urlscan.io logo urlscan.io
SecurityTrails logo

notisul.com.br Open in urlscan Pro
190.89.239.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://notisul.com.br/
Effective URL: https://notisul.com.br/
Submission: On January 12 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 15 countries across 66 domains to perform 526 HTTP transactions. The main IP is 190.89.239.13, located in Brazil and belongs to HVC-AS, US. The main domain is notisul.com.br.
TLS certificate: Issued by R3 on November 9th 2023. Valid for: 3 months.
This is the only time notisul.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 36 190.89.239.13 29802 (HVC-AS)
8 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
61 2a00:1450:400... 15169 (GOOGLE)
1 101.99.75.146 45839 (SHINJIRU-...)
4 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
5 10 2a02:6b8::1:119 13238 (YANDEX)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
3 18.66.110.17 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
7 2600:9000:264... 16509 (AMAZON-02)
3 17 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:267... 16509 (AMAZON-02)
1 99.86.4.71 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
8 35.83.30.234 16509 (AMAZON-02)
6 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 35.201.123.184 396982 (GOOGLE-CL...)
40 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 34.102.185.99 396982 (GOOGLE-CL...)
1 7 2a00:1450:400... 15169 (GOOGLE)
4 2602:803:c004... 26667 (RUBICONPR...)
1 185.184.10.30 203690 (RTB-HOUSE...)
11 172.67.10.198 13335 (CLOUDFLAR...)
9 18 185.89.210.122 29990 (ASN-APPNEX)
1 4 51.38.120.206 16276 (OVH)
4 77.245.57.72 36057 (WEBAIR-IN...)
4 185.86.139.95 201081 (SMARTADSE...)
1 108.138.9.235 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 2620:116:800d... 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 4 3.76.149.124 16509 (AMAZON-02)
14 56 172.217.18.2 15169 (GOOGLE)
1 4 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 35.204.74.118 396982 (GOOGLE-CL...)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 35.186.193.173 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
9 34.215.67.132 16509 (AMAZON-02)
59 2a00:1450:400... 15169 (GOOGLE)
7 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
2 2 151.101.2.49 54113 (FASTLY)
1 3.33.220.150 16509 (AMAZON-02)
4 4 2a05:d018:d29... 16509 (AMAZON-02)
5 18.195.61.190 16509 (AMAZON-02)
2 4 2.16.97.41 16625 (AKAMAI-AS)
6 142.250.186.66 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
4 4 37.157.5.132 198622 (ADFORM)
1 178.250.1.9 44788 (ASN-CRITE...)
7 2a02:2638:3::10 44788 (ASN-CRITE...)
3 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
2 2404:6800:400... 15169 (GOOGLE)
10 16 104.18.36.155 13335 (CLOUDFLAR...)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 54.210.237.164 14618 (AMAZON-AES)
2 52.215.137.102 16509 (AMAZON-02)
5 5 46.228.174.117 56396 (AMOBEE)
1 1 2.18.160.23 16625 (AKAMAI-AS)
1 1 193.108.153.6 20940 (AKAMAI-ASN1)
4 142.250.185.134 15169 (GOOGLE)
1 2 34.251.209.93 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 154.59.122.79 174 (COGENT-174)
2 2 13.248.245.213 16509 (AMAZON-02)
1 89.149.192.75 60781 (LEASEWEB-...)
2 142.250.185.226 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
9 2600:1f13:800... 16509 (AMAZON-02)
2 2a02:2638:3::c 44788 (ASN-CRITE...)
2 151.101.129.108 54113 (FASTLY)
2 184.30.22.30 16625 (AKAMAI-AS)
2 69.173.144.138 26667 (RUBICONPR...)
1 2 81.17.55.116 60781 (LEASEWEB-...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 184.30.16.195 16625 (AKAMAI-AS)
1 198.47.127.19 62713 (AS-PUBMATIC)
2 2 34.98.64.218 396982 (GOOGLE-CL...)
1 54.154.88.230 16509 (AMAZON-02)
1 1 37.157.2.229 198622 (ADFORM)
1 1 8.2.110.33 46636 (NATCOWEB)
1 2600:9000:211... 16509 (AMAZON-02)
1 1 184.30.20.207 16625 (AKAMAI-AS)
1 2 3.71.149.231 16509 (AMAZON-02)
526 83
36    190.89.239.13 (Brazil)

ASN29802 (HVC-AS, US)
PTR: us13.serverdo.in
notisul.com.br
8    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:20::681a:e79 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.premiumads.com.br
61    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    101.99.75.146 (Seri Kembangan, Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la
fast.quickcontentnetwork.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
3    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
8    2606:4700::6812:633c (United States)

ASN13335 (CLOUDFLARENET, US)
www.tempo.com
5    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
12    2606:4700::6812:170e (United States)

ASN13335 (CLOUDFLARENET, US)
tags.denakop.com
10    2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
8    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:4400::ac40:919c (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
3    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    18.66.110.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-110-17.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
7    2600:9000:2644:f400:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.avantisvideo.com
cdn1.avantisvideo.com
17    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:2670:7400:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.avantisvideo.com
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2606:4700:10::6814:e180 (United States)

ASN13335 (CLOUDFLARENET, US)
id.navegg.com
8    35.83.30.234 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-30-234.us-west-2.compute.amazonaws.com
events1.avantisvideo.com
events.avantisvideo.com
6    2600:9000:225e:8800:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)
avm.avantisvideo.com
1    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
3    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
40    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
b.t.tailtarget.com
tt-11382-4.seg.t.tailtarget.com
t.tailtarget.com
7    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
11    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
18    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
4    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
4    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
cpm.denakop.com
4    185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net
aax.amazon-adsystem.com
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
8    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
4    3.76.149.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-149-124.eu-central-1.compute.amazonaws.com
pm.w55c.net
56    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
4    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
gcm.ctnsnet.com
4    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
9    34.215.67.132 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-67-132.us-west-2.compute.amazonaws.com
rtb.avantisvideo.com
59    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    2a05:d018:d29:3605:da2e:7cf5:bf7c:fec (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    18.195.61.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-61-190.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
6    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
4    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
7    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
3    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
2    2404:6800:4006:814::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
16    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    54.210.237.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-237-164.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    52.215.137.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-137-102.eu-west-1.compute.amazonaws.com
match.360yield.com
ice.360yield.com
5    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
cs.media.net
1    193.108.153.6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-6.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
4    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
2    34.251.209.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-209-93.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    89.149.192.75 (Bunschoten, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2600:9000:223f:2a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
9    2600:1f13:800:7782:531c:b18f:f16f:baba (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    81.17.55.116 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
sync.smartadserver.com
6    2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
1    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
1    54.154.88.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-88-230.eu-west-1.compute.amazonaws.com
ap.lijit.com
1    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    8.2.110.33 (United States)

ASN46636 (NATCOWEB, US)
us.shb-sync.com
1    2600:9000:211e:9e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
Apex Domain
Subdomains		 Transfer
105 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
934 KB
85 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
pubads.g.doubleclick.net — Cisco Umbrella Rank: 357
ad.doubleclick.net — Cisco Umbrella Rank: 199
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677
504 KB
59 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
1 MB
36 notisul.com.br
notisul.com.br
875 KB
31 avantisvideo.com
cdn.avantisvideo.com — Cisco Umbrella Rank: 68894
static.avantisvideo.com — Cisco Umbrella Rank: 71707
events1.avantisvideo.com — Cisco Umbrella Rank: 89628
cdn1.avantisvideo.com — Cisco Umbrella Rank: 89727
avm.avantisvideo.com — Cisco Umbrella Rank: 69580
events.avantisvideo.com — Cisco Umbrella Rank: 54324
rtb.avantisvideo.com — Cisco Umbrella Rank: 108980
574 KB
20 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
secure.adnxs.com — Cisco Umbrella Rank: 793
acdn.adnxs.com — Cisco Umbrella Rank: 957
51 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8571
csm.eu.criteo.net — Cisco Umbrella Rank: 7743
163 KB
16 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
10 KB
16 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
288 KB
16 denakop.com
tags.denakop.com — Cisco Umbrella Rank: 275984
cpm.denakop.com — Cisco Umbrella Rank: 247530
162 KB
13 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1241
static.adsafeprotected.com — Cisco Umbrella Rank: 988
dt.adsafeprotected.com — Cisco Umbrella Rank: 933
105 KB
11 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6230
csync.smilewanted.com — Cisco Umbrella Rank: 3586
static.smilewanted.com — Cisco Umbrella Rank: 12878
17 KB
9 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2014
www.google.com — Cisco Umbrella Rank: 6
1 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
518 KB
8 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
eus.rubiconproject.com — Cisco Umbrella Rank: 951
token.rubiconproject.com — Cisco Umbrella Rank: 744
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
15 KB
8 tempo.com
www.tempo.com
58 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
imasdk.googleapis.com — Cisco Umbrella Rank: 639
377 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
555 KB
7 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 2047
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
sync.smartadserver.com — Cisco Umbrella Rank: 2055
3 KB
7 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 87331
d.tailtarget.com — Cisco Umbrella Rank: 97093
b.t.tailtarget.com — Cisco Umbrella Rank: 74163
tt-11382-4.seg.t.tailtarget.com — Cisco Umbrella Rank: 459869
t.tailtarget.com — Cisco Umbrella Rank: 32047
23 KB
6 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 45211
usr.navdmp.com — Cisco Umbrella Rank: 50426
cdn.navdmp.com — Cisco Umbrella Rank: 33736
sync2.navdmp.com — Cisco Umbrella Rank: 78647
sync.navdmp.com — Cisco Umbrella Rank: 41196
6 KB
6 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 173
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
3 KB
6 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 7692
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10138
dis.criteo.com — Cisco Umbrella Rank: 943
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15868
gum.criteo.com — Cisco Umbrella Rank: 597
53 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4237
onesignal.com — Cisco Umbrella Rank: 1212
img.onesignal.com — Cisco Umbrella Rank: 7403
90 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
cm.adform.net — Cisco Umbrella Rank: 1664
3 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
726 B
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6227
3 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
75 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
5 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2266
72 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
53 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2019
990 B
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1559
s.tribalfusion.com — Cisco Umbrella Rank: 3590
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
4 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
997 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 857
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
2 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1348
1 KB
2 openx.net
u.openx.net — Cisco Umbrella Rank: 1108
658 B
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 811
image6.pubmatic.com — Cisco Umbrella Rank: 1215
6 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 731
943 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3385
ice.360yield.com — Cisco Umbrella Rank: 2466
397 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1449
r.turn.com — Cisco Umbrella Rank: 6381
869 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
984 B
2 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 14785
gcm.ctnsnet.com — Cisco Umbrella Rank: 65617
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5728
207 B
2 google.de
www.google.de — Cisco Umbrella Rank: 4002
515 B
2 premiumads.com.br
tags.premiumads.com.br — Cisco Umbrella Rank: 404064
143 KB
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 3160
619 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1035
1 shb-sync.com
us.shb-sync.com — Cisco Umbrella Rank: 8094
581 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2278
684 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2641
1 KB
1 media.net
cs.media.net — Cisco Umbrella Rank: 1972
880 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
1 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
777 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
149 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8834
596 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
2 KB
1 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 13129
177 B
1 navegg.com
id.navegg.com — Cisco Umbrella Rank: 413337
303 B
1 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 23894
57 KB
1 quickcontentnetwork.com
fast.quickcontentnetwork.com — Cisco Umbrella Rank: 248944
1 KB
526 66
Domain Requested by
61 pagead2.googlesyndication.com notisul.com.br
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
59 s0.2mdn.net imasdk.googleapis.com
notisul.com.br
s0.2mdn.net
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
54 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
40 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
notisul.com.br
s0.2mdn.net
36 notisul.com.br 1 redirects notisul.com.br
17 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
16 ib.adnxs.com 7 redirects tags.denakop.com
googleads.g.doubleclick.net
acdn.adnxs.com
15 dsum-sec.casalemedia.com 9 redirects googleads.g.doubleclick.net
12 tags.denakop.com notisul.com.br
tags.denakop.com
9 dt.adsafeprotected.com b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
9 rtb.avantisvideo.com cdn.avantisvideo.com
8 www.googletagservices.com googleads.g.doubleclick.net
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
8 fonts.gstatic.com fonts.googleapis.com
8 www.tempo.com notisul.com.br
www.tempo.com
8 www.googletagmanager.com notisul.com.br
www.googletagmanager.com
tags.denakop.com
7 imageproxy.eu.criteo.net ads.eu.criteo.com
7 static.criteo.net ads.eu.criteo.com
7 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
6 csync.smilewanted.com tags.denakop.com
csync.smilewanted.com
6 www.googleadservices.com
6 events.avantisvideo.com
6 www.gstatic.com googleads.g.doubleclick.net
6 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
6 cdn.avantisvideo.com tags.premiumads.com.br
cdn.avantisvideo.com
6 fonts.googleapis.com notisul.com.br
googleads.g.doubleclick.net
5 x.bidswitch.net googleads.g.doubleclick.net
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
5 mc.yandex.com 3 redirects notisul.com.br
5 mc.yandex.ru 2 redirects fast.quickcontentnetwork.com
notisul.com.br
4 cdnjs.cloudflare.com s0.2mdn.net
4 ad.doubleclick.net notisul.com.br
4 c1.adform.net 4 redirects
4 sync.teads.tv 2 redirects googleads.g.doubleclick.net
4 pr-bh.ybp.yahoo.com 4 redirects
4 b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 pm.w55c.net 4 redirects
4 prg.smartadserver.com tags.denakop.com
4 cpm.denakop.com tags.denakop.com
4 onetag-sys.com 1 redirects tags.denakop.com
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
4 prebid.smilewanted.com tags.denakop.com
4 fastlane.rubiconproject.com tags.denakop.com
3 sync.1rx.io 3 redirects
3 csm.eu.criteo.net ads.eu.criteo.com
3 um.simpli.fi 3 redirects
3 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
3 cms.quantserve.com 2 redirects googleads.g.doubleclick.net
3 onesignal.com cdn.onesignal.com
3 securepubads.g.doubleclick.net tags.premiumads.com.br
securepubads.g.doubleclick.net
3 c.amazon-adsystem.com tags.premiumads.com.br
c.amazon-adsystem.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 u.openx.net 2 redirects
2 tag.navdmp.com tags.premiumads.com.br
tag.navdmp.com
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 eus.rubiconproject.com tags.denakop.com
eus.rubiconproject.com
2 acdn.adnxs.com tags.denakop.com
2 gum.criteo.com tags.denakop.com
2 static.adsafeprotected.com b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net notisul.com.br
2 eb2.3lift.com 2 redirects
2 fw.adsafeprotected.com 1 redirects notisul.com.br
2 secure.adnxs.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 sync-tm.everesttech.net 2 redirects
2 dclk-match.dotomi.com googleads.g.doubleclick.net
2 imasdk.googleapis.com cdn.avantisvideo.com
imasdk.googleapis.com
2 b.t.tailtarget.com d.tailtarget.com
2 d.tailtarget.com notisul.com.br
d.tailtarget.com
2 events1.avantisvideo.com notisul.com.br
2 region1.google-analytics.com www.googletagmanager.com
2 cdn.onesignal.com notisul.com.br
cdn.onesignal.com
2 www.google.de notisul.com.br
2 region1.analytics.google.com www.googletagmanager.com
2 tags.premiumads.com.br notisul.com.br
tags.premiumads.com.br
1 ups.analytics.yahoo.com
1 cms.analytics.yahoo.com 1 redirects
1 sync.navdmp.com
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com
1 cdn.navdmp.com tag.navdmp.com
1 s.ad.smaato.net csync.smilewanted.com
1 us.shb-sync.com 1 redirects
1 cm.adform.net 1 redirects
1 ap.lijit.com csync.smilewanted.com
1 usr.navdmp.com tag.navdmp.com
1 ice.360yield.com csync.smilewanted.com
1 image6.pubmatic.com ads.pubmatic.com
1 ads.pubmatic.com csync.smilewanted.com
1 pixel.rubiconproject.com csync.smilewanted.com
1 static.smilewanted.com csync.smilewanted.com
1 token.rubiconproject.com eus.rubiconproject.com
1 ssbsync.smartadserver.com b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
1 ums.acuityplatform.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 analytics.pangle-ads.com 1 redirects
1 cs.media.net 1 redirects
1 match.360yield.com b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
1 sync.srv.stackadapt.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
1 dis.criteo.com googleads.g.doubleclick.net
1 r.turn.com googleads.g.doubleclick.net
1 ad.turn.com 1 redirects
1 t.tailtarget.com
1 match.adsrvr.org googleads.g.doubleclick.net
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 ius.ctnsnet.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 tt-11382-4.seg.t.tailtarget.com d.tailtarget.com
1 cdn.jsdelivr.net cdn.avantisvideo.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 prebid-us.creativecdn.com tags.denakop.com
1 tags.t.tailtarget.com tags.denakop.com
1 img.onesignal.com notisul.com.br
1 cdn1.avantisvideo.com cdn.avantisvideo.com
1 id.navegg.com tags.premiumads.com.br
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 static.avantisvideo.com cdn.avantisvideo.com
1 scripts.cleverwebserver.com notisul.com.br
1 fast.quickcontentnetwork.com notisul.com.br
526 124
Subject Issuer Validity Valid
www.notisul.com.br
R3		 2023-11-09 -
2024-02-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
premiumads.com.br
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
fast.quickcontentnetwork.com
R3		 2023-11-21 -
2024-02-19		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-17 -
2024-05-16		 a year crt.sh
denakop.com
Cloudflare Inc ECC CA-3		 2023-10-15 -
2024-10-14		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2023-08-06 -
2024-08-04		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.avantisvideo.com
Amazon RSA 2048 M02		 2023-05-16 -
2024-06-13		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
onesignal.com
E1		 2023-12-25 -
2024-03-24		 3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-09		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-03 -
2024-02-28		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-08 -
2024-03-03		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.lijit.com
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh

