200 OK	27675 tags.bluekai.com/site/	62 B 329 B	215ms 181ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/27675?id=4C30163552686818DA744AE6D229037C&ret=html&phint=__bk_t%3DDicas%20Top%20-%20Seu%20Guia%20de%20Dicas&phint=__bk_l%3Dhttps%3A%2F%2Fdicastop.blog.br%2F&r=25498357 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:08 GMT X-N S Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 BK-Server 8bbf Content-Type image/gif
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://pixel.onaudience.com/?partner=137085098&mapped=4C30163552686818DA744AE6D229037C https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=5a707b4f5a843c2c https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=5a707b4f5a843c2c https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlZpQU5mck5rRE9KcGJnMjMxTHo3VG0zc19jOEg5YzNtSjVXOW9TYlBQd00&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&... https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEDiWaghJCY9vfYd6cvm39OM&google_cver=1 https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2777770084308048165&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 https://ps.eyeota.net/match?bid=7vi0rg0&uid=8eef617c-28d4-4e00-a6aa-9dddd54bfdbf&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%... https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_p... https://ps.eyeota.net/match?uid=YXwo1QAAlooAxABG&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90&_test=YXwo1QAAlooAxABG https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1 https://ps.eyeota.net/match?uid=106a4c32-0a07-4ec9-a1eb-37e2c41e2b2d&bid=1e2n4ou	70 B 440 B	69ms 68ms	Image image/gif	3.121.27.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=106a4c32-0a07-4ec9-a1eb-37e2c41e2b2d&bid=1e2n4ou Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol HTTP/1.1 Server 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-27-153.eu-central-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:09 GMT Content-Type image/gif Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers pragma no-cache date Fri, 29 Oct 2021 17:01:09 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://ps.eyeota.net/match?uid=106a4c32-0a07-4ec9-a1eb-37e2c41e2b2d&bid=1e2n4ou cache-control private,no-cache, must-revalidate content-type text/html content-length 191
GET H/1.1	200 OK	27675 tags.bluekai.com/site/	62 B 329 B	174ms 142ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/27675?id=4C30163552686818DA744AE6D229037C&ret=html&phint=__bk_t%3DDicas%20Top%20-%20Seu%20Guia%20de%20Dicas&phint=__bk_l%3Dhttps%3A%2F%2Fdicastop.blog.br%2F&r=73525037 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:08 GMT X-N S Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 BK-Server 1b7c Content-Type image/gif
GET H/1.1	200 OK	27675 tags.bluekai.com/site/	62 B 329 B	190ms 158ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/27675?id=4C30163552686818DA744AE6D229037C&ret=html&phint=__bk_t%3DDicas%20Top%20-%20Seu%20Guia%20de%20Dicas&phint=__bk_l%3Dhttps%3A%2F%2Fdicastop.blog.br%2F&r=63184050 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:08 GMT X-N S Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 BK-Server 48d8 Content-Type image/gif
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/ Frame D00A	10 KB 5 KB	13ms 13ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6689957433256669&plah=dicastop.blog.br Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Fri, 29 Oct 2021 16:35:44 GMT expires Fri, 12 Nov 2021 16:35:44 GMT content-type text/html; charset=UTF-8 etag 15765991816257340444 x-content-type-options nosniff content-encoding gzip server cafe content-length 4703 x-xss-protection 0 age 1524 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/ Frame B711	10 KB 5 KB	13ms 13ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6689957433256669&plah=dicastop.blog.br Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Fri, 29 Oct 2021 16:35:44 GMT expires Fri, 12 Nov 2021 16:35:44 GMT content-type text/html; charset=UTF-8 etag 15765991816257340444 x-content-type-options nosniff content-encoding gzip server cafe content-length 4703 x-xss-protection 0 age 1524 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	27675 tags.bluekai.com/site/	62 B 329 B	154ms 141ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/27675?id=4C30163552686818DA744AE6D229037C&ret=html&phint=__bk_t%3DDicas%20Top%20-%20Seu%20Guia%20de%20Dicas&phint=__bk_l%3Dhttps%3A%2F%2Fdicastop.blog.br%2F&r=96082172 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:08 GMT X-N S Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 BK-Server 7dbe Content-Type image/gif
GET H/1.1	200 OK	27675 tags.bluekai.com/site/	62 B 329 B	156ms 143ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/27675?id=4C30163552686818DA744AE6D229037C&ret=html&phint=__bk_t%3DDicas%20Top%20-%20Seu%20Guia%20de%20Dicas&phint=__bk_l%3Dhttps%3A%2F%2Fdicastop.blog.br%2F&r=61397361 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:08 GMT X-N S Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 BK-Server 2bdf Content-Type image/gif
GET H/1.1	200 OK	27675 tags.bluekai.com/site/	62 B 328 B	167ms 150ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/27675?id=4C30163552686818DA744AE6D229037C&ret=html&phint=__bk_t%3DDicas%20Top%20-%20Seu%20Guia%20de%20Dicas&phint=__bk_l%3Dhttps%3A%2F%2Fdicastop.blog.br%2F&r=7124799 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:08 GMT X-N S Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 BK-Server 80f Content-Type image/gif
GET H2	200	css2 fonts.googleapis.com/ Frame D00A	4 KB 1 KB	63ms 25ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 29 Oct 2021 15:06:05 GMT server ESF date Fri, 29 Oct 2021 17:01:08 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Fri, 29 Oct 2021 17:01:08 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame D00A	205 B 295 B	52ms 15ms	Image image/png	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 14:03:33 GMT x-content-type-options nosniff age 10655 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 29 Oct 2022 14:03:33 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame D00A	604 B 1 KB	51ms 14ms	Image image/png	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 26 Oct 2021 13:01:21 GMT x-content-type-options nosniff age 273587 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 26 Oct 2022 13:01:21 GMT
GET H2	200	interstitial_ad_frame_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/ Frame D00A	18 KB 8 KB	62ms 26ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/interstitial_ad_frame_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software cafe / Resource Hash 0d708e6899a77c81a9547e6d36f81d91d4391f1202c6cc973df9f5c106ece767 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 16:38:14 GMT content-encoding gzip x-content-type-options nosniff age 1374 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8007 x-xss-protection 0 server cafe etag 16949158767468107603 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Nov 2021 16:38:14 GMT
GET H/1.1	200 OK	27675 tags.bluekai.com/site/	62 B 328 B	143ms 141ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/27675?id=4C30163552686818DA744AE6D229037C&ret=html&phint=__bk_t%3DDicas%20Top%20-%20Seu%20Guia%20de%20Dicas&phint=__bk_l%3Dhttps%3A%2F%2Fdicastop.blog.br%2F&r=95177846 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:08 GMT X-N S Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 BK-Server 80f Content-Type image/gif
GET H/1.1	200 OK	27675 tags.bluekai.com/site/	62 B 329 B	150ms 150ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/27675?id=4C30163552686818DA744AE6D229037C&ret=html&phint=__bk_t%3DDicas%20Top%20-%20Seu%20Guia%20de%20Dicas&phint=__bk_l%3Dhttps%3A%2F%2Fdicastop.blog.br%2F&r=46780223 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:08 GMT X-N S Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 BK-Server 525b Content-Type image/gif