This page contains 59 frames:

Primary Page: https://notisul.com.br/
Frame ID: 7AD6C0F15170BC651DD6F96789B26ECB
Requests: 184 HTTP requests in this frame

Frame: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Frame ID: 1F1B407F18E7D830B2D3542524A1647D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: EB04F5EAD5D294B7AA2F2A698B0132D5
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 14DDFBC6B31EE52F9CA61471CAB011DF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&adk=1812271804&adf=3025194257&lmt=1705064366&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064366335&bpp=2&bdt=783&idt=417&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5252623613645&frm=20&pv=2&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=460
Frame ID: 820FEFF54E56EDFADF533E7067582612
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Frame ID: 34BA2CB8697A5ABC1E199DFF581890C9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Frame ID: 84C070C2C0DFF5D381CC3AEEE7E224F6
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Frame ID: 8DCA04569D28C23DEB7F4B7AEF5A6D23
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Frame ID: 884544D9E51DC30030B774124E836C99
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 0E049F7219ABE9E23A1CC0D6B3DB1DB7
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD7BA796D2F0B0FD5C4D89320B0A3224
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3CA1C10F5CD6EFE5DA5B6B6CDAF8220D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A5CD0CB1957A206439E143E9D87E42D7
Requests: 9 HTTP requests in this frame

Frame: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 312DFA3BD50B689A5B544B8C3C4B26B9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 96BEA16D46748C34698F7CB461F4A65C
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Frame ID: CBC5381775C9526CA4DCBA35678FE1E0
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 128FE288BF10D52DA16309054148BACD
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.612.0_en.html
Frame ID: 4B24E42E052168B9902FECF5E76EA386
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5B94FA89132C358B035E911B1F4C6D06
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AAB02FEBB87C01F865499C192434E98D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 340707B06F4014EED6584E86ADB31B3D
Requests: 1 HTTP requests in this frame

Frame: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 619C4CBFEEB3D6F655FCB9AA859DDCED
Requests: 29 HTTP requests in this frame

Frame: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1615D9FC16DA585985DFF14E67C0D95E
Requests: 14 HTTP requests in this frame

Frame: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8D52F3D9FD9CA37C001B5855BEB4A58E
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: F7A9937B8D76CE74AF15FEDDB2BC81E4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 61271431357D91C94315ADB6173BDDDD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLKOu9IBMAE&v=APEucNU3Ey7HZ3kNhjV0leoekTN2uscMUiVvlR0lVbKDX41lyLBrtPsmf8ecC8yN_4DoD05eQTS1U1MGXYgvbC2R0DIKVzBI__hs5mYHdoFWv-fGPDMskCkexGPs1MjzmResx9k_aE1kEPw182PvMhrxEoJYZaE9whrP8u15wk2pdKLoM4HZgp3rwmc_HOOlpicxVDTbl18YboygpwMuw-3rZQjL3zhg0A
Frame ID: 0A6519BA9FD29EFD8D92A46D3C3D130C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUcseBB5dNjuQNGPNyyu5BzgJ1rrTfZKoLqpeOtBa-OyWZ-BEQxh6fQyfhV8AFNE9Kof3CbIfQfld71XSS3OTqEHC5-_YL7GYJWdInY7lRcvnyX78FXCjrWYxwvZKZnIG8LotylYgqTp3epZCMWVEaEz-ymrNBdyS-JwJCjuEn2db3hNphY_Z3WoTbEr-pyWCv56zKnWKBKcPOx1ZcenZ2EKmvuIA
Frame ID: 9A428BB795378214AFA8FDF0ED1D8067
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 45F48E8519197330B58E0732D9F7CED1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNVvUDGJy1kjMDczk7q3frGihgUH2scSpS-WkghRh6t2rDck3YXJ7hv8IqokOklJbF1gyQ-t5vRL4TkV0-P2DzgCUdvPpTGtWdt6Ixp3cIHdmbMJMsIktZO9SAgMJT4eIIuFGbcJ7L3LG9Nb-zxa8kF_XKHWdAmfqgmMykqORu7Wud-_jVrzUK9B7xKVmKQpUJsH0-eIMuSD1AIECAZrVqdQ7e_H6A
Frame ID: A26235EE84A0ADEA61BE81FB0BB30C0D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9F7F384FD757C3F6D7671A3482C04B86
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F91614DEC0028FF087E974F26AEDDADF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 556E93859975B4A36461DBE12C25F5C5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Frame ID: 725274CA0B58ED6DC61DCD5EB097CF18
Requests: 24 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Frame ID: 93A8B7B9E60474229F879192584CF8A9
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 559DD269479C7B7780509599A6A1884B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A3C8B750B1B5FA3E693D3C8EDB5C7CAB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17763968863331942400/index.html?e=69&leftOffset=0&topOffset=0&c=iWvrM2yztd&t=1&renderingType=2&ev=01_250
Frame ID: CA064FD4A384C4926D2C24FAEA46B156
Requests: 14 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5E132C991F67EB9B680B45A5C6410898
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Frame ID: E128E572C7151785E91BA336DF12952D
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4CD2ECA6708175EE029107224B91B9E0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B0346754904DB18B0BC9A28F37BBACB7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 4E84E61C89B4624401FD2C476DB1788F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1705064367710
Frame ID: 6744247FAB3C2080319A4478C650343B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 47036A3051CFAEF347FBCA003A32767E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E9FFB0613231CCEECDA418E9B0A63639
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 299DEB789D491B3889FE4BB6F8AF5DDA
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: B1A8970FD221440089573F6A01C8D686
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: E878C0D3537B8F902F5FEB5486900EE9
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 1D036D9C00F23DAECA8918140B9300C5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/7719760622808119083
Frame ID: 7A403108B6D1CE4E4B884309FADE319F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 708FF81636A4CB9B04D1916E23FB09C7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: A2BDF3AAE10C658F6E671E62212C4DE6
Requests: 2 HTTP requests in this frame

Frame: https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Frame ID: 3F7C369B1CE59AF5D2D78528E6108A3A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/3a1d6d7b-1a74-4835-a27a-adcdcc4beaff
Frame ID: 824B61BE5783C08D2A011F4E3297CD0F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: A0791FD3C15EBE7A41DD000F3946C8F0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/6088250643528957305
Frame ID: 96FB670F2EC5B1A5798017F7FD1316A0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adwmg/37913bda-afef-4dc0-8ea9-01e6e8ab5c3d
Frame ID: 17F48CB3EAD15EB451AE77514D32A570
Requests: 1 HTTP requests in this frame

Frame: https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID
Frame ID: C80FD54BE8F7A71AC19A1751B192433D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Página inicial - Notisul

Page URL History Show full URLs

  1. http://notisul.com.br/ HTTP 301
    https://notisul.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