GET H/1.1	200 OK	27675 tags.bluekai.com/site/	62 B 329 B	142ms 142ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/27675?id=4C30163552686818DA744AE6D229037C&ret=html&phint=__bk_t%3DDicas%20Top%20-%20Seu%20Guia%20de%20Dicas&phint=__bk_l%3Dhttps%3A%2F%2Fdicastop.blog.br%2F&r=3089279 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:08 GMT X-N S Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 BK-Server 70c0 Content-Type image/gif
GET H2	200	css fonts.googleapis.com/ Frame B711	6 KB 744 B	57ms 26ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash 2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 29 Oct 2021 15:09:09 GMT server ESF date Fri, 29 Oct 2021 17:01:08 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Fri, 29 Oct 2021 17:01:08 GMT
GET H2	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame B711	2 KB 991 B	56ms 27ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software cafe / Resource Hash 1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 16:55:39 GMT content-encoding gzip x-content-type-options nosniff age 329 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 885 x-xss-protection 0 server cafe etag 638833322182864030 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Nov 2021 16:55:39 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame B711	0 0	84ms 84ms	Fetch text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CBcdX0yh8YbPuOPrI1fAPm6aHkAXm0uWIZvnpp4bUDsfei_7UKRABIKaLq4ABYJXikIKgB6AB88mrxgPIAQmpAsU8oyWVirM-qAMByAPLBKoE4QFP0GvgWI2KLxdBVNcpdIj-Z6HfqoF5163ofaTj0lzsDIksUAlSXzsELNB8Ia7nOEBoglYhJ0EqnEzo3nAz3L55UjUcGs-X7rnKZMytqURqUXkiBl2KHMDvRDh401Bo4JFBVVwmb-TLrAGX3u1DDjtzrJOuMyZVc1sGNM_ASK5rbJtea-pU5q_el751zIIROdWmClLgXaSPtwQf7uxaml5XGjc4W9eMwWAQ2RpQziRfK6xw4re2MwvehAuDewB_TTUm5TBPzW6KWPDm_3b4DXsHd2nnlmhs2nQKyVxnH9wHFO_ABIiHqujcA5IFBAgEGAGSBQQIBRgEoAYugAf1tdQ5qAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcFEKHZ7wHSCAkIgOGAEBABGF-ACgHICwHYEw2IFATQFQGYFgGAFwGyFxwKGggAEhRwdWItNjY4OTk1NzQzMzI1NjY2ORgA&sigh=OzuIRfGIxUY&uach_m=[UACH]&template_id=484 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Fri, 29 Oct 2021 17:01:08 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 29 Oct 2021 17:01:08 GMT
GET H2	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame B711	19 KB 8 KB	40ms 13ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software cafe / Resource Hash 9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 16:50:44 GMT content-encoding gzip x-content-type-options nosniff age 624 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7760 x-xss-protection 0 server cafe etag 2659786357195577193 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Nov 2021 16:50:44 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame B711	3 KB 2 KB	55ms 28ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software cafe / Resource Hash 4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 16:53:45 GMT content-encoding gzip x-content-type-options nosniff age 443 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1470 x-xss-protection 0 server cafe etag 9165589572046851897 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Nov 2021 16:53:45 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B711	120 KB 37 KB	79ms 43ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software sffe / Resource Hash eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37344 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1635161763799786" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 29 Oct 2021 17:01:08 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame B711	14 KB 6 KB	42ms 16ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software cafe / Resource Hash 7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 16:52:29 GMT content-encoding gzip x-content-type-options nosniff age 519 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6337 x-xss-protection 0 server cafe etag 7721474052657771746 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Nov 2021 16:52:29 GMT
GET H2	200	9a3fbb06dccc6bd708ce8a7c18eecc3a.js Show response www.gstatic.com/mysidia/ Frame B711	27 KB 11 KB	41ms 15ms	Script text/javascript	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 27 Oct 2021 15:17:06 GMT content-encoding gzip x-content-type-options nosniff age 179042 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11281 x-xss-protection 0 last-modified Tue, 26 Oct 2021 10:17:29 GMT server sffe vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="mysidia" expires Tue, 25 Jan 2022 15:17:06 GMT
GET H2	200	6592766407814317453 tpc.googlesyndication.com/simgad/7921727987955968077/ Frame B711	52 KB 53 KB	50ms 29ms	Image image/jpeg	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/7921727987955968077/6592766407814317453 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash cf37a57b6e0c25f7e8ea6d19ad6a7dcd4dfe8c51b15845932e2205206969a19e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 27 Oct 2021 16:57:20 GMT x-content-type-options nosniff age 173028 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53722 x-xss-protection 0 last-modified Tue, 12 Jan 2021 00:06:34 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 27 Oct 2022 16:57:20 GMT
GET H2	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/5940438389980257618/ Frame B711	6 KB 6 KB	66ms 46ms	Image image/png	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/5940438389980257618/downsize_200k_v1?w=100&h=100 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash bc1137b14798f229842d534f01819459d9d6c929227ffdf40211dbe5a858e4f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 23 Oct 2021 22:12:09 GMT x-content-type-options nosniff age 499739 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5723 x-xss-protection 0 last-modified Wed, 28 Jul 2021 12:56:04 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 23 Oct 2022 22:12:09 GMT
GET H2	200	v2 Show response de.tynt.com/deb/	4 B 202 B	324ms 105ms	Script application/javascript	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=w!xhuoovrm6v&dn=TC&cc=1&r= Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/tc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software / Resource Hash d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT cache-control max-age=86400 content-type application/javascript p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" content-length 4 expires Sat, 30 Oct 2021 17:01:09 GMT
GET H3	200	css fonts.googleapis.com/ Frame 4D9B	3 KB 580 B	49ms 25ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash 32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 29 Oct 2021 15:10:30 GMT server ESF date Fri, 29 Oct 2021 17:01:08 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Fri, 29 Oct 2021 17:01:08 GMT
GET H3	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 4D9B	2 KB 912 B	42ms 19ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software cafe / Resource Hash 1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 16:55:39 GMT content-encoding gzip x-content-type-options nosniff age 329 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 885 x-xss-protection 0 server cafe etag 638833322182864030 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Nov 2021 16:55:39 GMT
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 4D9B	19 KB 8 KB	38ms 17ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software cafe / Resource Hash 9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 16:50:44 GMT content-encoding gzip x-content-type-options nosniff age 624 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7760 x-xss-protection 0 server cafe etag 2659786357195577193 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Nov 2021 16:50:44 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 4D9B	3 KB 1 KB	40ms 19ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software cafe / Resource Hash 4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 16:53:45 GMT content-encoding gzip x-content-type-options nosniff age 443 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1470 x-xss-protection 0 server cafe etag 9165589572046851897 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Nov 2021 16:53:45 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4D9B	120 KB 37 KB	35ms 34ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software sffe / Resource Hash eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37344 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1635161763799786" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 29 Oct 2021 17:01:08 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 4D9B	14 KB 6 KB	38ms 18ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software cafe / Resource Hash 7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 16:57:22 GMT content-encoding gzip x-content-type-options nosniff age 226 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6337 x-xss-protection 0 server cafe etag 7721474052657771746 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Nov 2021 16:57:22 GMT
GET H3	200	9a3fbb06dccc6bd708ce8a7c18eecc3a.js Show response www.gstatic.com/mysidia/ Frame 4D9B	27 KB 11 KB	35ms 15ms	Script text/javascript	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 27 Oct 2021 15:17:06 GMT content-encoding gzip x-content-type-options nosniff age 179042 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11281 x-xss-protection 0 last-modified Tue, 26 Oct 2021 10:17:29 GMT server sffe vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="mysidia" expires Tue, 25 Jan 2022 15:17:06 GMT
GET H2	204	p ic.tynt.com/b/	0 227 B	117ms 117ms	Image text/plain	67.202.105.32 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xhuoovrm6v&lm=0&ts=1635526868333&dn=TC&iso=0&ct=Dicas%20Top&t=Dicas%20Top%20-%20Seu%20Guia%20de%20Dicas&cu=https%3A%2F%2Fdicastop.blog.br%2F Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip32.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET DATA	200 OK	truncated / Frame B711	219 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 593f63f7d88db1342faa7ed217f8de682157e7be97344c0a8d890e15d4aeca03 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H2	200	EU Show response onetag-geo-grouping.s-onetag.com/regionalbloc/	1 KB 830 B	147ms 119ms	Fetch application/json	18.66.112.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software restify / Resource Hash 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT content-encoding gzip server restify x-amz-cf-pop FRA56-P5 vary Accept-Encoding,origin x-cache Miss from cloudfront content-type application/json access-control-allow-origin https://dicastop.blog.br access-control-expose-headers api-version, content-length, content-md5, content-type, date, request-id, response-time cache-control max-age=86400 x-amz-cf-id JUx3Rqpoq-yCfpPs9pNfcg-ccyXD92qTJMOdznqxPNq5hpowWTl4nA== via 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront)
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 2DFF	143 B 163 B	13ms 13ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Response headers content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 29 Oct 2021 16:37:38 GMT server cafe content-length 145 x-xss-protection 0 cache-control public, max-age=3600 age 1410 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js Show response pagead2.googlesyndication.com/bg/ Frame DAED	35 KB 13 KB	15ms 14ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash 2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 27 Oct 2021 21:11:47 GMT content-encoding br x-content-type-options nosniff age 157761 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13394 x-xss-protection 0 last-modified Tue, 26 Oct 2021 18:58:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Thu, 27 Oct 2022 21:11:47 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 2DFF Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 16 B	49ms 48ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Fri, 29 Oct 2021 17:01:08 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 29 Oct 2021 17:01:08 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Fri, 29 Oct 2021 17:01:08 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	204	p ic.tynt.com/b/	0 227 B	117ms 117ms	Image text/plain	67.202.105.32 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xhuoovrm6v&lm=0&ts=1635526868333&dn=TC&iso=0&ct=Dicas%20Top&t=Dicas%20Top%20-%20Seu%20Guia%20de%20Dicas Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip32.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H3	200	OneSignalSDKStyles.css onesignal.com/sdks/	82 KB 9 KB	17ms 16ms	Stylesheet text/css	104.18.225.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.225.52 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:08 GMT content-encoding br cf-cache-status HIT server cloudflare age 1321 etag W/"4e9aaefffd5f8ae7dc83361aa2294190" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=259200 cf-ray 6a5df6d2bed62175-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 01 Nov 2021 17:01:08 GMT
GET H3	200	icon Show response onesignal.com/api/v1/apps/1f4f5409-e3aa-4446-8e59-e83853573e49/	44 B 531 B	3087ms 3074ms	Fetch application/json	104.18.226.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/apps/1f4f5409-e3aa-4446-8e59-e83853573e49/icon Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.226.52 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS status 200 OK alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 00d58f05-81d5-4b78-bed5-6505b51d5a12 x-runtime 2.163976 referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options SAMEORIGIN etag W/"e51140cdcd044ad76335646936ec5319" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=0, private, must-revalidate cf-ray 6a5df6d30c6a2193-DUS access-control-allow-headers SDK-Version
GET H2	204	p ic.tynt.com/b/	0 227 B	117ms 117ms	Image text/plain	67.202.105.32 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xhuoovrm6v&lm=0&ts=1635526868333&dn=TC&iso=0&ct=Dicas%20Top Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip32.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:09 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	117ms 117ms	Image text/plain	67.202.105.32 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xhuoovrm6v&lm=0&ts=1635526868333&dn=TC&iso=0&ct=Dicas%20Top Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip32.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:09 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	117ms 117ms	Image text/plain	67.202.105.32 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xhuoovrm6v&lm=0&ts=1635526868333&dn=TC&iso=0 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip32.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:09 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	117ms 117ms	Image text/plain	67.202.105.32 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!xhuoovrm6v&lm=0&ts=1635526868333&dn=TC&iso=0 Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS ip32.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:09 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H3	200	css fonts.googleapis.com/ Frame CC52	6 KB 671 B	27ms 27ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash 2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 29 Oct 2021 15:08:57 GMT server ESF date Fri, 29 Oct 2021 17:01:09 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Fri, 29 Oct 2021 17:01:09 GMT