526
Requests

89 %
HTTPS

48 %
IPv6

66
Domains

124
Subdomains

83
IPs

15
Countries

6963 kB
Transfer

18260 kB
Size

100
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://notisul.com.br/ HTTP 301
    https://notisul.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://mc.yandex.ru/watch/95390266 HTTP 302
  • https://mc.yandex.ru/watch/95390266/1?redirnss=1
Request Chain 88
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10246.m0QiVRKIWAQMa2jq4adB871rJ7FDXrQ2sClfZz_99g2x3CSJ85GAExcxsCwJ50EV.-ZFNmtF9haLSY773wJegQlDg7_g%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10246.pa9XVAAVPxVJ1axaYcC8WrumGUVBvx1Tw6LiXgyIuZQoXyN_R74gQkEIZyGckKtbHbLTvlDfVrdd8CZDz1J_GOpvqxtdn5XmONvso69oWPAO-7FyyHo9S4pVBzWwpf4zhe6Z1Ex5rUANcRWjOH3ujn9gii5NwZhUH0TX67QEjLC3_vlurhBJFM1j6l2aUlfChLg9dAExxDB_6b33p8rugI58Mhs3uezaxQbIfsvLu_s%2C.d5uM1dHyMbZCX7SJZ5gF5Rr1JuQ%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10246.cTscGSjA4Gy6I_6a_omYmjLseOfsZ3-jbMFKRws_GBgr8lGsXK3sEvDCOhN_SDIfe_CmCQnatkDQ4priZv5ZuNHxXWM5YJ5XADNhIaw6-wJXqHZdHnbSYl3KFBmY5_OIDsj3a7ODgtizn1FGInpbaoz6WQJu43BOrMa3qfeocmWHpsbvNOe3nBzBBAJgQPRMkVchRchVUQXbfJa3gJ0c0A%2C%2C.8tOztEb7kn5eTKbmDQaOIPVWdJw%2C
Request Chain 102
  • https://mc.yandex.com/watch/95390266?wmode=7&page-url=https%3A%2F%2Fnotisul.com.br%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A454798477115%3Ahid%3A483625554%3Az%3A60%3Ai%3A20240112135926%3Aet%3A1705064367%3Ac%3A1%3Arn%3A212289292%3Arqn%3A1%3Au%3A1705064367846793312%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C259%2C127%2C260%2C655%2C0%2C%2C663%2C1%2C%2C%2C%2C1966%3Aco%3A0%3Acpf%3A1%3Ans%3A1705064364506%3Agi%3AR0ExLjEuMTk2Mzc3NTcxNi4xNzA1MDY0MzY2%3Afp%3A1644%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705064367%3At%3AP%C3%A1gina%20inicial%20-%20Notisul&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/95390266/1?wmode=7&page-url=https%3A%2F%2Fnotisul.com.br%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A454798477115%3Ahid%3A483625554%3Az%3A60%3Ai%3A20240112135926%3Aet%3A1705064367%3Ac%3A1%3Arn%3A212289292%3Arqn%3A1%3Au%3A1705064367846793312%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C259%2C127%2C260%2C655%2C0%2C%2C663%2C1%2C%2C%2C%2C1966%3Aco%3A0%3Acpf%3A1%3Ans%3A1705064364506%3Agi%3AR0ExLjEuMTk2Mzc3NTcxNi4xNzA1MDY0MzY2%3Afp%3A1644%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705064367%3At%3AP%C3%A1gina%20inicial%20-%20Notisul&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Request Chain 197
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPZbFcrI_8et3SvfEzJ2PW0&google_cver=1&google_push=AXcoOmR3VSMhsii2Q5gX3rZmpL3ieBE25a4vC7Covg8sB_N-UagFDjxTly62qXxAe31iAJlVahwOVzuYLajjbRJiZJ5jKQ2inyYKojPn33g_qnGnqvh7CToEF0qgQbWekb-edDKndzYaf1NKT1vyPyCGcd2X HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPZbFcrI_8et3SvfEzJ2PW0&google_cver=1&google_push=AXcoOmR3VSMhsii2Q5gX3rZmpL3ieBE25a4vC7Covg8sB_N-UagFDjxTly62qXxAe31iAJlVahwOVzuYLajjbRJiZJ5jKQ2inyYKojPn33g_qnGnqvh7CToEF0qgQbWekb-edDKndzYaf1NKT1vyPyCGcd2X HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBWdmNkNFcxUm9oOGM1&google_gid=CAESEPZbFcrI_8et3SvfEzJ2PW0&google_cver=1&google_push=AXcoOmR3VSMhsii2Q5gX3rZmpL3ieBE25a4vC7Covg8sB_N-UagFDjxTly62qXxAe31iAJlVahwOVzuYLajjbRJiZJ5jKQ2inyYKojPn33g_qnGnqvh7CToEF0qgQbWekb-edDKndzYaf1NKT1vyPyCGcd2X
Request Chain 198
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPu44LW5wtCDtijZrodgnc8&google_cver=1&google_push=AXcoOmTjEQDmut5hM5AA3hMk9CBp78NugmM0Kaasewoj7eZecv-mLhWSW69MbMQOFg_aWV8Oj2W3dtZHAEaaz6-m2LV1RrT2KKH2stEiGFoyIKCDKgzhTBv9GnnelCKELE7zI1ahDVSTF0_F3MGMukPW_tY9CQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTjEQDmut5hM5AA3hMk9CBp78NugmM0Kaasewoj7eZecv-mLhWSW69MbMQOFg_aWV8Oj2W3dtZHAEaaz6-m2LV1RrT2KKH2stEiGFoyIKCDKgzhTBv9GnnelCKELE7zI1ahDVSTF0_F3MGMukPW_tY9CQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPu44LW5wtCDtijZrodgnc8&google_cver=1&google_push=AXcoOmTjEQDmut5hM5AA3hMk9CBp78NugmM0Kaasewoj7eZecv-mLhWSW69MbMQOFg_aWV8Oj2W3dtZHAEaaz6-m2LV1RrT2KKH2stEiGFoyIKCDKgzhTBv9GnnelCKELE7zI1ahDVSTF0_F3MGMukPW_tY9CQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTjEQDmut5hM5AA3hMk9CBp78NugmM0Kaasewoj7eZecv-mLhWSW69MbMQOFg_aWV8Oj2W3dtZHAEaaz6-m2LV1RrT2KKH2stEiGFoyIKCDKgzhTBv9GnnelCKELE7zI1ahDVSTF0_F3MGMukPW_tY9CQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 199
  • https://um.simpli.fi/gp_match?google_gid=CAESELXAJ72iKuEhlIz3C8ZlsWM&google_cver=1&google_push=AXcoOmSD3aGUWcM7RYLwJ1hfcNRs22uPr-QI1iquANXmNUWKRznlEqPuuFmRAJNv8KB9ETwiC-h8p_mAITjJDSDUebq3rPjoycCy--bARD1Bo-Xvc0Jxi-xW-VO55IhprIhXI35P9PO5HTkjd_01UkzHwzE39Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F85D6F5E267046DCB3FC8462E3718080&google_push=AXcoOmSD3aGUWcM7RYLwJ1hfcNRs22uPr-QI1iquANXmNUWKRznlEqPuuFmRAJNv8KB9ETwiC-h8p_mAITjJDSDUebq3rPjoycCy--bARD1Bo-Xvc0Jxi-xW-VO55IhprIhXI35P9PO5HTkjd_01UkzHwzE39Q
Request Chain 200
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJq6FEE8NI2zHKE2oFi-wqQ&google_cver=1&google_push=AXcoOmQMWrqtXKZGxr9AnXfBtLzOnAiJdgaZ4rcMTch_ElyjjdyPxh2j1_oPX4RH9SMbGT_YAc_fHSlmcLTwub5hmw38RzCFIDUT-R8-H-brNB1wfaXV8J4hv8rcxZthRq-bBQzgj4F3x17D_9vbuP1t0n1s HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Nauh5w1DRrwBLKwaZpocRw&google_push=AXcoOmQMWrqtXKZGxr9AnXfBtLzOnAiJdgaZ4rcMTch_ElyjjdyPxh2j1_oPX4RH9SMbGT_YAc_fHSlmcLTwub5hmw38RzCFIDUT-R8-H-brNB1wfaXV8J4hv8rcxZthRq-bBQzgj4F3x17D_9vbuP1t0n1s
Request Chain 201
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEDbgwmSWa0Pw1zCG3QXGx7c&google_cver=1&google_push=AXcoOmT3nIgN3nS8IKnW1IplCmlsR4IBYCwayhQRGukwOYbOGp10ecJSs7zRrQ3JL6z6vmjMPZiH1b4FbahMTHnLggwHKCiklcs8ErDrQK1GiyA2OSSskJyZojXOPVrawumhmn330TSX98oAwzuk1RiPEOwWpw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT3nIgN3nS8IKnW1IplCmlsR4IBYCwayhQRGukwOYbOGp10ecJSs7zRrQ3JL6z6vmjMPZiH1b4FbahMTHnLggwHKCiklcs8ErDrQK1GiyA2OSSskJyZojXOPVrawumhmn330TSX98oAwzuk1RiPEOwWpw&google_hm=VED4ynP-TpqVhQlqtijOWIM
Request Chain 249
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFQUP6hho6b3CVNaGLz8JTE&google_cver=1&google_push=AXcoOmQxWJ3mnNw1fYG3XqoLGPObVETvujZt01oqmNInemwkZHU3il9KTXJBNFh9WyNsim7skYaRy-jflTHE09XuF3YWaQuGEwKa0DSOk3IN-_UJUigXxGA7HsiCLO_-V2R2FzPQlxHKnfOOx6e_Mw2vEVIOpg HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQxWJ3mnNw1fYG3XqoLGPObVETvujZt01oqmNInemwkZHU3il9KTXJBNFh9WyNsim7skYaRy-jflTHE09XuF3YWaQuGEwKa0DSOk3IN-_UJUigXxGA7HsiCLO_-V2R2FzPQlxHKnfOOx6e_Mw2vEVIOpg&google_hm=iHwdt87rtVjAwoIN1JW_yw
Request Chain 252
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEG2pmRI3dOqOafSfwPI3Ce0&google_cver=1&google_push=AXcoOmTo1npKQ8Mh6adOHeWq1wCtwqhYsGwPKn14__CWhcr2EAbepGi8Byl2hmTLb05KoemgyNAiPrb2ZUafaS3vrA90_AFzBYulEskNqVElFbL6BxK3ukgy83v2RxmQ70GxxecCb22gZRbTXzJuCQy_90K0_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG2pmRI3dOqOafSfwPI3Ce0&google_push=AXcoOmTo1npKQ8Mh6adOHeWq1wCtwqhYsGwPKn14__CWhcr2EAbepGi8Byl2hmTLb05KoemgyNAiPrb2ZUafaS3vrA90_AFzBYulEskNqVElFbL6BxK3ukgy83v2RxmQ70GxxecCb22gZRbTXzJuCQy_90K0_g
Request Chain 253
  • https://um.simpli.fi/gp_match?google_gid=CAESEMru2ryThqyrGhR0Y298TSo&google_cver=1&google_push=AXcoOmRQjd9J6wLLE3bgaUrPj3jkmM3R9HA7p1HUHKWIjsghEYjuHuJtk6PibQ45n_O_jScBqdUtZHCdMAeCeTgDEoS-k67d5pUBtInT54KU2h9sEYvCk0-xZZfHHXjCs3GWbJ-mD-6CFOcCL94qaU0lZN7K HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F85D6F5E267046DCB3FC8462E3718080&google_push=AXcoOmRQjd9J6wLLE3bgaUrPj3jkmM3R9HA7p1HUHKWIjsghEYjuHuJtk6PibQ45n_O_jScBqdUtZHCdMAeCeTgDEoS-k67d5pUBtInT54KU2h9sEYvCk0-xZZfHHXjCs3GWbJ-mD-6CFOcCL94qaU0lZN7K
Request Chain 255
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEVUm7Uqa-bNbOCdK0t-eq0&google_cver=1&google_push=AXcoOmTQa386B7M0XtftYMox2guf1FQZqzxtLIK7lPa8BF4YEVnPWAEwt46schPoBychx3lyKtPXn2KnYroVWbPSMxr4NhxOdLZ8P0zImiF_xdr0LEUM38Ym7IARrtz_wVRso9JYEul3Uj8YB6pLEVtXzZwMQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTQa386B7M0XtftYMox2guf1FQZqzxtLIK7lPa8BF4YEVnPWAEwt46schPoBychx3lyKtPXn2KnYroVWbPSMxr4NhxOdLZ8P0zImiF_xdr0LEUM38Ym7IARrtz_wVRso9JYEul3Uj8YB6pLEVtXzZwMQQ&google_hm=eS1ZSTFtMUJoRTJwRXNMWWFtaFBIZWUwV3RTYjhQVy43T35B
Request Chain 257
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPC3csZZoL_2Zd9vtjUERIM&google_cver=1&google_push=AXcoOmQODLs2nQMHIxokB57MJP5d_R1W4_-79UtYB_WvZyucFqYN5jwtoFXmO8yeWaAED7rbubwO_HLFNc0UHYuDaFe51exCCY0yMx2dnJUgnl2KwmDsGHYejW6QCxoWLIAsmzHBPZYdMSkSBXbVEqt6HOM HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQODLs2nQMHIxokB57MJP5d_R1W4_-79UtYB_WvZyucFqYN5jwtoFXmO8yeWaAED7rbubwO_HLFNc0UHYuDaFe51exCCY0yMx2dnJUgnl2KwmDsGHYejW6QCxoWLIAsmzHBPZYdMSkSBXbVEqt6HOM&google_hm=iHwdt87rtVjAwoIN1JW_yw
Request Chain 258
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOiroPfelLZJHsOx6ueyChM&google_cver=1&google_push=AXcoOmQdKiadurshf8OyXSsPntNeZ6-lVDu4mZO7PMjCoVXoNtH5aW23nXijwoqmDI2SA1Uw49jgVbO4pVyP9koyer5oRW4ZeZO6My9y2diFKi0m-xeHbADTkLWS4nQ19VjRHv2Fquazlk6Q5ArzjwweyVqt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBWdmNkNFcxUm9oOGM1&google_gid=CAESEOiroPfelLZJHsOx6ueyChM&google_cver=1&google_push=AXcoOmQdKiadurshf8OyXSsPntNeZ6-lVDu4mZO7PMjCoVXoNtH5aW23nXijwoqmDI2SA1Uw49jgVbO4pVyP9koyer5oRW4ZeZO6My9y2diFKi0m-xeHbADTkLWS4nQ19VjRHv2Fquazlk6Q5ArzjwweyVqt
Request Chain 259
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPM8mcGdTJMbFORi5J1D81A&google_cver=1&google_push=AXcoOmShJM04TkSv1EPvb8REQbOgh2SJDieleOEx9VyiJaNipkrHDUaAhDbyJUX_yxWVDZO4eNJYGYMgxSof0hLireY_XQeo-yOkEXSwPTMqmG006j7R7f4e2uU8VoUns-0GFmsQun_vvcZRF-wsYwVZu4q1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPM8mcGdTJMbFORi5J1D81A&google_push=AXcoOmShJM04TkSv1EPvb8REQbOgh2SJDieleOEx9VyiJaNipkrHDUaAhDbyJUX_yxWVDZO4eNJYGYMgxSof0hLireY_XQeo-yOkEXSwPTMqmG006j7R7f4e2uU8VoUns-0GFmsQun_vvcZRF-wsYwVZu4q1
Request Chain 260
  • https://um.simpli.fi/gp_match?google_gid=CAESENH0_uz70K_R2Nrb-AizLR8&google_cver=1&google_push=AXcoOmQk8-SXkpm7obOZci7R4CKVGbJeL_Sqq99i_B82i5J-R3wMoqGkYqnwpH56nFO5xI20XtA5X0V-TdlOU4a8_kFIpBQ9uiDnl3FHMlNXQsdQFAJpzzLk1SpUXlPSmFj4O_FbDiJAeh-O_WpyJY7fmNtvig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F85D6F5E267046DCB3FC8462E3718080&google_push=AXcoOmQk8-SXkpm7obOZci7R4CKVGbJeL_Sqq99i_B82i5J-R3wMoqGkYqnwpH56nFO5xI20XtA5X0V-TdlOU4a8_kFIpBQ9uiDnl3FHMlNXQsdQFAJpzzLk1SpUXlPSmFj4O_FbDiJAeh-O_WpyJY7fmNtvig
Request Chain 262
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKIQ5HYkB_AvDMCpQjzGUOw&google_cver=1&google_push=AXcoOmSLrSRFwR1Dp7v1WER479vOElJgmDV_RJAiY_KAM0qKqh42CqOeaa-VyObfIEnJiWSLn-sUH0_W81-6vN6jAlT1Ke9t-HI6KhjUpsrcfgWnYhyCSlbrII6H6coknLKAeesU3uvLFfBWON6wDo8vOKdjGA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSLrSRFwR1Dp7v1WER479vOElJgmDV_RJAiY_KAM0qKqh42CqOeaa-VyObfIEnJiWSLn-sUH0_W81-6vN6jAlT1Ke9t-HI6KhjUpsrcfgWnYhyCSlbrII6H6coknLKAeesU3uvLFfBWON6wDo8vOKdjGA&google_hm=eS16RnY4cVl0RTJwSFpINTcuZ1BoNjZyWUNnN2hlcnRfdH5B
Request Chain 263
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKQ1R8h0qG3_VXBCwW30IUM&google_cver=1&google_push=AXcoOmQK3oRe8kKaw2QbSdbnNUYtKufih6ZS2T3hQqzb790pDKiQWdlydeVZYzIffWuGa8F_dmvxCabaM69M9PfNKxkI0zhP-4PDmBnU1aDb2o7tz8vcDJ3QRsFkhvICxBc3TDSZ_0RPc6J4JPvIrxnBszXSP08 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQK3oRe8kKaw2QbSdbnNUYtKufih6ZS2T3hQqzb790pDKiQWdlydeVZYzIffWuGa8F_dmvxCabaM69M9PfNKxkI0zhP-4PDmBnU1aDb2o7tz8vcDJ3QRsFkhvICxBc3TDSZ_0RPc6J4JPvIrxnBszXSP08 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 269
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CukXprzehZdrRHZ_w998PuLeXmA-i5IiQdcuKq9i2EWQQASDJ4-kDYJWCoIKwB6AB-OD0-gPIAQmpAh9uiy0rZrI-qAMByAPLBKoE_QFP0EKgA5woZ2VOTe4AfSsTv3rUCHBj9hD0OFet5OqSVssJKpR-2RtavZez_YRKB2QEiCMsuxiTDRs0mbVxyfWs2nHuiTajg1MB0XvhXMU9pjUjaRLdNMTR5KL7nGFa-WFiihkidykTHglMyZIF5b7DrMneaTWElExNBiIzvG7Zz7kcfQkOhkp8vpy27aTmcjtR-RZY6M-jXg5TQ1KEmR_QwXovlSf2JbWF7oAszXwABivxPAVdfZVSE0l11o8z2-1-6-uarwf2PUgEALlxJY4oN9Nu3Og74lzJYrkSd5ZCfKR2WIB225rcv4Qy989tb0svLwhwxxP5etmEWxCwwASw_9GRuASIBejjmbtLkgUECAQYAZIFBAgFGASgBi6AB_CeiwWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCchwTSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WJb5wN_z14MDmglpaHR0cHM6Ly93d3cud2Fnby5jb20vZGUvdmVyYmluZHVuZ3N0ZWNobmlrL2luc3RhbGxhdGlvbnNrbGVtbWVuLWVudGRlY2tlbi9kdXJjaGdhbmdzdmVyYmluZGVyLXp1bS1zdGVja2VugAoByAsB2BMO0BUBmBYBgBcBshccChoIABIUcHViLTY4MjkwNzYwNzkwNDY4OTQYAA&sigh=U9uHpRtxhvg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_m4X379o8LESWomkGY6YW8sAbk2hQ6kNDpuV0AdzJeDRboLzgP_HsURKs_ecAgAE-3yXwApM07RgB&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216997795289932490347%22,%22debug_reporting%22:true,%22destination%22:%22https://wago.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221063071864%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227401980815078904497%22}&andc=true
Request Chain 270
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEzIcylj9IAAb_1zsHWGeJQ&google_cver=1&google_push=AXcoOmQtIlSMdOF-ADRxURkmmybA6N2L0NxKztOlGrClM-8ygHxbjXLtl8RLtTjU8E1G7bnbn0fSzw_bsfRa7_RFzYVYmt5yNTzvnfinA8kfXUudMLRFJQFOxFPDR3g2y1q_jkJ7Q5L-TDUn0wLmz3r7mp5daak HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg0NzcxOTk1OTUyNjIzMzc5Ng==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIgQqXGE4SeYHg8gtFkLrcU&google_cver=1
Request Chain 271
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJyae6JU2RE51ffQEkhBlck&google_cver=1&google_push=AXcoOmROnUX5m_8AcDa4IqPqACbWpRNk2ebLtUJ76zTJsSf6vdvJYGkPhxLtD6xAvHoOS4XzX0yHmVGxI-jqaxUHobK1g7eGsTJW0U3Vf714QVHQJqqDcaB8NQ7TsBlFQroC_2TU8RhAwjNV_0-fBwV-yNW0bOk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBWdmNkNFcxUm9oOGM1&google_gid=CAESEJyae6JU2RE51ffQEkhBlck&google_cver=1&google_push=AXcoOmROnUX5m_8AcDa4IqPqACbWpRNk2ebLtUJ76zTJsSf6vdvJYGkPhxLtD6xAvHoOS4XzX0yHmVGxI-jqaxUHobK1g7eGsTJW0U3Vf714QVHQJqqDcaB8NQ7TsBlFQroC_2TU8RhAwjNV_0-fBwV-yNW0bOk
Request Chain 273
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMhPrm4IR3g4iNp-1BH2px8&google_cver=1&google_push=AXcoOmRPZhRrMmOGUtwaylQ1xTqbCPuUE3mbB3geFonan8nLbZgFZvCbawI06JHPvmPHMl5-mbqdEhY73h_ymcRAhrIbTCyoI3f1lNigVnzUTOk2C_bXF_l4Drsqe6UruwCYRbkc2meTT3NHVG6M075Yeoh-AxM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRPZhRrMmOGUtwaylQ1xTqbCPuUE3mbB3geFonan8nLbZgFZvCbawI06JHPvmPHMl5-mbqdEhY73h_ymcRAhrIbTCyoI3f1lNigVnzUTOk2C_bXF_l4Drsqe6UruwCYRbkc2meTT3NHVG6M075Yeoh-AxM&google_hm=eS1RcGlKaGtoRTJwRmhNRE9kaFdoUjE1LlZDVkFaWmFOTn5B
Request Chain 274
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAAqzsqHaOid1E40wr4K1Ww&google_cver=1&google_push=AXcoOmTNTvF2ikwV6O71_ExFKM8q4Frrm79_9iqdsp6hG5ruDvszLVX3lAlKDP6lpuMI1fNVBE1nvwIFyZF9T0JRZD2i6RuUgNBplMmNrh_4jnptJON2DDLuh1246Ceh7R9M-1zOGADrvYxWOJPu6SAKJqX2Xg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAAqzsqHaOid1E40wr4K1Ww&google_cver=1&google_push=AXcoOmTNTvF2ikwV6O71_ExFKM8q4Frrm79_9iqdsp6hG5ruDvszLVX3lAlKDP6lpuMI1fNVBE1nvwIFyZF9T0JRZD2i6RuUgNBplMmNrh_4jnptJON2DDLuh1246Ceh7R9M-1zOGADrvYxWOJPu6SAKJqX2Xg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4ODI1MDY0MzUyODk1NzMwNQ&google_push=AXcoOmTNTvF2ikwV6O71_ExFKM8q4Frrm79_9iqdsp6hG5ruDvszLVX3lAlKDP6lpuMI1fNVBE1nvwIFyZF9T0JRZD2i6RuUgNBplMmNrh_4jnptJON2DDLuh1246Ceh7R9M-1zOGADrvYxWOJPu6SAKJqX2Xg
Request Chain 276
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEI5OKU6VAhLlJItZnqPQe6o&google_cver=1&google_push=AXcoOmS-JyyshFmCAIID-iO5Tg1Y6rQQ0VTPkKOjIHxJq8MdCCz51b6d0eoGyIxxtgVAsViQFrZH_2fqZ9WWsAMLAoxoNK13O0Q7oDiZz-qJ1ygIEoHmn31vzDxRuy1XEtPH4o5fTkBP9e8WIPtTEHtQc3_OEjmC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS-JyyshFmCAIID-iO5Tg1Y6rQQ0VTPkKOjIHxJq8MdCCz51b6d0eoGyIxxtgVAsViQFrZH_2fqZ9WWsAMLAoxoNK13O0Q7oDiZz-qJ1ygIEoHmn31vzDxRuy1XEtPH4o5fTkBP9e8WIPtTEHtQc3_OEjmC HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 299
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CqhtsrzehZc7fHoL5998P9ce4-AX_0fqOdIHK2q-YEsqgsKf1ChABIMnj6QNglYKggrAHoAGR44zAKMgBCakCH26LLStmsj6oAwHIA8sEqgSLAk_Q8NAvPBthwH-5EO-IUE-eD5PLsbjP9ffiKpm5yDN0tMjq7TiReWf4DYK3oL6tYBRHOjBTzxZ-8sapAhfAhUOHa2DwuypuBh_Kk6k80XmJqQ58GzVMVyQjDjtPsG3Qe6sZQ8Syk3fEF8BPpJvug2tAZ5te7Xs1krE2FXfxUxi3AINVxwIh2FqGAXhb7bz6mHFqTG62xUDZ-AM1p6SZT4Ue-sq_knqtF3WoikXDAqeuknXIz3EOJaVxx5cYQI3sD3R3TEVqdTbM3s3_ch-0MfJaJrPlTKBo6-C8xrCIeMOR2Uf5fIy2zJ3vqzNUvov8s5lys6PysCcbBEfJ7WdFvfLlDa4CPLPKNRN8fMAEvMy-qcYEiAW8vrCrTZIFBAgEGAGSBQQIBRgEoAYugAeRm92fA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENmsBNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYhvfB3_PXgwOaCR9odHRwczovL3d3dy52aXRhbC1ob3RlbC1hZHQuZGUvgAoByAsBuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi02ODI5MDc2MDc5MDQ2ODk0GAA&sigh=KYHfx9_0shA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_cxo1DcveeEoc7lL0F8HV-z5-iX3_wnru9dvb1PXmR3ap59VIfi5I0-CSAefI4YijUdnS_WfMhxgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226713411708094385757%22,%22debug_reporting%22:true,%22destination%22:%22https://vital-hotel-adt.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210871845265%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213737671449510034401%22}&andc=true
Request Chain 300
  • https://googleads.g.doubleclick.net/pagead/adview?ai=ClwcZrzehZfGwH5nN998Pv7ytmA7_i5vQcYP76MfoC9zZHhABIMnj6QNglYKggrAHoAG1ofPfA8gBCakCD_HmP9Bisj6oAwHIA8sEqgT5AU_Q3Fa0mrrjPzy9UjZAqqdAhAqZPXPN2uT-GmxahgQbrI3sWPv6k2MIKZdPykAUGJjDvMGOrOCRNQ2ww6_ClSddRA6DSpZZoeT7chtUT08yguvQ3-Z0nTkgtW8GVVDtJPLKwftKhh-PSKq959JbKYKQyQAwAAA8nv3wD5Ww0xr-AF907Df0OvBxZ_rORlOQKhMdYH2H0qanFCdOWP1gIqeU99ZKqyJxzZjIAhtlEhlYEESUFMk9i67BdgoDzVpUZzOve511I5sR2vgyn-pZ75Wta4wmKGAva3L9IEKltkx4HYPOTraraPocZ66SlFq6jTgGAJ9Ln4h5RsAErejNrf4CiAWR-96wJpIFBAgEGAGSBQQIBRgEoAYugAez3owgqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQuc0C0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljzwsLf89eDA5oJIGh0dHBzOi8vd3d3LmtvZWxuZXJwdXR6dGV1ZmVsLmRlgAoByAsBogwIKgYKBKy6sQLYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItNjgyOTA3NjA3OTA0Njg5NBgA&sigh=7CVlBrrEXBI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_6Ge19QY210Zszsy_IbShwfX2DZzl9HA2oTjLAYIIXJjfhoHxvJ4a84IobT-zCmBpXypIh8F9GAE&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211959936702680776666%22,%22debug_reporting%22:true,%22destination%22:%22https://koelnerputzteufel.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221006424245%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216382658509862401121%22}&andc=true
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1&C=1
Request Chain 337
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaE3sTPg4qm-IvcbY3VjLwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED49d1kSAbxI9c4jFWTLYWE&google_cver=1
Request Chain 339
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D
Request Chain 340
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1&C=1
Request Chain 341
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaE3sfGF4DgZrID8JkRfYAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED49d1kSAbxI9c4jFWTLYWE&google_cver=1
Request Chain 343
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D
Request Chain 344
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1&C=1
Request Chain 345
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaE3sTPg4qm-IvcbY3VjLwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED49d1kSAbxI9c4jFWTLYWE&google_cver=1
Request Chain 347
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D
Request Chain 349
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEO7ye58sRM_x4gMudake7J4&google_cver=1&google_push=AXcoOmQRgYF3r1DXNuV9Z-PL6R3jJ7ZiCGuD9OGeP6pJfxeO6WkX1H-dxpVEDS5J2LyangxNrsQBF6Hk2WNEK_jQLsPOfvTk5q7n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQRgYF3r1DXNuV9Z-PL6R3jJ7ZiCGuD9OGeP6pJfxeO6WkX1H-dxpVEDS5J2LyangxNrsQBF6Hk2WNEK_jQLsPOfvTk5q7n
Request Chain 351
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELMiM23ctRsBeCv2kDpgzvY&google_cver=1&google_push=AXcoOmQY7iD9_LzOPJrTUu-V3rTAK-lJR_GvALLwlnsgMu9m3AFnpoqFbHIeNG8loNrnekr7CD1jpxgErjAXIkTi7cMa61QQum6KVA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ahGjWPxAUa1kWs2TPT1hcbKi0YM&google_push=AXcoOmQY7iD9_LzOPJrTUu-V3rTAK-lJR_GvALLwlnsgMu9m3AFnpoqFbHIeNG8loNrnekr7CD1jpxgErjAXIkTi7cMa61QQum6KVA
Request Chain 353
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECub27yGW-yhGCqSMMLINww&google_cver=1&google_push=AXcoOmT-6A-KAEs4_NB5Y_ytZ3Y5M0RJ7NfvaLmsfT19MTYDl6oS_2R3yNE6lVZE2t57OT8g2CqmFMjF3iFADBWH_F30aRpxTN5egQ HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmT-6A-KAEs4_NB5Y_ytZ3Y5M0RJ7NfvaLmsfT19MTYDl6oS_2R3yNE6lVZE2t57OT8g2CqmFMjF3iFADBWH_F30aRpxTN5egQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1705064369097 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3b032c35-dab2-46ca-b3ba-c571f93d9289-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmT-6A-KAEs4_NB5Y_ytZ3Y5M0RJ7NfvaLmsfT19MTYDl6oS_2R3yNE6lVZE2t57OT8g2CqmFMjF3iFADBWH_F30aRpxTN5egQ%26google_hm%3DAzsDLDXaskbKs7rFcfk9kok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmT-6A-KAEs4_NB5Y_ytZ3Y5M0RJ7NfvaLmsfT19MTYDl6oS_2R3yNE6lVZE2t57OT8g2CqmFMjF3iFADBWH_F30aRpxTN5egQ&google_hm=AzsDLDXaskbKs7rFcfk9kok
Request Chain 354
  • https://cs.media.net/cksync?type=g&google_gid=CAESEBeefLGQE9_Kb8fFTLPNE2E&google_cver=1&google_push=AXcoOmTCyIvTcSRZyEznJKOBrrJ7zAWE1ajU4NVOXi1jsTUMkWkhDUctLUBCItZdvbKDezIBXSbgOFjZ6ooJ3FbRHQS3yCx15PijNQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4MDY1OTY5MTQ5MTUyODAwMFYxMA%3d%3d&mn_hm=MzQ4MDY1OTY5MTQ5MTUyODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTCyIvTcSRZyEznJKOBrrJ7zAWE1ajU4NVOXi1jsTUMkWkhDUctLUBCItZdvbKDezIBXSbgOFjZ6ooJ3FbRHQS3yCx15PijNQ&gdpr=&gdpr_consent=
Request Chain 355
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEGrMq0mzU0dBeacaZSwfiCQ&google_cver=1&google_push=AXcoOmTiX2sXb7yJ7Qj-Rr1mttt0EqVA670TLrVWdNHcdE8UcB67fjRAEAHgG5JsmEvhIctC_RBbxre3lScd_I9C6EdGVUVqLMvDBXs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTiX2sXb7yJ7Qj-Rr1mttt0EqVA670TLrVWdNHcdE8UcB67fjRAEAHgG5JsmEvhIctC_RBbxre3lScd_I9C6EdGVUVqLMvDBXs
Request Chain 364
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKdLWmb-WAe0A1AmzGBIzZw&google_cver=1&google_push=AXcoOmSIjrr9Rv7fqDIJ52XAbBeu2WJkKPdPlAsa4XRFeFyD4fPKKp2LKgf9MsJ_dMIfDSRLpOcKc2d9-zbfAqXIFYFaA-fZeAwm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSIjrr9Rv7fqDIJ52XAbBeu2WJkKPdPlAsa4XRFeFyD4fPKKp2LKgf9MsJ_dMIfDSRLpOcKc2d9-zbfAqXIFYFaA-fZeAwm&google_hm=VED4ynP-TpqVhQlqtijOWIM
Request Chain 365
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL43oR0Ve4JQAyOkART0i2I&google_cver=1&google_push=AXcoOmQ2_hsG7gDVjEMyXfBIk0n2kJCojPHCmz_pCFCrGGKirUSD4QW0vvDlhB16omJbRj1hTB5X46cOCo6WFZh1IIIsozPAHrs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4ODI1MDY0MzUyODk1NzMwNQ&google_push=AXcoOmQ2_hsG7gDVjEMyXfBIk0n2kJCojPHCmz_pCFCrGGKirUSD4QW0vvDlhB16omJbRj1hTB5X46cOCo6WFZh1IIIsozPAHrs
Request Chain 366
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELrfBXqUf--J37T4uuA67kE&google_cver=1&google_push=AXcoOmR264eGyiHFthLogeWE5eL4nTHfJS3-CDUqYYQvKZcP5qWnhDlZvpiB4Z-R8mhWYyT_iyL2wa35B2uQ6BosN7KdMq3KTL0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELrfBXqUf--J37T4uuA67kE&google_hm=ZaE3sTPg4qm_IvcbY3VjLwAADR8AAAAB&google_nid=index&google_push=AXcoOmR264eGyiHFthLogeWE5eL4nTHfJS3-CDUqYYQvKZcP5qWnhDlZvpiB4Z-R8mhWYyT_iyL2wa35B2uQ6BosN7KdMq3KTL0
Request Chain 367
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIU9r59hWtPxFFjA4ZBMf9A&google_cver=1&google_push=AXcoOmTHx85pUpWyB3GKTq7Qbv3N1Jy3D5VPycrRPHdviG_B07g5MHV9VkTkI8NU6EUUGSp49BGOT7UD6M7_byRA1ckwX-wq0FGxKQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTHx85pUpWyB3GKTq7Qbv3N1Jy3D5VPycrRPHdviG_B07g5MHV9VkTkI8NU6EUUGSp49BGOT7UD6M7_byRA1ckwX-wq0FGxKQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 368
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDoZ2HchBWPvbVP3pcrreG4&google_cver=1&google_push=AXcoOmQEwpqIRcooVMOsKB8B0zJWi56rOngP24jYbvV5eRI4aZbeeM4GzuN1RloZIov5TVGt6gE9QfeEIH4GyVtCUAWY-MtZsTJyGw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D&google_gid=CAESEDoZ2HchBWPvbVP3pcrreG4&google_cver=1&google_push=AXcoOmQEwpqIRcooVMOsKB8B0zJWi56rOngP24jYbvV5eRI4aZbeeM4GzuN1RloZIov5TVGt6gE9QfeEIH4GyVtCUAWY-MtZsTJyGw
Request Chain 432
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEDnIO7JMGhVZIVJrjpPmDEU&google_cver=1&google_push=AXcoOmTa2KlJJG_BaQe2O_L532ckFVBZU2cIAXTR3sTjz-DbdvS7zBJ87GkTpmQ92GmwHXX4fPEj-mC0lm0jHP4RsqcXDh8TTkra HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=876041865416&us_privacy=1---
Request Chain 434
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKIQ5HYkB_AvDMCpQjzGUOw&google_cver=1&google_push=AXcoOmQ1v1_dZYUcxNC9C4bUINl96m1b8PIQl1HasMpMm5rPDISh9DWaBtylLtbHlUDQGBONxa33RuBS-3BnwSVlNrpNSeLtBg4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ1v1_dZYUcxNC9C4bUINl96m1b8PIQl1HasMpMm5rPDISh9DWaBtylLtbHlUDQGBONxa33RuBS-3BnwSVlNrpNSeLtBg4&google_hm=eS1RcGlKaGtoRTJwRmhNRE9kaFdoUjE1LlZDVkFaWmFOTn5B
Request Chain 435
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL43oR0Ve4JQAyOkART0i2I&google_cver=1&google_push=AXcoOmQ9sQtxv3NoUNbPS5fh0EsV8YiR_qKmRVeaWa3Kw0vo-K5LEZJNUUbuc9DlIVmE4RIDESHEzLDpf5RnxPyTYl34XPNtSTBU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4ODI1MDY0MzUyODk1NzMwNQ&google_push=AXcoOmQ9sQtxv3NoUNbPS5fh0EsV8YiR_qKmRVeaWa3Kw0vo-K5LEZJNUUbuc9DlIVmE4RIDESHEzLDpf5RnxPyTYl34XPNtSTBU
Request Chain 436
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECub27yGW-yhGCqSMMLINww&google_cver=1&google_push=AXcoOmS6Ugd7EA0VRv-CFVG_lljHhMFKnaUcwqYWqWZeX9o8VEnAsnRbwz8urmACTKzOiI7TqPSTU0MOb77uCoh3IdaQ_jAu_mt- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3b032c35-dab2-46ca-b3ba-c571f93d9289-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmS6Ugd7EA0VRv-CFVG_lljHhMFKnaUcwqYWqWZeX9o8VEnAsnRbwz8urmACTKzOiI7TqPSTU0MOb77uCoh3IdaQ_jAu_mt-%26google_hm%3DAzsDLDXaskbKs7rFcfk9kok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS6Ugd7EA0VRv-CFVG_lljHhMFKnaUcwqYWqWZeX9o8VEnAsnRbwz8urmACTKzOiI7TqPSTU0MOb77uCoh3IdaQ_jAu_mt-&google_hm=AzsDLDXaskbKs7rFcfk9kok
Request Chain 437
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKYFc8cke-y8aJhVVmafNl0&google_cver=1&google_push=AXcoOmSen2VOfCczchTGWWQnxAGLaDAozyF-N8JOwWuch4sVsMPotU08XQ7hkImoglXjkswNcHIS2ZO0_xAtnCJgyNQMRw9w3rQ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSen2VOfCczchTGWWQnxAGLaDAozyF-N8JOwWuch4sVsMPotU08XQ7hkImoglXjkswNcHIS2ZO0_xAtnCJgyNQMRw9w3rQ&google_gid=CAESEKYFc8cke-y8aJhVVmafNl0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg5NTY4MzAyMTgwNTE5Mjc2MTU0&google_push=AXcoOmSen2VOfCczchTGWWQnxAGLaDAozyF-N8JOwWuch4sVsMPotU08XQ7hkImoglXjkswNcHIS2ZO0_xAtnCJgyNQMRw9w3rQ
Request Chain 444
  • https://ib.adnxs.com/getuid?https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=$UID&suid=3d3f422c-5ad7-4b03-bed7-ca0dff21fa49 HTTP 302
  • https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=7719760622808119083&suid=3d3f422c-5ad7-4b03-bed7-ca0dff21fa49
Request Chain 450
  • https://fw.adsafeprotected.com/rfw/st/924068/65485209/4.js?ias_dspID=3&ias_campId=1010491284&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20321508888&bidurl=https://notisul.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iub-UiXTELeZ8CZfksNtzV&adContainerId=brand_safety_sTehZauAB4WQ1PIPk_emmAQ&cbFunctionName=goog_wrapCb_sTehZauAB4WQ1PIPk_emmAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fnotisul.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fnotisul.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:425795c2-c37c-da1d-79c5-d748c5f03df2,c:15J7Su,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b5795db99-qxfhl,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:u19ykye+11%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e*.924068-65485209%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f31%7C1f4%7C1g1%7C1g2%7C1g31%7C1g4,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:29,oid:6c088d98-b14a-11ee-b93e-6a31fbf0a8ea,v:19.8.471,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_sTehZauAB4WQ1PIPk_emmAQ&cbFunctionName=goog_wrapCb_sTehZauAB4WQ1PIPk_emmAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js
Request Chain 482
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 511
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 512
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7719760622808119083
Request Chain 520
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/3a1d6d7b-1a74-4835-a27a-adcdcc4beaff
Request Chain 523
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6088250643528957305
Request Chain 524
  • https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/adwmg/37913bda-afef-4dc0-8ea9-01e6e8ab5c3d
Request Chain 529
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85723683051 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=85723683051&google_gid=CAESEHfb25H_VfcCnmTCIhT7XYo&google_cver=1
Request Chain 530
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=320b65a1-37b4-4c00-845a-4de160f09704
Request Chain 531
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

526 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
notisul.com.br/
Redirect Chain
  • http://notisul.com.br/
  • https://notisul.com.br/
476 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
8a5268165cc82f838963f2144781aeb8178aed2357d9f7d68810603174fe5d0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options “DENY”
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 12:59:25 GMT
expires
Fri, 12 Jan 2024 13:00:25 GMT
link
<https://notisul.com.br/wp-json/>; rel="https://api.w.org/" <https://notisul.com.br/wp-json/wp/v2/pages/282987>; rel="alternate"; type="application/json" <https://notisul.com.br/>; rel=shortlink
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-frame-options
“DENY”
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Fri, 12 Jan 2024 12:59:25 GMT
Location
https://notisul.com.br/
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
“DENY”
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		226 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HHNSGE8GHN
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f10615a068e10d788a707caff7691fce1b9feb8c99a360a97d86334ac997baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81602
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 12:59:25 GMT
style.min.css
notisul.com.br/wp-includes/css/dist/block-library/ 		107 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:25 GMT
content-encoding
gzip
last-modified
Sun, 05 Nov 2023 19:40:32 GMT
server
nginx
etag
W/"6547efb0-1add3"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:25 GMT
styles.css
notisul.com.br/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:25 GMT
content-encoding
gzip
last-modified
Fri, 27 Mar 2020 14:47:00 GMT
server
nginx
etag
W/"5e7e11e4-6d2"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:25 GMT
style.css
notisul.com.br/wp-content/plugins/td-composer/td-multi-purpose/ 		68 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=5a862b9d7c39671de80dd6dee389818b
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
59671205ce4d2ec4a037ba18847d2e02fddcce3eaed20a6a731161305b24aada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:25 GMT
content-encoding
gzip
last-modified
Wed, 25 Mar 2020 18:29:57 GMT
server
nginx
etag
W/"5e7ba325-10ef8"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:25 GMT
css
fonts.googleapis.com/ 		47 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.8
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
62ec836dc080e76c8041cb8525062b05a2db1dacc9d45a12f842dc542e72f847
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Origin
https://notisul.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 12:59:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 11:28:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 12:59:25 GMT
style.css
notisul.com.br/wp-content/themes/Newspaper/ 		153 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-content/themes/Newspaper/style.css?ver=9.8
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
b66bd81ddd68c8a8d92e75565702cd63ca7d6af7a26fa44d6707859e64c7d8bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:25 GMT
content-encoding
gzip
last-modified
Wed, 23 Oct 2019 19:36:19 GMT
server
nginx
etag
W/"5db0abb3-26232"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:25 GMT
style.css
notisul.com.br/wp-content/themes/Newspaper-child/ 		463 B
465 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-content/themes/Newspaper-child/style.css?ver=9.8c
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
0bed32805b51f622cfceea9fccef37690edfe32a1e964e5b04fc62ac99e33fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:25 GMT
content-encoding
gzip
last-modified
Fri, 27 Mar 2020 18:49:37 GMT
server
nginx
etag
W/"5e7e4ac1-1cf"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:25 GMT
td_legacy_main.css
notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		987 KB
94 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5a862b9d7c39671de80dd6dee389818b
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
ba33741f1b945cfb71d6fe3fb60628af0cb4cce7f464f84c43f5d6457b284272