GET H3	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame CC52	2 KB 912 B	16ms 16ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software cafe / Resource Hash 1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 16:55:39 GMT content-encoding gzip x-content-type-options nosniff age 330 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 885 x-xss-protection 0 server cafe etag 638833322182864030 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Nov 2021 16:55:39 GMT
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame CC52	19 KB 8 KB	16ms 16ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software cafe / Resource Hash 9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 16:50:44 GMT content-encoding gzip x-content-type-options nosniff age 625 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7760 x-xss-protection 0 server cafe etag 2659786357195577193 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Nov 2021 16:50:44 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame CC52	3 KB 1 KB	16ms 16ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software cafe / Resource Hash 4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 16:53:45 GMT content-encoding gzip x-content-type-options nosniff age 444 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1470 x-xss-protection 0 server cafe etag 9165589572046851897 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Nov 2021 16:53:45 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame CC52	120 KB 37 KB	59ms 38ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software sffe / Resource Hash eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:09 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37344 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1635161763799786" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 29 Oct 2021 17:01:09 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame CC52	14 KB 6 KB	16ms 16ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software cafe / Resource Hash 7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 16:57:22 GMT content-encoding gzip x-content-type-options nosniff age 227 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6337 x-xss-protection 0 server cafe etag 7721474052657771746 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Nov 2021 16:57:22 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame CC52	0 0	25ms 24ms	Image text/html	142.250.185.228 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaV6U_7XqpCapVQvkQjNX3_QmuohPzPNgyj44ZXLYQE63-KeEbDv21AgL2TyXpTjmZP6JqW6vgrgRQPHE2JDuUA-bejg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H3	200	9a3fbb06dccc6bd708ce8a7c18eecc3a.js Show response www.gstatic.com/mysidia/ Frame CC52	27 KB 11 KB	14ms 13ms	Script text/javascript	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 27 Oct 2021 15:17:06 GMT content-encoding gzip x-content-type-options nosniff age 179043 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11281 x-xss-protection 0 last-modified Tue, 26 Oct 2021 10:17:29 GMT server sffe vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="mysidia" expires Tue, 25 Jan 2022 15:17:06 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame CC52	0 0	87ms 86ms	Fetch text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CeZ2k1Ch8YcKBIsqI7gSar7SQDbOajd5l58DNt7cJ2dCWy5MOEAEgpourgAFgleKQgqAHoAGpivD-A8gBCakCnD8rD2iAsz6oAwHIA8sEqgTuAU_QGznkCm2ayuybEB0NS1rO1CKgi2IbOppmtxfmjK8EktXdSqXGrSnkiwotuqV3Yr5E7w_KkYKeXooNr4TxDlxA1y-9rQPR-SgVhZuVmzBZqKg_4LVn9yBjK5fN13x_YPSj1gAI5vfLup8wici6ql0MjhNn9ArDO4ncM_xXAuQ2F_BcFGppbtiMcw1rB3PCaGW-aMpySzZ0ZPTZt_WyKE_5MJjTJZMsEOLHtSNfWK88bf_qXMuJkgPsGFhn_8opOtiO6FzZ0GulALCzyr2CeRrh2DkUDiQkRhukq45uXXSxYWpbDxz2UkctA0jsFszABPCM8YqGApIFBAgEGAGSBQQIBRgEoAYugAe_9Y8BqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEP6JCtIICQiA4YAQEAEYX4AKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi02Njg5OTU3NDMzMjU2NjY5GAA&sigh=AqI_tRfqZSw&uach_m=[UACH]&template_id=484 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Fri, 29 Oct 2021 17:01:09 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/3989421941205656321/ Frame CC52	12 KB 12 KB	17ms 17ms	Image image/jpeg	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3989421941205656321/downsize_200k_v1?w=400&h=209 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash c1cedabb065f22905e467c3f9f33983e717b3ed5943bb3b0730fd7b100f9f377 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 13:06:23 GMT x-content-type-options nosniff age 100486 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12179 x-xss-protection 0 last-modified Thu, 09 May 2019 12:41:51 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 28 Oct 2022 13:06:23 GMT
GET H3	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/1504279965329857114/ Frame CC52	3 KB 3 KB	21ms 20ms	Image image/png	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1504279965329857114/downsize_200k_v1?w=100&h=100 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash 66c2228852043aa80c2a6ed1489557620b6f4f1daefb74ee035e0f4713437a15 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 24 Oct 2021 11:17:25 GMT x-content-type-options nosniff age 452624 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2626 x-xss-protection 0 last-modified Tue, 05 Feb 2019 13:38:10 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 24 Oct 2022 11:17:25 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame B26A	1 KB 749 B	13ms 13ms	Document text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Fri, 29 Oct 2021 08:58:57 GMT expires Sat, 30 Oct 2021 08:58:57 GMT content-type text/html; charset=ISO-8859-1 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 28932 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	dpixel cms.quantserve.com/ Frame B26A	35 B 463 B	28ms 9ms	Image image/gif	91.228.74.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO-Xc8BwI7TzVMOj7GNyMvk&google_cver=1&google_push=AYg5qPIzZTjh9HmXqFXZG21-voLfaoTBhoSydOru5viHyJXsC6fvjamFeJsH0eCK5XszHVxgxcCR2TOxBUZby-73HgOQSKFD4W-1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.198 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:09 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame B26A Redirect Chain https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKMc_IS... https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKMc_IS... https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMjkxNzAxMDkwMDAxMzQzNzk3Nzk2Mg%3D%3D&google_push=AYg5qPKMc_ISlWnoOK8Cto1-EmOMJFl1DjrVCxzcAHH_dayeg5OLV0Dt20wZDfsBkNgiTP...	170 B 188 B	26ms 26ms	Image image/png	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMjkxNzAxMDkwMDAxMzQzNzk3Nzk2Mg%3D%3D&google_push=AYg5qPKMc_ISlWnoOK8Cto1-EmOMJFl1DjrVCxzcAHH_dayeg5OLV0Dt20wZDfsBkNgiTPxBBMA4m8YXZVnOW0s5VrtnaU1evpAr Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMjkxNzAxMDkwMDAxMzQzNzk3Nzk2Mg%3D%3D&google_push=AYg5qPKMc_ISlWnoOK8Cto1-EmOMJFl1DjrVCxzcAHH_dayeg5OLV0Dt20wZDfsBkNgiTPxBBMA4m8YXZVnOW0s5VrtnaU1evpAr pragma no-cache date Fri, 29 Oct 2021 17:01:09 GMT cache-control max-age=0, no-cache, no-store content-length 0 strict-transport-security max-age=2628000 expires Fri, 29 Oct 2021 17:01:09 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame B26A Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEEezEG8K41gRs-y3rj2UY8U&google_cver=1&google_push=AYg5qPIKWkpeyE073M6Fk3ToimgpoKW_gd-8bZqKLjInvWZTYb7-p6EnqdXmFDOFlGkQGrL9ZlFXp0bguwLGmGZy6utuoR9Iq8h0 https://rtb.openx.net/sync/dds?google_gid=CAESEEezEG8K41gRs-y3rj2UY8U&google_cver=1&google_push=AYg5qPIKWkpeyE073M6Fk3ToimgpoKW_gd-8bZqKLjInvWZTYb7-p6EnqdXmFDOFlGkQGrL9ZlFXp0bguwLGmGZy6utuoR9Iq8h0&... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIKWkpeyE073M6Fk3ToimgpoKW_gd-8bZqKLjInvWZTYb7-p6EnqdXmFDOFlGkQGrL9ZlFXp0bguwLGmGZy6utuoR9Iq8h0&google_hm=UI2h22kYyH4S_63uzw0GRQ==	170 B 188 B	27ms 27ms	Image image/png	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIKWkpeyE073M6Fk3ToimgpoKW_gd-8bZqKLjInvWZTYb7-p6EnqdXmFDOFlGkQGrL9ZlFXp0bguwLGmGZy6utuoR9Iq8h0&google_hm=UI2h22kYyH4S_63uzw0GRQ== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 29 Oct 2021 17:01:09 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIKWkpeyE073M6Fk3ToimgpoKW_gd-8bZqKLjInvWZTYb7-p6EnqdXmFDOFlGkQGrL9ZlFXp0bguwLGmGZy6utuoR9Iq8h0&google_hm=UI2h22kYyH4S_63uzw0GRQ== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id gtdhvpqjkl0pr2tpvf2fhp89v34vrhji