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:25 GMT
content-encoding
gzip
last-modified
Wed, 25 Mar 2020 18:29:55 GMT
server
nginx
etag
W/"5e7ba323-f6c31"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:25 GMT
frontend-gtag.min.js
notisul.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.18
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
bc7269d642327a2174736fc2b0231d1626e6fff1ca2f57e19c59835e73febe85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:25 GMT
content-encoding
gzip
last-modified
Wed, 09 Aug 2023 14:08:40 GMT
server
nginx
etag
W/"64d39de8-2d5d"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:25 GMT
jquery.min.js
notisul.com.br/wp-includes/js/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:25 GMT
content-encoding
gzip
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
nginx
etag
W/"64ecd5ef-15601"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:25 GMT
jquery-migrate.min.js
notisul.com.br/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:25 GMT
content-encoding
gzip
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
nginx
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:25 GMT
advanced.js
notisul.com.br/wp-content/plugins/advanced-ads/public/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-content/plugins/advanced-ads/public/assets/js/advanced.js?ver=1.17.8
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
76141ad9154b037fa4d1cd707e805f19eb92a511bcdef1e88c73344dd54b8228

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:25 GMT
content-encoding
gzip
last-modified
Mon, 30 Mar 2020 17:32:34 GMT
server
nginx
etag
W/"5e822d32-1e7c"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:25 GMT
js
www.googletagmanager.com/gtag/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111263603-1
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b04e0722d632b1160892329bcda7ce1e7efe8bf2d453f68a650eb04f04f7a51f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69396
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jan 2024 12:59:26 GMT
js
www.googletagmanager.com/gtag/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-90417898-1
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
187bb2ab4bd438e4c41b5a87e0c149cc0ddd651de2229864eed3fbcf6810fbcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69438
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jan 2024 12:59:26 GMT
1674a5a2-6f3d-4f40-823c-22fcf4f6d6ac
tags.premiumads.com.br/dfp/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/dfp/1674a5a2-6f3d-4f40-823c-22fcf4f6d6ac
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
be60fd136b8fea793e1a46d1a408058f5651778f6073b1a3321720d53271cf84
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
266173
x-powered-by
ASP.NET
request-context
appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
cf-bgj
minify
last-modified
Tue, 09 Jan 2024 11:03:13 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgnwwFZUe9U9n4P2egIAF5LYPgfZw3gOoWHUtMAKKW04NgwDR8SHBwdAOngLb%2F%2FaYmtH4BJ%2BxpicKd4m92fg7AHDrJaogIV97yrs%2Fq%2BmP8v8QA9OcfowEMQyJxegZ0%2BLpq8CEe7%2Bew8JmENfDYSqeU1ioTA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=3600
cf-ray
844593a0a96b9ba1-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74f5df72f53e41d8561ee8233a8e6ec8f7cb3bc9e2a657ebbe19b839f00672a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51194
x-xss-protection
0
server
cafe
etag
10674680460398181798
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 12:59:26 GMT
/
fast.quickcontentnetwork.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.quickcontentnetwork.com/
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
101.99.75.146 Seri Kembangan, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
server1.kamon.la
Software
nginx/1.25.3 /
Resource Hash
4391c836fd60794aeb5cddc0e7a27a7d01d981cb68ccd7553b4d317fc6b171da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 12:59:25 GMT
Server
nginx/1.25.3
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
logo.png
notisul.com.br/wp-content/themes/Newspaper-child/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/themes/Newspaper-child/images/logo.png
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
cbdd1efdce001811091c3a261da3abf371fad85b54faa5d17001579921cded55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:25 GMT
last-modified
Tue, 14 Apr 2020 00:06:53 GMT
server
nginx
etag
"5e94fe9d-a82"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2690
expires
Sat, 11 Jan 2025 12:59:25 GMT
luciana-218x150.png
notisul.com.br/wp-content/uploads/2024/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/uploads/2024/01/luciana-218x150.png
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
9738c134de031797aed948f4b2036c7321bafd5c681bf772473344f00de01085

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:25 GMT
last-modified
Wed, 10 Jan 2024 19:48:02 GMT
server
nginx
etag
"659ef472-f8a"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3978
expires
Sat, 11 Jan 2025 12:59:25 GMT
moedas-ldo-218x150.jpg
notisul.com.br/wp-content/uploads/2024/01/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/uploads/2024/01/moedas-ldo-218x150.jpg
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
47334bda7220c36be85d33ccea08df783652eef7faac2f8b64ddbe6d8789f10a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Wed, 03 Jan 2024 01:20:01 GMT
server
nginx
etag
"6594b641-1330"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4912
expires
Sat, 11 Jan 2025 12:59:26 GMT
whatsapp-image-2023-12-20-at-09-40-34-218x150.jpeg
notisul.com.br/wp-content/uploads/2023/12/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/uploads/2023/12/whatsapp-image-2023-12-20-at-09-40-34-218x150.jpeg
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
53e2c5b3b675bcfb6fef614182dba90e689312b69347f59a086f73b5f4e13e4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Wed, 27 Dec 2023 18:02:01 GMT
server
nginx
etag
"658c6699-1266"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4710
expires
Sat, 11 Jan 2025 12:59:26 GMT
kv-skentai-2024-1920-v2-218x150.png
notisul.com.br/wp-content/uploads/2023/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/uploads/2023/12/kv-skentai-2024-1920-v2-218x150.png
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
1b8ee88f5499865a3848b13ef0e3e6941e910c946a7fe96f628bceb9c6f58cd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Fri, 22 Dec 2023 19:20:02 GMT
server
nginx
etag
"6585e162-23b8"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9144
expires
Sat, 11 Jan 2025 12:59:26 GMT
2af50d80-0166-41d6-a6b0-866c267f3083
https://notisul.com.br/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://notisul.com.br/2af50d80-0166-41d6-a6b0-866c267f3083
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
collect
region1.analytics.google.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-HHNSGE8GHN&gtm=45je41a0v9138123826&_p=1705064365576&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZGIzZG&cid=1963775716.1705064366&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1705064365&sct=1&seg=0&dl=https%3A%2F%2Fnotisul.com.br%2F&dt=P%C3%A1gina%20inicial%20-%20Notisul&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1268
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HHNSGE8GHN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HHNSGE8GHN&cid=1963775716.1705064366&gtm=45je41a0v9138123826&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HHNSGE8GHN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HHNSGE8GHN&cid=1963775716.1705064366&gtm=45je41a0v9138123826&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2143673582
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
afiliado-banner-300x250.gif
notisul.com.br/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/afiliado-banner-300x250.gif
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
55a04647d256af1fd14f175529cd414d9dd863828141389f9718faed0ef82033

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://notisul.com.br/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
8ae0917b30aa4cfec0e16cd6fd22ac5a
www.tempo.com/wid_loader/ 		915 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tempo.com/wid_loader/8ae0917b30aa4cfec0e16cd6fd22ac5a
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:633c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1078de14de13c6056ea86f4bffb141bced7db929e8d3a6d646d1310ef2d9f584
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
58205
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 11 Jan 2024 20:49:21 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
844593a04e7b2bec-FRA
x-robots-tag
none
meteored-site
br
expires
Fri, 10 Jan 2025 20:49:21 GMT
scripts.js
notisul.com.br/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
gzip
last-modified
Fri, 27 Mar 2020 14:47:00 GMT
server
nginx
etag
W/"5e7e11e4-3868"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:26 GMT
tagdiv_theme.min.js
notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		223 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=9.8
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
4e8a9f91efa071fef1ae36b2178873b6c92e16a7d4a1087468e85609c2e68d85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
gzip
last-modified
Wed, 25 Mar 2020 18:29:56 GMT
server
nginx
etag
W/"5e7ba324-37bf7"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:26 GMT
comment-reply.min.js
notisul.com.br/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-includes/js/comment-reply.min.js?ver=6.4.1
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
nginx
etag
W/"625095f6-ba5"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:26 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.4.1%27%20async=%27async
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2626
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
844593a0597f36dd-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Jan 2024 12:59:26 GMT
monsterinsights-badge-light.svg
notisul.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/images/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/images/monsterinsights-badge-light.svg
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
d07ff671faf8f28c8859f1bead7fd35a55c69b7bab545ed7de56b7f44c3aaaaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
gzip
last-modified
Wed, 09 Aug 2023 14:08:40 GMT
server
nginx
etag
W/"64d39de8-324d"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
image/svg+xml
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:26 GMT
js
www.googletagmanager.com/gtag/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111263603-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HHNSGE8GHN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
175d61a6ee3756b069531fe769ca3a9ec12640511740e9decc502803826b68af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69445
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jan 2024 12:59:26 GMT
js
www.googletagmanager.com/gtag/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-90417898-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HHNSGE8GHN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c54e0683617c8847e7616b85e4429edf98b8a2b16c294f026f1438604f5eb92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69451
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jan 2024 12:59:26 GMT
denakop.js
tags.denakop.com/10432/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/10432/denakop.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc55acc02d2612eb3222b89d90b08d02fda2c8e6654a5fc525e019f64762e05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Wed, 10 Jan 2024 14:10:47 GMT
server
cloudflare
etag
W/"659ea567-b4b1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
844593a06dd29207-FRA
alt-svc
h3=":443"; ma=86400
tag.js
mc.yandex.ru/metrika/ 		202 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: fast.quickcontentnetwork.com
URL: https://fast.quickcontentnetwork.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 27 Dec 2023 07:32:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"658bd2fc-11627"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71207
expires
Fri, 12 Jan 2024 13:59:26 GMT
1
mc.yandex.ru/watch/95390266/
Redirect Chain
  • https://mc.yandex.ru/watch/95390266
  • https://mc.yandex.ru/watch/95390266/1?redirnss=1
43 B
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/95390266/1?redirnss=1
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:26 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 12-Jan-2024 12:59:26 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 12-Jan-2024 12:59:26 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:26 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 12-Jan-2024 12:59:26 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/95390266/1?redirnss=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Fri, 12-Jan-2024 12:59:26 GMT
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
newspaper.woff
notisul.com.br/wp-content/themes/Newspaper/images/icons/ 		120 KB
121 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?16
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/wp-content/themes/Newspaper/style.css?ver=9.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
0f74eda5ca917f0146ec28a71e0602f7a3b9dae063acfeecfe6549bdb165d47a

Request headers

Referer
https://notisul.com.br/wp-content/themes/Newspaper/style.css?ver=9.8
Origin
https://notisul.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Wed, 23 Oct 2019 19:36:19 GMT
server
nginx
etag
"5db0abb3-1e17c"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff
access-control-allow-origin
https://notisul.com.br
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
123260
expires
Sat, 11 Jan 2025 12:59:26 GMT
MuseoSans-300.ttf
notisul.com.br/wp-content/themes/Newspaper-child/font/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-content/themes/Newspaper-child/font/MuseoSans-300.ttf
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
9625f2b4bfca25b70aaa98a9048a16e6fc6049fc19e7583fa7db3df65e80c170

Request headers

Referer
https://notisul.com.br/
Origin
https://notisul.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Wed, 25 Mar 2020 18:26:30 GMT
server
nginx
etag
"5e7ba256-e7cc"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://notisul.com.br
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
59340
expires
Sat, 11 Jan 2025 12:59:26 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://notisul.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:28:03 GMT
x-content-type-options
nosniff
age
329483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 17:28:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://notisul.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
272952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:10:14 GMT
MuseoSans-500.ttf
notisul.com.br/wp-content/themes/Newspaper-child/font/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-content/themes/Newspaper-child/font/MuseoSans-500.ttf
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
11d37d3b34be24fa29bd7c060b053845d0ec8a2b093252b243a6974b14ad1731

Request headers

Referer
https://notisul.com.br/
Origin
https://notisul.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Wed, 25 Mar 2020 18:26:30 GMT
server
nginx
etag
"5e7ba256-e78c"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://notisul.com.br
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
59276
expires
Sat, 11 Jan 2025 12:59:26 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://notisul.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:07:43 GMT
x-content-type-options
nosniff
age
111103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 06:07:43 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://notisul.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:11:54 GMT
x-content-type-options
nosniff
age
110852
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50296
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 06:11:54 GMT
ae7a1e9f54c777f16aa36391dfdc013f.js
scripts.cleverwebserver.com/ 		147 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/ae7a1e9f54c777f16aa36391dfdc013f.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d45a1bd8b997817612d5d1f6f97ab8183c10bb9c8a96406f0f47b209250a55b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
x-amz-version-id
Ugc42OeTs2uRhkXR5TtYkuDYo0V59VI2
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 05 Jan 2024 15:09:20 GMT
server
cloudflare
x-amz-request-id
JGQRNHXS6P6FN9BS
etag
W/"8f638bc95c7c401f55f57a6aa7019570"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
844593a0adf2361d-FRA
x-amz-id-2
AKWPwxln4ArBqPZZVXbrH9E/iXCkb/PtJF1SBUJpc/tZtRNBQkWsvKi8MkePeEIxjQqkrOiO/rc=
expires
Fri, 12 Jan 2024 13:29:26 GMT
placeholder-300x300.jpg
notisul.com.br/wp-content/uploads/2019/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/uploads/2019/12/placeholder-300x300.jpg
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
0348b394ae6fdd7144824779c8e0a30825fe70dbcbc09dcba49ba29ada7f0298

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Mon, 30 Mar 2020 18:08:58 GMT
server
nginx
etag
"5e8235ba-756"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1878
expires
Sat, 11 Jan 2025 12:59:26 GMT
maria-fumaca-1-696x387.jpeg
notisul.com.br/wp-content/uploads/2024/01/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/uploads/2024/01/maria-fumaca-1-696x387.jpeg
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
fcbd0076d51db2f568ad500c41b312501f0d32571ac635dcc118677097ba9eaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Tue, 09 Jan 2024 00:10:03 GMT
server
nginx
etag
"659c8edb-81a4"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33188
expires
Sat, 11 Jan 2025 12:59:26 GMT
luciana.png
notisul.com.br/wp-content/uploads/2024/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/uploads/2024/01/luciana.png
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
a1a8208073f17df7dabf0cd9569b14d62ece084d9d90e1bd7590fee2b53fa3df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Wed, 10 Jan 2024 19:48:01 GMT
server
nginx
etag
"659ef471-2a9a"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
10906
expires
Sat, 11 Jan 2025 12:59:26 GMT
moedas-ldo-696x812.jpg
notisul.com.br/wp-content/uploads/2024/01/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/uploads/2024/01/moedas-ldo-696x812.jpg
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
42e1e6a83a3ca50f18846a5238e35624088a41bc015da1094ff5a9cf105672c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Wed, 03 Jan 2024 01:20:01 GMT
server
nginx
etag
"6594b641-ae30"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
44592
expires
Sat, 11 Jan 2025 12:59:26 GMT
whatsapp-image-2023-12-20-at-09-40-34.jpeg
notisul.com.br/wp-content/uploads/2023/12/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/uploads/2023/12/whatsapp-image-2023-12-20-at-09-40-34.jpeg
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
facb342ce45a48e6cf3c38e35a0f6431edd75705d9e944361dbc4d26c2a54015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Wed, 27 Dec 2023 18:02:01 GMT
server
nginx
etag
"658c6699-67a4"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26532
expires
Sat, 11 Jan 2025 12:59:26 GMT
mapachuvas.png
notisul.com.br/wp-content/uploads/2023/10/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/uploads/2023/10/mapachuvas.png
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
793e50060002f4b748e540bf0182e9caf5c14a84ab030262ae7261ed0c319985

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Wed, 25 Oct 2023 23:26:01 GMT
server
nginx
etag
"6539a409-4116"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16662
expires
Sat, 11 Jan 2025 12:59:26 GMT
clima.jpg
notisul.com.br/wp-content/uploads/2023/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/uploads/2023/10/clima.jpg
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
3081a7cdb46d7160ef579e9e3b97eb8a377adcb3fa58ff8c1326bfec74ddc1f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Mon, 16 Oct 2023 11:08:01 GMT
server
nginx
etag
"652d1991-14ba"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5306
expires
Sat, 11 Jan 2025 12:59:26 GMT
caravaggio2-696x392.jpg
notisul.com.br/wp-content/uploads/2023/12/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/uploads/2023/12/caravaggio2-696x392.jpg
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
4b6cad88d9c5ff55f28863d595cd709dffefc5a7db16f2302bc608737f365f38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Fri, 29 Dec 2023 21:18:02 GMT
server
nginx
etag
"658f378a-9372"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
37746
expires
Sat, 11 Jan 2025 12:59:26 GMT
elements.png
notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5a862b9d7c39671de80dd6dee389818b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5a862b9d7c39671de80dd6dee389818b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Wed, 25 Mar 2020 18:29:56 GMT
server
nginx
etag
"5e7ba324-10e4"
vary
Accept, Accept
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4324
expires
Sat, 11 Jan 2025 12:59:26 GMT
logo-rodape.png
notisul.com.br/wp-content/uploads/2020/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notisul.com.br/wp-content/uploads/2020/03/logo-rodape.png
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
13bc95bee4e1c7e98adba1f117c6e6d8275906b36fbe660d950dcc04e0e5f313

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
last-modified
Mon, 13 Apr 2020 21:17:42 GMT
server
nginx
etag
"5e94d6f6-125e"
vary
Accept, Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4702
expires
Sat, 11 Jan 2025 12:59:26 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VFZE9G1QNG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111263603-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f66c23ed68d90fb11bf61541677d48200cd2755fe3bb43c4783401ccb074540b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81574
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 12:59:26 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111263603-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 12 Jan 2024 12:17:46 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2500
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 12 Jan 2024 14:17:46 GMT
8ae0917b30aa4cfec0e16cd6fd22ac5a
www.tempo.com/getwid/ Frame 1F1B 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Requested by
Host: www.tempo.com
URL: https://www.tempo.com/wid_loader/8ae0917b30aa4cfec0e16cd6fd22ac5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:633c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b07b05e134ce6f00e199bfb754341348e6c790fc5d6aedda145e680a805a8885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=32455
cf-cache-status
EXPIRED
cf-ray
844593a0df0a2bec-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Fri, 12 Jan 2024 12:59:26 GMT
expires
Fri, 12 Jan 2024 22:00:21 GMT
last-modified
Thu, 11 Jan 2024 20:49:21 GMT
meteored-site
br
server
cloudflare
vary
Accept-Encoding, User-Agent
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		228 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RJQG17ZHDN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-90417898-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d547b24c7d93a6314605149b1d1b55626ef6124d69a65112fffd85e136389b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82078
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 12:59:26 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1674a5a2-6f3d-4f40-823c-22fcf4f6d6ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:56:40 GMT
content-encoding
gzip
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 08:25:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P5
age
167
etag
W/"d6937d02acbbf691a008906e9d0617e0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
oKaVaBRvfjTYl8mayuTerZT4Njtp6zeVboBS1LOMFTqimbLcJzHyxQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1674a5a2-6f3d-4f40-823c-22fcf4f6d6ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b9bd62d41e0475b588177bdfec39010e3305ff9e5487c76972180b5735d3c1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29474
x-xss-protection
0
server
cafe
etag
335 / 19734 / 31080240 / config-hash: 9168911636527851926
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 12:59:26 GMT
pbjs-min.js
tags.premiumads.com.br/scripts/ 		394 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1674a5a2-6f3d-4f40-823c-22fcf4f6d6ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cf2e9bbdef32f1bd4e75dd8e1ecf2e7fa61697babb54f4d7e502445608b0d399
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
385831
x-powered-by
ASP.NET
request-context
appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
last-modified
Thu, 30 Nov 2023 13:32:58 GMT
server
cloudflare
etag
W/"1da2391bb43c69d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1NDAh37FRdHCABHSpbl8P%2BaKjzVDvlpdFfjIPQW1EOApnbk1Nu9ozi3QQhXRDujRseqkcQPaQpclX7%2FqFFNgMRRa2L%2BE7PGONEpPp6hxBiMmNwmHdpNPfY3r4%2FIvbh%2F34z%2FEH1kP2xLnl1PleWbD0Qf3tU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
844593a15a2f9ba1-FRA
video-loader.js
cdn.avantisvideo.com/avm/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1674a5a2-6f3d-4f40-823c-22fcf4f6d6ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:f400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22fb50fb51d746c7e5a9b78b57e7286257123df1ba0ac1364c29f18ae00ce89f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
HKDAZ4Fl8PiXARyZT7hwEa2Etg4ED9UM
content-encoding
gzip
via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
date
Fri, 12 Jan 2024 04:43:43 GMT
last-modified
Tue, 05 Dec 2023 06:44:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
42111
x-amz-server-side-encryption
AES256
etag
W/"d036f9af407111bbe61ce46ed8caabd8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ev5HXSvS7y1ZrIb9FaNScN9YodKFc37YGWJPc_DhsD-LWIyFyFVV6A==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		402 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6829076079046894&plah=notisul.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b90bfab6e722d2396b87d50cee90fdded8ab648258d6f9f966272afc912ca72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139383
x-xss-protection
0
server
cafe
etag
4086556725379113488
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 12:59:26 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame EB04 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47665
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 23:45:01 GMT
etag
9219409622527106327
expires
Thu, 25 Jan 2024 23:45:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
big-6.png
www.tempo.com/css/images/widget/g20/new/ Frame 1F1B 		716 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.com/css/images/widget/g20/new/big-6.png
Requested by
Host: www.tempo.com
URL: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:633c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b4ef842dafaa54a42997281404c0bb3d15c799e76d3abc47fb6b3caf86c4ce7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
cf-cache-status
HIT
age
85870
cf-polished
origFmt=png, origSize=55736
content-disposition
inline; filename="big-6.webp"
alt-svc
h3=":443"; ma=86400
content-length
716
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Jan 2024 11:27:06 GMT
server
cloudflare
etag
"659e7f0a-d9b8"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
844593a1d8de65cf-FRA
expires
Fri, 10 Jan 2025 13:08:16 GMT
small-3.png
www.tempo.com/css/images/widget/g20/new/ Frame 1F1B 		330 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.com/css/images/widget/g20/new/small-3.png
Requested by
Host: www.tempo.com
URL: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:633c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2980625ad01cf166c6f33b6b3a19bb3b1eb97f92f0417faa6265893ade0557d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
cf-cache-status
HIT
age
89834
cf-polished
origFmt=png, origSize=49793
content-disposition
inline; filename="small-3.webp"
alt-svc
h3=":443"; ma=86400
content-length
330
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Jan 2024 11:27:06 GMT
server
cloudflare
etag
"659e7f0a-c281"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
844593a1d8e465cf-FRA
expires
Fri, 10 Jan 2025 12:02:12 GMT
small-2.png
www.tempo.com/css/images/widget/g20/new/ Frame 1F1B 		310 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.com/css/images/widget/g20/new/small-2.png
Requested by
Host: www.tempo.com
URL: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:633c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e5e010c6d9a1e946993001e7503bbe1cb6fd54b133b4dc8e4c108952fa2ba7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
cf-cache-status
HIT
age
76779
cf-polished
origFmt=png, origSize=48870
content-disposition
inline; filename="small-2.webp"
alt-svc
h3=":443"; ma=86400
content-length
310
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Jan 2024 11:27:06 GMT
server
cloudflare
etag
"659e7f0a-bee6"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
844593a2192065cf-FRA
expires
Fri, 10 Jan 2025 15:39:47 GMT
small-5.png
www.tempo.com/css/images/widget/g20/new/ Frame 1F1B 		364 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.com/css/images/widget/g20/new/small-5.png
Requested by
Host: www.tempo.com
URL: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:633c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0188a737e8063e7702d97b2e0a136c1f1ffe017af4eae40eb512266e3ef7b46d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
cf-cache-status
HIT
age
26344
cf-polished
origFmt=png, origSize=51411
content-disposition
inline; filename="small-5.webp"
alt-svc
h3=":443"; ma=86400
content-length
364
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Jan 2024 11:27:06 GMT
server
cloudflare
etag
"659e7f0a-c8d3"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
844593a2192365cf-FRA
expires
Sat, 11 Jan 2025 05:40:22 GMT
small-12.png
www.tempo.com/css/images/widget/g20/new/ Frame 1F1B 		408 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.com/css/images/widget/g20/new/small-12.png
Requested by
Host: www.tempo.com
URL: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:633c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c95103116d2c97168d5f48ed5621a4a35902a78403963d1c791b5470b80b61be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
cf-cache-status
HIT
age
85562
cf-polished
origFmt=png, origSize=51372
content-disposition
inline; filename="small-12.webp"
alt-svc
h3=":443"; ma=86400
content-length
408
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Jan 2024 11:27:06 GMT
server
cloudflare
etag
"659e7f0a-c8ac"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
844593a2495765cf-FRA
expires
Fri, 10 Jan 2025 13:13:24 GMT
small-10.png
www.tempo.com/css/images/widget/g20/new/ Frame 1F1B 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.com/css/images/widget/g20/new/small-10.png
Requested by
Host: www.tempo.com
URL: https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:633c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f1d90d5377699b09561e0cda143dc5f9396a382a5a6c30f1ba25f26c5b26323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tempo.com/getwid/8ae0917b30aa4cfec0e16cd6fd22ac5a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 10 Jan 2024 11:27:06 GMT
server
cloudflare
etag
"659e7f0a-ce3c"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
844593a2495965cf-FRA
alt-svc
h3=":443"; ma=86400
content-length
52796
expires
Sat, 11 Jan 2025 12:59:26 GMT
prebid.js
tags.denakop.com/ 		323 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/prebid.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10432/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca6f07ec1368dbc869318144688deac0eca76f09553a468c942c2d9a227ca4f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 03 Oct 2023 13:24:20 GMT
server
cloudflare
age
1082
cf-polished
origSize=330936
etag
W/"651c1604-50cb8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
844593a1eee99207-FRA
alt-svc
h3=":443"; ma=86400
notisul.com.br.js
tags.denakop.com/10432/ 		261 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/10432/notisul.com.br.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10432/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
446f1f06cd957012c05337854f82ccafd60de3a3662d46e573661d4764e3825d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Wed, 10 Jan 2024 14:10:47 GMT
server
cloudflare
etag
W/"659ea567-41489"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
844593a1eeeb9207-FRA
alt-svc
h3=":443"; ma=86400
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.4.1%27%20async=%27async
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2900
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
844593a1eb5f36dd-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Jan 2024 12:59:26 GMT
collect
www.google-analytics.com/j/ 		1 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=678951444&t=pageview&_s=1&dl=https%3A%2F%2Fnotisul.com.br%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20inicial%20-%20Notisul&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1248904152&gjid=881548973&cid=1963775716.1705064366&tid=UA-111263603-1&_gid=180935877.1705064366&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZGIzZG%2CdZTNiMT&gdid=dZGIzZG.dZTNiMT&jsscut=1&z=1954376146
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=678951444&t=pageview&_s=1&dl=https%3A%2F%2Fnotisul.com.br%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20inicial%20-%20Notisul&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=183886215&gjid=946693696&cid=1963775716.1705064366&tid=UA-90417898-1&_gid=180935877.1705064366&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZGIzZG%2CdZTNiMT&gdid=dZGIzZG.dZTNiMT&jsscut=1&z=1160619217
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VFZE9G1QNG&gtm=45je41a0v9138110829&_p=1705064365576&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZGIzZG.dZTNiMT&cid=1963775716.1705064366&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705064366&sct=1&seg=0&dl=https%3A%2F%2Fnotisul.com.br%2F&dt=P%C3%A1gina%20inicial%20-%20Notisul&en=page_view&_fv=1&_ss=1&ep.anonymize_ip=true&tfd=1937
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VFZE9G1QNG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VFZE9G1QNG&cid=1963775716.1705064366&gtm=45je41a0v9138110829&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VFZE9G1QNG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VFZE9G1QNG&cid=1963775716.1705064366&gtm=45je41a0v9138110829&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1389666027
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RJQG17ZHDN&gtm=45je41a0v9119071226&_p=1705064365576&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1963775716.1705064366&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705064366&sct=1&seg=0&dl=https%3A%2F%2Fnotisul.com.br%2F&dt=P%C3%A1gina%20inicial%20-%20Notisul&en=page_view&_fv=1&_ss=1&tfd=1961
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RJQG17ZHDN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wp-emoji-release.min.js
notisul.com.br/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notisul.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.13 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us13.serverdo.in
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
nginx
etag
W/"63db0985-4904"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 11 Jan 2025 12:59:26 GMT
abc.txt
static.avantisvideo.com/data/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:7400:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6d63d3d8b44ff702e34581e8ae337390bdf3cbe208adefdbaf366ec9d9d9a88