GET H3	200	pixel cm.g.doubleclick.net/ Frame B26A Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aP5DktUxQ5atbMXCe0yHhw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	28ms 28ms	Image image/png	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aP5DktUxQ5atbMXCe0yHhw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLvfzAXm8fGIAhqAM84rRQay5RcYj7AqaSzT4LH5-76BBvQlK91I38E0nS4dynK8Y38ikHqeEoOMRdHt3Aca7rZWES5Yykl Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aP5DktUxQ5atbMXCe0yHhw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLvfzAXm8fGIAhqAM84rRQay5RcYj7AqaSzT4LH5-76BBvQlK91I38E0nS4dynK8Y38ikHqeEoOMRdHt3Aca7rZWES5Yykl date Fri, 29 Oct 2021 17:01:09 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame B26A Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAsIIroba4w4CYUVDPzI7s4&google_cver=1&google_push=AYg5qPJxKAguEoOXPTUOZbcGsBZxK10G-ulMEsIKPX5QwaPWhtH4dOSaaegHM0ZG9XnUtBlzyKw... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZDTUdYNlUtMjctRjlFRA==&google_push=AYg5qPJxKAguEoOXPTUOZbcGsBZxK10G-ulMEsIKPX5QwaPWhtH4dOSaaegHM0ZG9XnUtBlzyKwydDL5S54XEs6oZXoykVU_Wm4	170 B 188 B	29ms 28ms	Image image/png	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZDTUdYNlUtMjctRjlFRA==&google_push=AYg5qPJxKAguEoOXPTUOZbcGsBZxK10G-ulMEsIKPX5QwaPWhtH4dOSaaegHM0ZG9XnUtBlzyKwydDL5S54XEs6oZXoykVU_Wm4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZDTUdYNlUtMjctRjlFRA==&google_push=AYg5qPJxKAguEoOXPTUOZbcGsBZxK10G-ulMEsIKPX5QwaPWhtH4dOSaaegHM0ZG9XnUtBlzyKwydDL5S54XEs6oZXoykVU_Wm4 Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 611afce88997db6fdd35eb213e662871 Expires 0
GET		pixel cm.g.doubleclick.net/ Frame B26A Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_push=AY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb...	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame B26A Redirect Chain https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO7O6gXXFHguXMX3NwE5TSo&google_cver=1&google_push=AYg5qPLpbA5QhUidktjMlhtC... https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLpbA5QhUidktjMlhtCmFQLzikrlOuWBGJiq57Mlo5QrEnc1h065W20z69RtsU8Tdi6Tv42XFPIz3y5LX7JqUPkDquTDmnEnw&google_hm=	170 B 188 B	27ms 27ms	Image image/png	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLpbA5QhUidktjMlhtCmFQLzikrlOuWBGJiq57Mlo5QrEnc1h065W20z69RtsU8Tdi6Tv42XFPIz3y5LX7JqUPkDquTDmnEnw&google_hm= Requested by Host: dicastop.blog.br URL: https://dicastop.blog.br/ Protocol H3 Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 29 Oct 2021 17:01:09 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" location https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLpbA5QhUidktjMlhtCmFQLzikrlOuWBGJiq57Mlo5QrEnc1h065W20z69RtsU8Tdi6Tv42XFPIz3y5LX7JqUPkDquTDmnEnw&google_hm= cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 0 expires Thu, 28 Oct 2021 17:01:09 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame B26A	0 12 B	48ms 25ms	Image text/html	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JrRiOug-Ei-N1fPPuW3rrud5BjMNFn5_MmfANvIgG_1mW0L61ZJxhHsAjnXymVbdyBn0DU5w Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:09 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET DATA	200 OK	truncated / Frame CC52	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fab0015fb1a0aaecc9746424b9f3bf4475b83fb9b87786e5b153b3baa5b5ec21 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/ Frame CC52	15 KB 15 KB	67ms 32ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 02:40:20 GMT x-content-type-options nosniff age 138049 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15732 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:20 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 28 Oct 2022 02:40:20 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/ Frame CC52	15 KB 16 KB	47ms 14ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 01:55:14 GMT x-content-type-options nosniff age 54355 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 29 Oct 2022 01:55:14 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/ Frame CC52	15 KB 15 KB	57ms 26ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 27 Oct 2021 16:31:41 GMT x-content-type-options nosniff age 174568 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 27 Oct 2022 16:31:41 GMT
GET H3	200	LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js Show response pagead2.googlesyndication.com/bg/ Frame 1D19	35 KB 13 KB	14ms 14ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6689957433256669&output=html&h=280&adk=3671073774&adf=3347315918&pi=t.aa~a.1525475570~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1635526868&rafmt=1&to=qs&pwprc=2421285486&psa=0&format=1140x280&url=https%3A%2F%2Fdicastop.blog.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635526868497&bpp=2&bdt=1350&idt=2&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc61da335e36811e6-2279fcf603cb008c%3AT%3D1635526867%3ART%3D1635526867%3AS%3DALNI_MYPFjRr32ue_zs2iIzyDblu9msytg&prev_fmts=0x0&nras=2&correlator=8329824939384&frm=20&pv=1&ga_vid=608567289.1635526868&ga_sid=1635526868&ga_hid=1647733481&ga_fc=1&ga_cid=849180038.1635526868&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=1369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063167&oid=2&pvsid=1743534193562319&pem=865&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=86qP3UldWW&p=https%3A//dicastop.blog.br&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash 2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 27 Oct 2021 21:11:47 GMT content-encoding br x-content-type-options nosniff age 157762 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13394 x-xss-protection 0 last-modified Tue, 26 Oct 2021 18:58:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Thu, 27 Oct 2022 21:11:47 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B711	42 B 64 B	69ms 48ms	Fetch image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmyZqaZeDIMWMwDGzYfeNDOWD7mxf2ou5QyykvANRhl7YU6eTL0njn23aRgja3Egw0EiCLNP71oA8LxiuqkSf739uKQleMtk2NnRxtGsTfLU63mLyukQ&sai=AMfl-YSzw2Axshi-mLXeI32IEY_BMRLTdqt6NcT37p7UvIu61db8Pxmaa5MFF5dL0Q7CXdwYZ2jO58zSv3Ug&sig=Cg0ArKJSzIyhPvg3qxg9EAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=91,774,1000,1106,1186&tos=91,683,226,106,80&v=20211025&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3105533541&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635526868558&rpt=210&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST		event empregandoja.com/mautic/mtc/	0 0
OPTIONS H3	204	event empregandoja.com/mautic/mtc/ Frame	0 0	615ms 588ms	Preflight	104.21.85.50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://empregandoja.com/mautic/mtc/event Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.85.50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.24 Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-requested-with Origin https://dicastop.blog.br User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Sec-Fetch-Mode cors Response headers date Fri, 29 Oct 2021 17:01:10 GMT x-powered-by PHP/7.4.24 cache-control no-cache, private access-control-allow-origin https://dicastop.blog.br access-control-allow-headers Origin, X-Requested-With, Content-Type, Authorization access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS access-control-allow-credentials true access-control-max-age 36000 vary User-Agent,User-Agent x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcGtANWZQy86zJoPJjiH%2BDWZiyO1dGMtc%2B9OUFyNOvxQNuZZkd5FpJMUq9vLlIP7tjS5Kns94ZhqcHFmYuPZP9DwUJ3nm9jWVIs01ujbF1UIx8pir4eKUvAmkL%2Bp%2BmFbmu0v"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff server cloudflare cf-ray 6a5df6da5e9032c3-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	27ms 27ms	XHR application/json	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211026&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6689957433256669&plah=dicastop.blog.br Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e081c8909ba991ae8c68d7236d58ce4babd2f39e19756e085b9dfddd41243306 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Fri, 29 Oct 2021 17:01:10 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8486 x-xss-protection 0