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
gzip
via
1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
1077
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 Jan 2024 07:55:04 GMT
server
AmazonS3
etag
W/"c7f1c3305681144b41de769c59a56aed"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://notisul.com.br
access-control-allow-credentials
true
x-amz-cf-id
FasDSbauRoJQyXNEYQg_5lL09LkrrOoWUmxcxGdswPhb-S-EG_1DAQ==
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-90417898-1&cid=1963775716.1705064366&jid=183886215&gjid=946693696&_gid=180935877.1705064366&_u=YCDACUABBAAAACAAI~&z=2125655959
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 12 Jan 2024 12:59:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7
config.aps.amazon-adsystem.com/configs/ 		564 B
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
b9fd0e8576ea84ddc87bdb42eaeba3b53e1fc468bc6e3be6eaf07561846010db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:55:16 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
250
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
fzomrjVrvfTFYoWaB6CGBvsYaTnFcTI9-sKz_nnq-aFxGfvLsFseAg==
config
c.amazon-adsystem.com/cdn/prod/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnotisul.com.br&pubid=331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
https://notisul.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
Famam9mV74-r_zV45WcjOdBIHqtNa872zxujfmaURmsCbEGPCoOp1w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
date
Thu, 11 Jan 2024 16:20:36 GMT
x-amz-cf-pop
FRA56-P5
age
74331
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ZQeyniq1Rgm8CjyMlpIL6Ux_xQQONQQyWQ2MYH4qkpjNN1oYq9Q6bg==
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10246.m0QiVRKIWAQMa2jq4adB871rJ7FDXrQ2sClfZz_99g2x3CSJ85GAExcxsCwJ50EV.-ZFNmtF9haLSY773wJegQlDg7_g%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10246.pa9XVAAVPxVJ1axaYcC8WrumGUVBvx1Tw6LiXgyIuZQoXyN_R74gQkEIZyGckKtbHbLTvlDfVrdd8CZDz1J_GOpvqxtdn5XmONvso69oWPAO-7FyyHo9S4pVBzWwpf4zhe6Z1Ex5rU...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10246.cTscGSjA4Gy6I_6a_omYmjLseOfsZ3-jbMFKRws_GBgr8lGsXK3sEvDCOhN_SDIfe_CmCQnatkDQ4priZv5ZuNHxXWM5YJ5XADNhIaw6-wJXq...
43 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10246.cTscGSjA4Gy6I_6a_omYmjLseOfsZ3-jbMFKRws_GBgr8lGsXK3sEvDCOhN_SDIfe_CmCQnatkDQ4priZv5ZuNHxXWM5YJ5XADNhIaw6-wJXqHZdHnbSYl3KFBmY5_OIDsj3a7ODgtizn1FGInpbaoz6WQJu43BOrMa3qfeocmWHpsbvNOe3nBzBBAJgQPRMkVchRchVUQXbfJa3gJ0c0A%2C%2C.8tOztEb7kn5eTKbmDQaOIPVWdJw%2C
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10246.cTscGSjA4Gy6I_6a_omYmjLseOfsZ3-jbMFKRws_GBgr8lGsXK3sEvDCOhN_SDIfe_CmCQnatkDQ4priZv5ZuNHxXWM5YJ5XADNhIaw6-wJXqHZdHnbSYl3KFBmY5_OIDsj3a7ODgtizn1FGInpbaoz6WQJu43BOrMa3qfeocmWHpsbvNOe3nBzBBAJgQPRMkVchRchVUQXbfJa3gJ0c0A%2C%2C.8tOztEb7kn5eTKbmDQaOIPVWdJw%2C
date
Fri, 12 Jan 2024 12:59:26 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
/
id.navegg.com/uid/ 		16 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.navegg.com/uid/
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
vary
Accept
allow
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-frame-options
DENY
cf-ray
844593a40e8e1959-FRA
access-control-allow-headers
*
content-length
16
access-control-allow-method
GET
/
events1.avantisvideo.com/ 		0
35 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.30.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-30-234.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame 14DD 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:f400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68180
content-encoding
gzip
content-type
text/html
date
Thu, 11 Jan 2024 18:03:07 GMT
etag
W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified
Wed, 06 Apr 2022 12:25:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
x-amz-cf-id
oFfnEHrD_LwEwxa8wgasPEDlGY7cn2DPkTl21WRbP3IOPO0u9iHlpQ==
x-amz-cf-pop
FRA60-P6
x-amz-version-id
dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache
Hit from cloudfront
advert.gif
mc.yandex.com/metrika/ 		43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 25 Dec 2023 13:57:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65898a2e-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 12 Jan 2024 13:59:26 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080240
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:28:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
30646
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140168
x-xss-protection
0
server
cafe
etag
17101759845534740898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 11 Jan 2025 04:28:40 GMT
web
onesignal.com/api/v1/sync/bd4355f4-934b-4077-9b42-3f9ec960d382/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/bd4355f4-934b-4077-9b42-3f9ec960d382/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdb1bef3e22a02a2d012f5c61779e6d8b4b01bb3785990723be0bba9b6910918
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
2562127d-2770-4982-8fc9-b3c15589da20
x-runtime
0.036064
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"cdb1bef3e22a02a2d012f5c61779e6d8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
844593a42da536dd-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 12 Jan 2024 13:59:26 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 820F 		232 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&adk=1812271804&adf=3025194257&lmt=1705064366&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064366335&bpp=2&bdt=783&idt=417&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5252623613645&frm=20&pv=2&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=460
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6829076079046894&plah=notisul.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c9e660ec45245a3d2db228a20af1c9d8dd031200baa4f796ac1dec0b5f9ef95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
57649
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:27 GMT
expires
Fri, 12 Jan 2024 12:59:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		113 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=undefined
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10432/notisul.com.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dea3a6de6485e780c89b190961b4752d9d239fe8705991bbf2aa561b4843dacd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44422
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jan 2024 12:59:26 GMT
api.gif
tags.denakop.com/ 		0
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=p&p=https%3A%2F%2Fnotisul.com.br%2F&t=1705064366825&cb=0.7754100481417108
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:26 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
844593a4ad051d9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cdn1.avantisvideo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-max-age
86400
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Fri, 12 Jan 2024 12:59:26 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-id
Pi7FzlaagEJuRfGIcHro8QkdeghgV7MAyaJ4SjD6pNlXRCjkt5yqig==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
geoip
avm.avantisvideo.com/api/v1/ Frame 14DD 		184 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2e5876f872d768d3e43d4ae76cbbb458b105d2b1e5bcdeefb9c6b113ba7d0195
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA60-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
184
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
x-download-options
noopen
access-control-allow-credentials
true
x-amz-cf-id
I2Nf-8ldy0OTRJqv3LDdJB7JtPE9s2_lZxsT_h608EN6bS6VOr4seg==
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2899
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
844593a509bb9975-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 11 Feb 2024 12:59:26 GMT
icon
onesignal.com/api/v1/apps/bd4355f4-934b-4077-9b42-3f9ec960d382/ 		192 B
755 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/bd4355f4-934b-4077-9b42-3f9ec960d382/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3d64171a577b37fc7b854864bb38c2579b5360a0fbe857f783e7c27fafadc14
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:26 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
0290adff-a632-47ae-a868-e9b4f9ed518a
x-runtime
0.012788
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"c3d64171a577b37fc7b854864bb38c25"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
844593a56d34380f-FRA
access-control-allow-headers
SDK-Version
1
mc.yandex.com/watch/95390266/
Redirect Chain
  • https://mc.yandex.com/watch/95390266?wmode=7&page-url=https%3A%2F%2Fnotisul.com.br%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
  • https://mc.yandex.com/watch/95390266/1?wmode=7&page-url=https%3A%2F%2Fnotisul.com.br%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
427 B
591 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/95390266/1?wmode=7&page-url=https%3A%2F%2Fnotisul.com.br%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A454798477115%3Ahid%3A483625554%3Az%3A60%3Ai%3A20240112135926%3Aet%3A1705064367%3Ac%3A1%3Arn%3A212289292%3Arqn%3A1%3Au%3A1705064367846793312%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C259%2C127%2C260%2C655%2C0%2C%2C663%2C1%2C%2C%2C%2C1966%3Aco%3A0%3Acpf%3A1%3Ans%3A1705064364506%3Agi%3AR0ExLjEuMTk2Mzc3NTcxNi4xNzA1MDY0MzY2%3Afp%3A1644%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705064367%3At%3AP%C3%A1gina%20inicial%20-%20Notisul&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a4550af373ce8e381398211c9dc032b014036ecc3188deba5b946e17b2d40d8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 12-Jan-2024 12:59:27 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notisul.com.br
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
427
x-xss-protection
1; mode=block
expires
Fri, 12-Jan-2024 12:59:27 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:26 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 12-Jan-2024 12:59:26 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/95390266/1?wmode=7&page-url=https%3A%2F%2Fnotisul.com.br%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A454798477115%3Ahid%3A483625554%3Az%3A60%3Ai%3A20240112135926%3Aet%3A1705064367%3Ac%3A1%3Arn%3A212289292%3Arqn%3A1%3Au%3A1705064367846793312%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C259%2C127%2C260%2C655%2C0%2C%2C663%2C1%2C%2C%2C%2C1966%3Aco%3A0%3Acpf%3A1%3Ans%3A1705064364506%3Agi%3AR0ExLjEuMTk2Mzc3NTcxNi4xNzA1MDY0MzY2%3Afp%3A1644%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705064367%3At%3AP%C3%A1gina%20inicial%20-%20Notisul&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin
https://notisul.com.br
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 12-Jan-2024 12:59:26 GMT
c1987870-342c-41f3-9eee-ebcb60126868.jpg
img.onesignal.com/permanent/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/c1987870-342c-41f3-9eee-ebcb60126868.jpg
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc3eceaf32142a50113b7a39694114e2a51ed95b8c7998a3c62d9f69c8599dd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Fri, 12 Jan 2024 12:59:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
x-guploader-uploadid
ABPtcPoY6UQU32EYMLWVYVHmZf2UnidS8pRcvzfs-t0tCHT6o-HCFQDvwLpLr68y5fyowEAk0eP13VfPQA
x-goog-meta-x-goog-source-etag
"60361291910c57bfdc2553a4942ca4a7"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
6129
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:57:20 GMT
server
cloudflare
etag
"-COTPk6+PlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676347040917476
content-type
application/octet-stream
x-goog-hash
crc32c=niy3/A==, md5=YDYSkZEMV7/cJVOklCykpw==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
6129
accept-ranges
bytes
cf-ray
844593a5df4b36dd-FRA
expires
Mon, 12 Feb 2024 12:59:27 GMT
t3m.js
tags.t.tailtarget.com/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-11382-4/CT-1249
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10432/notisul.com.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 11:49:23 GMT
content-encoding
gzip
via
1.1 google
age
4204
x-guploader-uploadid
ABPtcPraNtE1srvbaoDTNZUiCTgplcgNS6Sr92vjM98eH5BPIcWdlFedqtjBgUJQwYvSNoDvQ54
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6184
last-modified
Thu, 19 Dec 2019 17:12:55 GMT
server
nginx/1.8.1
etag
"0aa924c986b60c68345be2b644a237df"
vary
Accept-Encoding
x-goog-generation
1576775575233105
x-goog-hash
md5=CqkkyYa2DGg0W+K2RKI33w==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
6184
accept-ranges
bytes
expires
Fri, 12 Jan 2024 13:49:23 GMT
video-loader2.2.js
cdn.avantisvideo.com/js/ 		971 KB
289 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.2.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:f400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8adf628ade75121722a99ef712647ac2f3f07a40a66a6ec204aa6e565e3e007f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
wJCIXkFJbxddOf2jW6sEina..6RnGxDi
content-encoding
gzip
via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
date
Fri, 12 Jan 2024 00:07:20 GMT
last-modified
Tue, 09 Jan 2024 08:54:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
46327
x-amz-server-side-encryption
AES256
etag
W/"ac58d4bd996d828d15ffacd8f67a2d42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
BNahJB0cY0Et0mb5VBWaiYPnCxrxnBtfTu_dGZBIAqoQ9tQ7Ts21zg==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://notisul.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://notisul.com.br
access-control-max-age
86400
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Fri, 12 Jan 2024 12:59:27 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-id
GvphFdN3HudOeNeAablauA0eeWH_e7ImOCnTpXB4EweQWqJYikwLtg==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
geoip
avm.avantisvideo.com/api/v1/ 		184 B
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2e5876f872d768d3e43d4ae76cbbb458b105d2b1e5bcdeefb9c6b113ba7d0195
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA60-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
184
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notisul.com.br
x-download-options
noopen
access-control-allow-credentials
true
x-amz-cf-id
xbUb9dv8-_6lQ8yBf8YIc6p4nDPq1SmMD548iEcVD0pCWcZqE4G75A==
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.30.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-30-234.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6829076079046894&plah=notisul.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87949009ead4d29ffc86d632a50bbc15d836c73eafd13aa0b03b5e215241f3fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12329
x-xss-protection
0
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 07:05:33 GMT
content-encoding
gzip
age
21234
x-guploader-uploadid
ABPtcPr1PFnVjbQdD1nRbnC45LXAylij8ezO4QN5ws540NNPNCIz_z_PFwQqlibJikqEg4l3FNg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6116
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash
crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation
1694696370171925
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6116
accept-ranges
bytes
expires
Sat, 13 Jan 2024 07:05:33 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		162 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6829076079046894&plah=notisul.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fb3a74155502c9246518b2a2bbbf6022297bf54ec895c47aeb5d20f5574f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56407
x-xss-protection
0
server
cafe
etag
11613089785955547737
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 12:59:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1838386535362782&num=0&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1838386535362782&num=1&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1838386535362782&num=2&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1838386535362782&num=3&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1838386535362782&num=4&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1838386535362782&num=5&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1838386535362782&num=6&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1504422820109051&num=0&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1504422820109051&num=1&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1504422820109051&num=2&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1504422820109051&num=3&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1504422820109051&num=4&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4296621817268135&num=0&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4296621817268135&num=1&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4296621817268135&num=2&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4296621817268135&num=3&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2059102793921388&num=0&dvc=0&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 34BA 		135 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6829076079046894&plah=notisul.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3013ee30174ddb9219199d7d1113df420c88962da92a051a94d96be79dbeeb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45494
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:27 GMT
expires
Fri, 12 Jan 2024 12:59:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 84C0 		123 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6829076079046894&plah=notisul.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34dc415078b3215e6d0d2fa9dad66579508cd368335e0af128784b6364b21c6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43148
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:27 GMT
expires
Fri, 12 Jan 2024 12:59:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8DCA 		40 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6829076079046894&plah=notisul.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
989563bfc54f552a22226d53713f85e39209d45282547bf88494483fba463a92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17148
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:28 GMT
expires
Fri, 12 Jan 2024 12:59:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8845 		135 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6829076079046894&plah=notisul.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ea09ae17ec2f5394595b470aea1ec3ea351de1420bff15791ad97fe7ab4b646
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45499
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:27 GMT
expires
Fri, 12 Jan 2024 12:59:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=4&wpc=ca-pub-6829076079046894&warn=12%2C13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20240107_093417&sat=1704847793003&afm=0&as_count=0&d_count=0&ng_count=0&am_count=4&atf_count=0&mdns=0&alldns=0.213&allp=105&fd=(0%2C16%2C7)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=5265&abl=false&rr=n&su=notisul.com.br&pvc=1563553113345751&r=0.1&eid=44759875%2C44759926%2C95320238%2C95320889
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6829076079046894&plah=notisul.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 12:59:27 GMT
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:47:46 GMT
content-encoding
gzip
age
54701
x-guploader-uploadid
ABPtcPpv_fT-x8tB4JjCv49PzA9M0AOBwN-7EEj5IhuyiRWblfN3MwxUgauFkXp-N2BGCh7hxueSoDp3mw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8334
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash
crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation
1694696370056280
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8334
accept-ranges
bytes
expires
Fri, 12 Jan 2024 21:47:46 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 0E04 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6829076079046894&plah=notisul.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
44008
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 00:45:59 GMT
etag
9219409622527106327
expires
Fri, 26 Jan 2024 00:45:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 0E04 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 12:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 11:30:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 12:59:29 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0E04 		205 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 19:51:36 GMT
x-content-type-options
nosniff
age
320871
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 07 Jan 2025 19:51:36 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0E04 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:13:03 GMT
x-content-type-options
nosniff
age
272784
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 08 Jan 2025 09:13:03 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 0E04 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:22:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59789
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 20:22:58 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 0E04 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:22:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59789
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 20:22:58 GMT
u
b.t.tailtarget.com/ 		76 B
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
f0da5b475874c3f52d39a219f92baaa750c33c94b3030f16c28fd65d928724ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD7B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
37006
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 02:42:41 GMT
expires
Sat, 11 Jan 2025 02:42:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3CA1 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
74c0adddaf4bb96296b691b25b1ebd9931a1d23149294fe3a2152cbbfc16e287
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0O7pAVEKnjpmYoUMNb0l8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0O7pAVEKnjpmYoUMNb0l8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:27 GMT
expires
Fri, 12 Jan 2024 12:59:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame BD7B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 02:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
37005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 02:42:42 GMT
3
avm.avantisvideo.com/api/v1/vl/645b490f-24f2-429d-a04c-d266868eea7c/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/vl/645b490f-24f2-429d-a04c-d266868eea7c/3?no_cache=false&target=true&device=desktop&countryAllowed=false&cb=1705064367586&subId=%22%22&browser=chrome&utm=%22%22&os=windows&url=https%3A%2F%2Fnotisul.com.br%2F&eu=true&country=DE&hour=13&day=5&amp=false&domain=notisul.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://notisul.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://notisul.com.br
access-control-max-age
86400
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Fri, 12 Jan 2024 12:59:27 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-id
5U9-J_5KIT2qKGvoBgJgoBUPM2OMqyI28YxYaPj9a0kqqTqDXwOIJA==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
3
avm.avantisvideo.com/api/v1/vl/645b490f-24f2-429d-a04c-d266868eea7c/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/vl/645b490f-24f2-429d-a04c-d266868eea7c/3?no_cache=false&target=true&device=desktop&countryAllowed=false&cb=1705064367586&subId=%22%22&browser=chrome&utm=%22%22&os=windows&url=https%3A%2F%2Fnotisul.com.br%2F&eu=true&country=DE&hour=13&day=5&amp=false&domain=notisul.com.br
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1c32dcd5a2823280471d70ef650b973a76bf8b731602bfa30a5e292ad91c0443
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://notisul.com.br
x-download-options
noopen
access-control-allow-credentials
true
x-amz-cf-id
tS7tvhbPVCIw2eP_EbYjfs5IJVcxfoJzvMoG-tY1hJk5jXFPZR0p4w==
/
events.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.30.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-30-234.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3CA1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=1563553113345751&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame BD7B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?AsFOYQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		367 B
706 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10432,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fnotisul.com.br%2F&tg_i.domain=notisul.com.br&tg_i.page=https%3A%2F%2Fnotisul.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=22f3c52d3f0a69&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9746029192069667
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0425a43ecb4cc5d7b4fc37a78348a6c4f28791255b95d349e3f55b93e32898cd