GET H2	200	optimus_rules.json Show response tags.crwdcntrl.net/lt/c/3825/	4 KB 1 KB	30ms 10ms	XHR application/json	18.66.97.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28 Request headers Referer https://dicastop.blog.br/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 28 Oct 2021 17:19:10 GMT content-encoding gzip age 85321 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-allow-origin * last-modified Tue, 19 Oct 2021 13:13:55 GMT server AmazonS3 etag W/"6db43f44304c37d76768275ee4f01ba4" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/json via 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront) cache-control max-age: 86400 x-amz-cf-pop FRA56-P2 x-amz-cf-id JLMpPjGK3vssTt8Ld1CH-ZwxKwj7ByNWlCNGTGYZtqE7TrN3id4hvw==
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	49ms 49ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6689957433256669&plah=dicastop.blog.br Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:10 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Fri, 29 Oct 2021 17:01:10 GMT
POST H2	200	data Show response bcp.crwdcntrl.net/6/	550 B 1 KB	150ms 80ms	XHR application/json	52.208.103.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/data Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-103-128.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash e76ed1955172ad746af5b56719c18a6504f1ef80b296b6f8e603579496a34b4c Request headers Referer https://dicastop.blog.br/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://dicastop.blog.br cache-control no-cache x-server 10.45.7.51 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 550 expires 0
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8330	12 KB 5 KB	17ms 16ms	Document text/html	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Fri, 29 Oct 2021 15:49:09 GMT expires Sat, 29 Oct 2022 15:49:09 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4321 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 00BB	783 B 534 B	27ms 27ms	Document text/html	142.250.185.228 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f4.1e100.net Software GSE / Resource Hash dbcbd935e756a6042e211bef92a258ff18d10c3293b4b82e11f9ce8df195973f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-aZKTbWokrccyc89/ja5BpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Fri, 29 Oct 2021 17:01:10 GMT date Fri, 29 Oct 2021 17:01:10 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-aZKTbWokrccyc89/ja5BpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js Show response pagead2.googlesyndication.com/bg/ Frame 8330	35 KB 13 KB	14ms 13ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash ad8b12962ae8e7b1e5a90d30d5daf381777909bcc20b06faa9d148b888f6cc8b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 15:10:36 GMT content-encoding br x-content-type-options nosniff age 93034 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13232 x-xss-protection 0 last-modified Tue, 19 Oct 2021 13:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Fri, 28 Oct 2022 15:10:36 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 00BB	0 0	66ms 66ms	Image text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211026&jk=1743534193562319&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	lt.iframe.html Show response tags.crwdcntrl.net/lt/shared/2/ Frame 5C11	2 KB 1 KB	7ms 7ms	Document text/html	18.66.97.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825 Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ Response headers content-type text/html last-modified Mon, 01 Feb 2021 20:35:17 GMT x-amz-server-side-encryption AES256 server AmazonS3 content-encoding gzip date Fri, 29 Oct 2021 13:45:11 GMT cache-control max-age: 86400 etag W/"6fcf4f5197ab24c92d090f6ac8d87e01" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 x-amz-cf-id avmxv9pmwGUH5FvL-7HvHkFrXV6QOthh4wSoRO28RYATA4w4J2cDUg== age 11760
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	50ms 50ms	Image image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211026&jk=1743534193562319&bg=!BAelB0PNAAbUs_yW1LM7ACkAdvg8WglAL0oXyt4MVv-QGMsh1ILl9j1mg0PebVmwG69k0suq3enwHQIAAABUUgAAAAdoAQcKAMK82hu3FYagjdpIbv675zvQkrkD2VxmO2KoeoACpFzQkLhRDyW4r6Y25do2K8KNRocvRFsNBDNwr7kgZB1m8w1G0qL2AQnHhSjycR9GotOL-KrWDwzrlyGzVoqovss8a3OvxWadZHxKBXpHo1w2nkfYASwNIWyH5z578dVRHe0FnmQiGr-OmiOv54CltD-vUCET5wH-yXZFS6WbV7mUDh-Etw9bndQR4i0t8iPidXmlxY7SHPs4WEk7GVjgq3ko2hxfpJkCxKKSYsgPa0Ky1KBGQ3bvKhYBAS8SsKqZiCYtQ0PlggVYruszlb43BKvIGndGSSVqI7iUSNCGzKJTYvWeoolQv6I5SWG6F1JXdwVxFkVlCoZ-aUR_FMVv72_IIQDHqPQZgLVUBZww4xvO77g3d_RiMC0YU0HY2WeiBPkd64DR9tFU3O6z5Cb6yi2XcyMncx620soUSXCQKWEk0SnYscwlELIL6Cawani2GfZ-mmXths9XEpVarUT9t3ZB4s_-KqaMYEN_oXSifRqLV3ByofZaecq8C197-Q3dShuyt-1EolGd-8fzCAue1fhRe2wtCCWtBHeZycK4Pn0U6fSoBBORNr4zJdLuPJmoYeJMOWoFcD3fxV3mozpUH7qNCRnhInVKJh5tgSjXPaOiOC5iMjbtRM-mCcLjoLdBBMTju-b-Pne_T3dwoTJ2fDQ1JbGbgEvXYuwdBGM9ibUaSBhvNr3elV5Z8HyJB5quiGLiWdZb4iG2RnH6KtkA0GgOzgM4myxPaa3kF4g97NYzH45KIdZNlafVtolrqIU0iQg7OFTtO6OGAUhURD89ttl6kEGuWPAhtmm_6uRex9UIbKkDFjE5iicX8LASHScN7JboISKlLshZzNk_hMByjDYpigEsKQ1siNoDPc4euBEzXuT3EkdPrQvCcv85e9Wqkob51dzFAIjpqk7htMKtOPx21Xau9f_2tG-AXuamLBdWVYg08gNMcAHr90TqnmQo6OANjgWpsVo0cSvl62dbtkHyySE6LK5S3Z6S3LHWhFWDcxsgMCc_M9Sn1WQjYiw5wgqNGKgKQ9ewscfETm3REd_kLOXybrJgkZwi8t1yS1ubDwSRhFIZ6LJglGxW0aAXytJCc6pPuRHUePuwc9YG13gcmBmqcmtR1EIOrJkftPPQJNCNz9zshT7zhQsNAbdVxXfc_e5Cg4oyUQuEuQ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dicastop.blog.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixels Show response bcp.crwdcntrl.net/ Frame 8399	4 KB 4 KB	31ms 30ms	Document text/html	52.208.103.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-103-128.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 07b1a19234a08c55592cd9d56a992585d2d4bf3dd50be4062f2d5c18dfaf1e4e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://tags.crwdcntrl.net/ Response headers date Fri, 29 Oct 2021 17:01:10 GMT content-type text/html content-length 3721 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV cache-control no-cache pragma no-cache expires 0 x-server 10.45.23.174 server Jetty(9.4.38.v20210224)
GET H2	200	UCookieSetPug image6.pubmatic.com/AdServer/ Frame 8399	0 41 B	12ms 12ms	Image text/html	198.47.127.19 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:09 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame 8399	70 B 264 B	30ms 29ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	ltm audex.userreport.com/sync/put/ Frame 8399	43 B 433 B	72ms 17ms	Image image/gif	13.32.99.27 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://audex.userreport.com/sync/put/ltm?ltmid=2ab9403ace4548975727f3be5d5c55ee Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.32.99.27 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-27.fra60.r.cloudfront.net Software nginx/1.18.0 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:10 GMT Via 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx/1.18.0 X-Amz-Cf-Pop FRA60-P3 X-Cache Miss from cloudfront Content-Type image/gif Connection keep-alive Content-Length 43 X-Amz-Cf-Id VzLI81CFf-RB0IrTj-rNNbtMQjy17-Wuy_hHqdiBosuiCjDUy6-XJA==
GET H2	200	tpid=b86a0def-f7b4-4f61-b4f8-307adf91c958 sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 8399 Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=2ab9403ace4548975727f3be5d5c55ee&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp... https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=2ab9403ace4548975727f3be5d5c55ee&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA... https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=b86a0def-f7b4-4f61-b4f8-307adf91c958	49 B 264 B	43ms 42ms	Image image/gif	52.208.103.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=b86a0def-f7b4-4f61-b4f8-307adf91c958 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-103-128.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.3.83 content-type image/gif content-length 49 expires 0 Redirect headers location https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=b86a0def-f7b4-4f61-b4f8-307adf91c958 date Fri, 29 Oct 2021 17:01:10 GMT via 1.1 google alt-svc clear content-length 0 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	204	/ loadm.exelator.com/load/ Frame 8399 Redirect Chain https://loadm.exelator.com/load/?p=204&g=260&buid=2ab9403ace4548975727f3be5d5c55ee&j=0 https://loadm.exelator.com/load/?p=204&g=260&buid=2ab9403ace4548975727f3be5d5c55ee&j=0&xl8blockcheck=1	0 604 B	30ms 29ms	Image text/plain	34.254.143.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://loadm.exelator.com/load/?p=204&g=260&buid=2ab9403ace4548975727f3be5d5c55ee&j=0&xl8blockcheck=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-254-143-3.eu-west-1.compute.amazonaws.com Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:10 GMT cache-control no-cache access-control-allow-credentials true server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA Redirect headers date Fri, 29 Oct 2021 17:01:10 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://loadm.exelator.com/load/?p=204&g=260&buid=2ab9403ace4548975727f3be5d5c55ee&j=0&xl8blockcheck=1 cache-control no-cache access-control-allow-credentials true content-type image/gif content-length 0
GET		t px.surveywall-api.survata.com/ Frame 8399	0 0
GET H2	200	tpid=32002282311819115753082993678249236458 sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 8399 Redirect Chain https://dpm.demdex.net/ibs:dpid=121998&dpuuid=2ab9403ace4548975727f3be5d5c55ee&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=2ab9403ace4548975727f3be5d5c55ee&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=32002282311819115753082993678249236458	49 B 264 B	34ms 34ms	Image image/gif	52.208.103.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=32002282311819115753082993678249236458 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-103-128.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.17.25 content-type image/gif content-length 49 expires 0 Redirect headers DCS dcs-prod-irl1-1-v019-0920decde.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID Tn2B3bu7Tpo= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=32002282311819115753082993678249236458 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET		sync sync.tag.clrstm.com/lotame/ Frame 8399	0 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 8399	0 337 B	92ms 28ms	Image text/plain	108.128.79.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=2ab9403ace4548975727f3be5d5c55ee Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.79.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-79-28.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 17:01:10 GMT cache-control private, no-cache, no-store x-request-time D=31 t=1635526870 x-served-by beacon-n002-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	image.sbxx ib.mookie1.com/ Frame 8399 Redirect Chain https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=2ab9403ace4548975727f3be5d5c55ee https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=2ab9403ace4548975727f3be5d5c55ee	120 B 992 B	360ms 86ms	Image image/png	69.169.86.39 AMC
General Check archive.org Show headers Download Go to Show image Full URL https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=2ab9403ace4548975727f3be5d5c55ee Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol HTTP/1.1 Server 69.169.86.39 , United States, ASN29838 (AMC, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Fri, 29 Oct 2021 17:01:26 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET p3p CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR" Access-Control-Allow-Origin * Cache-Control no-cache X-Server NY12 Content-Type image/png Content-Length 120 Expires -1 Redirect headers Date Fri, 29 Oct 2021 17:01:09 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Location https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=2ab9403ace4548975727f3be5d5c55ee p3p CP="DSP COR ADM DEV PSA PSD OUR" Access-Control-Allow-Origin * Cache-Control private X-Server COR13 Content-Type text/html; charset=utf-8 Content-Length 217
GET H/1.1	200 OK	utsync.ashx ml314.com/ Frame 8399	43 B 422 B	132ms 28ms	Image image/gif	34.247.104.176 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/utsync.ashx?eid=50146&et=0&fp=2ab9403ace4548975727f3be5d5c55ee&gdpr=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-247-104-176.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Fri, 29 Oct 2021 17:01:10 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0,Sat, 30 Oct 2021 13:01:10 GMT
GET H2	200	tpid=1920e833-38a0-4dbb-9f45-6284985b6f6d bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame 8399 Redirect Chain https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=1920e833-38a0-4dbb-9f45-6284985b6f6d?gdpr=1&gdpr_consent=	49 B 265 B	34ms 34ms	Image image/gif	52.208.103.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=1920e833-38a0-4dbb-9f45-6284985b6f6d?gdpr=1&gdpr_consent= Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-103-128.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.13.177 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server Apache-Coyote/1.1 location https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=1920e833-38a0-4dbb-9f45-6284985b6f6d?gdpr=1&gdpr_consent= cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 x-xss-protection 1; mode=block expires 0
GET H/1.1	200 OK	match ps.eyeota.net/ Frame 8399 Redirect Chain https://ps.eyeota.net/match?bid=51mdg9u&uid=2ab9403ace4548975727f3be5d5c55ee https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D1%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526dc_rc%253D1%2526dc_mr%253D5%2526dc_orig%253D51mdg9u%2526 https://ps.eyeota.net/match?uid=5239885301804891749&bid=2cr76e1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 https://ps.eyeota.net/match?bid=9sn4omv&uid=agLsDrHo1MGvfE5&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& https://dpm.demdex.net/ibs:dpid=30064&dpuuid=17cccff7ead-6c9d0000010f5029&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51md... https://ps.eyeota.net/match?bid=6j5b2cv&uid=32002282311819115753082993678249236458&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& https://ml314.com/utsync.ashx?eid=50052&et=0&fp=25Qtlv07HLPGqcjoReSsGqXvr9C_TVXB70ta1WPxLmdo&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26dc_rc%3D4%... https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&dc_rc=4&dc_mr=5&dc_orig=51mdg9u& https://cms.analytics.yahoo.com/cms?partner_id=Eyeot https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-D7hy0WdE2pVIkOo0yrquI9qNw7TGkjOKAlo-~A	70 B 440 B	9ms 9ms	Image image/gif	3.121.27.153 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-D7hy0WdE2pVIkOo0yrquI9qNw7TGkjOKAlo-~A Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol HTTP/1.1 Server 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-27-153.eu-central-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:10 GMT Content-Type image/gif Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers date Fri, 29 Oct 2021 17:01:10 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY content-type text/html;charset=utf-8 location https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-D7hy0WdE2pVIkOo0yrquI9qNw7TGkjOKAlo-~A x-xss-protection 1; mode=block strict-transport-security max-age=31536000 content-length 0 x-content-type-options nosniff
GET H2	200	tpid=CI-5407e32f5be32881b2bff2c31a218b5f bcp.crwdcntrl.net/map/c=6220/tp=TRMR/ Frame 8399 Redirect Chain https://dt-secure.videohub.tv/v1/usync/lo https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-5407e32f5be32881b2bff2c31a218b5f	49 B 265 B	33ms 33ms	Image image/gif	52.208.103.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-5407e32f5be32881b2bff2c31a218b5f Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-103-128.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.13.188 content-type image/gif content-length 49 expires 0 Redirect headers Location https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-5407e32f5be32881b2bff2c31a218b5f Date Fri, 29 Oct 2021 17:01:10 GMT useSecure true Server nginx/1.20.1 Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	qmap sync.crwdcntrl.net/ Frame 8399 Redirect Chain https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=8eef617c-28d4-4e00-a6aa-9dddd54bfdbf	49 B 264 B	33ms 33ms	Image image/gif	52.208.103.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=8eef617c-28d4-4e00-a6aa-9dddd54bfdbf Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-103-128.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.9.128 content-type image/gif content-length 49 expires 0 Redirect headers Date Fri, 29 Oct 2021 17:01:10 GMT Server MT3 4067 88cc6bf master zrh-pixel-x14 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=8eef617c-28d4-4e00-a6aa-9dddd54bfdbf Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Fri, 29 Oct 2021 17:01:09 GMT
GET H2	200	tpid=bd78b0cc-7658-4172-b6a2-a0cb98dfb91b-617c28d6-5553 sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 8399 Redirect Chain https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=bd78b0cc-7658-4172-b6a2-a0cb98dfb91b-617c28d6-5553	49 B 265 B	33ms 32ms	Image image/gif	52.208.103.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=bd78b0cc-7658-4172-b6a2-a0cb98dfb91b-617c28d6-5553 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-103-128.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.10.119 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Fri, 29 Oct 2021 17:01:09 GMT server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" location https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=bd78b0cc-7658-4172-b6a2-a0cb98dfb91b-617c28d6-5553 cache-control max-age=0,no-cache,no-store content-length 0 expires Tue, 11 Oct 1977 12:34:56 GMT
GET H2	200	tpid=DnGYUi6V1MGvfE5 sync.crwdcntrl.net/map/c=1818/tp=DTXU/ Frame 8399 Redirect Chain https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=DnGYUi6V1MGvfE5	49 B 265 B	33ms 33ms	Image image/gif	52.208.103.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=DnGYUi6V1MGvfE5 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-103-128.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.16.229 content-type image/gif content-length 49 expires 0 Redirect headers Pragma no-cache Date Fri, 29 Oct 2021 17:01:10 GMT Server PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg Strict-Transport-Security max-age=2592000; includeSubDomains P3P policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI" Location https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=DnGYUi6V1MGvfE5 Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tpid=YXwo1QAAlooAxABG sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 8399 Redirect Chain https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YXwo1QAAlooAxABG	49 B 265 B	44ms 35ms	Image image/gif	52.208.103.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YXwo1QAAlooAxABG Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-103-128.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.22.112 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT via 1.1 varnish server Varnish x-timer S1635526870.492350,VS0,VE0 x-served-by cache-hhn4052-HHN x-cache HIT location https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YXwo1QAAlooAxABG cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8399	170 B 188 B	35ms 34ms	Image image/png	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid} Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	5907 tags.bluekai.com/site/ Frame 8399	62 B 304 B	185ms 185ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/5907?limit=0&id=b340e531cadd0d70f54ec3b1edf66872 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 17:01:10 GMT Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 Content-Type image/gif
GET H2	200	g.json Show response aa.agkn.com/adscores/ Frame 8399	103 B 413 B	84ms 22ms	Script application/json	3.8.243.222 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aa.agkn.com/adscores/g.json?sid=9202507693 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.8.243.222 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-8-243-222.eu-west-2.compute.amazonaws.com Software AAWebServer / Resource Hash e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server AAWebServer p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" cache-control no-cache, no-store, must-revalidate content-type application/json content-length 103 expires 0
GET H2	200	tpid=2777770084308048165 sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 8399 Redirect Chain https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/2ab9403ace4548975727f3be5d5c55ee/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2777770084308048165	49 B 265 B	36ms 36ms	Image image/gif	52.208.103.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2777770084308048165 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-103-128.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.22.156 content-type image/gif content-length 49 expires 0 Redirect headers location https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2777770084308048165 pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H2	200	tp=ANXS sync.crwdcntrl.net/map/c=281/rand=681914373/tpid=5239885301804891749/ Frame 8399 Redirect Chain https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=681914373%2Ftpid%3D%24UID%2Ftp%3DANXS https://sync.crwdcntrl.net/map/c=281/rand=681914373/tpid=5239885301804891749/tp=ANXS	49 B 264 B	34ms 34ms	Image image/gif	52.208.103.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=281/rand=681914373/tpid=5239885301804891749/tp=ANXS Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C115%2C106%2C100%2C95%2C94%2C90%2C80%2C78%2C61%2C50%2C49%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-103-128.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Fri, 29 Oct 2021 17:01:10 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.10.65 content-type image/gif content-length 49 expires 0 Redirect headers Pragma no-cache Date Fri, 29 Oct 2021 17:01:10 GMT X-Proxy-Origin 216.131.111.4; 216.131.111.4; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 596d99ca-f3b3-4135-88e0-89354be1b50f Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.crwdcntrl.net/map/c=281/rand=681914373/tpid=5239885301804891749/tp=ANXS Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET DATA	200 OK	truncated /	582 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXwo1dqDaTJlzIWrfbAYBQAABG8AAAIB&google_gid=CAESEH5J3Qksx9joLIvLRDlfopM&google_cver=1&google_push=AYg5qPJi5NGpzkIir2pk9W_zJe2BXJhq9jpWb_7_gfj0haxQk4H1t6cIvgNsIwGyjGl0hif4uAq8h749gufduh2fiZ5CERoXHn-i

Domain

empregandoja.com

URL

https://empregandoja.com/mautic/mtc/event

Domain

px.surveywall-api.survata.com

URL

https://px.surveywall-api.survata.com/t

Domain

sync.tag.clrstm.com

URL

https://sync.tag.clrstm.com/lotame/sync?uid=2ab9403ace4548975727f3be5d5c55ee