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
367
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		367 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10432,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fnotisul.com.br%2F&tg_i.domain=notisul.com.br&tg_i.page=https%3A%2F%2Fnotisul.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=3ebc49629a2564&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7328961516313639
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1827427890b200cf24f158ee20443f5f16b283ffd2910af26c87b2fcd4ef3e9b

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
367
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		363 B
876 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=9&alt_size_ids=8&rp_schain=1.0,1!denakop.com,10432,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fnotisul.com.br%2F&tg_i.domain=notisul.com.br&tg_i.page=https%3A%2F%2Fnotisul.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=453a4e32eb88b2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.02587846130949889
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7307ad1954bc51b3f6a032e875ba02a8f1f136a735fa6ad68cc7f71cd8f287e8

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
363
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		364 B
704 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10432,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fnotisul.com.br%2F&tg_i.domain=notisul.com.br&tg_i.page=https%3A%2F%2Fnotisul.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=53ffcd30f39f45&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5928445061510623
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
812f25039df25813974ed4311fb46998d2410a9c7e06074d44a465a8f9d2f792

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
364
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
177 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://notisul.com.br
date
Fri, 12 Jan 2024 12:59:27 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
prebid.smilewanted.com/ 		0
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
844593aa1e989031-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
844593aa1e949031-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
844593aa1e969031-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
308 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
844593aa1e959031-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
ib.adnxs.com/ut/v3/ 		471 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
00b5550e8b054376060003cb34e91ea203cde97a67b32a646bab54e273acc970
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
an-x-request-uuid
a841796d-0916-4a6b-a2a9-8e6a714191ae
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notisul.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
471
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://notisul.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
ib.adnxs.com/ut/v3/ 		399 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
c0de85fa1624e51827f07e691c10771215e01b17b4fee418573b687e9714c3a0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
an-x-request-uuid
7adb6f05-2124-47c5-b393-46b0c20fb8c2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notisul.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
399
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
cpm.denakop.com/ 		0
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.denakop.com/hb?zone=166166&v=1.6
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://notisul.com.br
Date
Fri, 12 Jan 2024 12:59:27 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
hb
cpm.denakop.com/ 		0
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.denakop.com/hb?zone=166168&v=1.6
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://notisul.com.br
Date
Fri, 12 Jan 2024 12:59:27 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
hb
cpm.denakop.com/ 		0
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.denakop.com/hb?zone=146448&v=1.6
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://notisul.com.br
Date
Fri, 12 Jan 2024 12:59:27 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
hb
cpm.denakop.com/ 		0
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.denakop.com/hb?zone=166141&v=1.6
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://notisul.com.br
Date
Fri, 12 Jan 2024 12:59:27 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
v1
prg.smartadserver.com/prebid/ 		186 B
564 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://notisul.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		186 B
564 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://notisul.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		186 B
564 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://notisul.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		186 B
564 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://notisul.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnotisul.com.br%2F&pid=38hKq3FKLhrNi&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22denakop-auto-first-68e42f43-103e-4b02-9bbe-40af93303324%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22970x250%22%2C%22728x180%22%5D%2C%22sn%22%3A%22%2F21715141650%2C21711708409%2Fnotisul.com.br%2Fdesktop_first%22%7D%2C%7B%22sd%22%3A%22denakop-auto-scroll-a7cf1405-a494-47f3-9a5e-83968a5a5094%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22970x250%22%2C%22728x180%22%5D%2C%22sn%22%3A%22%2F21715141650%2C21711708409%2Fnotisul.com.br%2Fdesktop_scroll%22%7D%2C%7B%22sd%22%3A%22denakop-auto-side-87cc8cb9-180e-4829-ab20-59dce1910f3a%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%2C%22120x450%22%5D%2C%22sn%22%3A%22%2F21715141650%2C21711708409%2Fnotisul.com.br%2Fdesktop_side%22%7D%2C%7B%22sd%22%3A%22denakop-auto-under-d17352ae-7100-48ac-aaf2-0627171e0d80%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21715141650%2C21711708409%2Fnotisul.com.br%2Fdesktop_under%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!premiumads.com.br%2C0b9352b8-21bd-4c1c-94ff-25e1ac77175b%2C1%2C%2C%2C&pubid=331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
H20PQW5XZM0N8TYSXCJZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://notisul.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
LdnhWGVB5SgwF0JyBEb935np2fLVVLE6QYHj3hxikddNfZg-jIHvNw==
b
b.t.tailtarget.com/ 		150 B
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-11382-4&tY=1&tS=3&tU=0100007FAF37A165F3065F760235B311&tX=b.52&tZ=537758643&env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
ddc11222fe5230b7d4eae7e1cb10957a83b12529726e86ba712a722ea2c8cf46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		375 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efaf4ad41f657cd1dc07408a59160cafa496db36c8ed259bff15ab87d80643d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131541
x-xss-protection
0
expires
Fri, 12 Jan 2024 12:59:27 GMT
2.32e85f7b3bf0ca8b6a68-vl.js
cdn.avantisvideo.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/2.32e85f7b3bf0ca8b6a68-vl.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:f400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8391c63bca8934d1235b7f7f6bf0d42e4b58724b1a598ae95c29840a73307de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
mw0uY9_2a7XiCsIxn15CyL26aTnVAQM5
content-encoding
gzip
via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
date
Fri, 12 Jan 2024 00:07:46 GMT
last-modified
Mon, 08 Jan 2024 10:33:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
46301
x-amz-server-side-encryption
AES256
etag
W/"ed878f0f0a2987c6c78e898df22e0cb9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
GaPdjucFz0lSIA6vc3quHSWDu1Vp0lj8IluhPrldefnAdHDoO2c0Pg==
0.32e85f7b3bf0ca8b6a68-vl.js
cdn.avantisvideo.com/js/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/0.32e85f7b3bf0ca8b6a68-vl.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:f400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
472f4392c02fc9c41cae1148a4e66235ada634a71ad6f4a7526e76f68f131115

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
FnWYSq1EDI1tgJN6Agl5zFmCE1pLzrPr
content-encoding
gzip
via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
date
Fri, 12 Jan 2024 00:19:46 GMT
last-modified
Mon, 08 Jan 2024 10:33:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
45582
x-amz-server-side-encryption
AES256
etag
W/"14226a6ee1cfac947f5e3374dbb90e50"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
cEChddZml0FXArbBiVqEYHQzty1CgksNlLkcBZ39GjLwXKoQIHiEeA==
prebid.js
cdn.avantisvideo.com/js/ 		727 KB
227 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/prebid.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:f400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c195f7f86114ba28d547a30f24316b33102a42d54ac5e1161aacfadf9ff8462

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 00:10:19 GMT
x-amz-version-id
ydv2L5k_MHY86g3mgS59yK4OYje.Adzt
content-encoding
gzip
last-modified
Tue, 28 Nov 2023 14:55:01 GMT
server
AmazonS3
via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
etag
W/"6cb5627b51a626b14a82d96e24075fb3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
46149
x-amz-cf-id
4wCjNlDUga_PrJPWyJSTUpZ5X6QkYDoZee0dzyn9lNQVmcFSzojP4A==
css
fonts.googleapis.com/ Frame 34BA 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 12:59:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 11:29:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 12:59:27 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 34BA 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:02:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
14222
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:02:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 34BA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
12488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:31:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 34BA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:16:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
63758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:16:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 34BA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67594
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:12:53 GMT
l
www.google.com/ads/measurement/ Frame 34BA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTy5YOrpRiC4naCtQQk89f2Zfn4Tkgz9GLLrWQlE7qgjuhFrvLMCASESPwgS51QbkFCag1Y9JOqlfdlCcwYwREa5HdBKA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 34BA 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 12:59:28 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 34BA 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 22:18:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 08 Apr 2024 08:48:22 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A5CD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 19:20:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/5305490614203411985/ Frame 34BA 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5305490614203411985/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb9ded6769d6f6b60ee61214bedaf54bfd34d4ed53e018581864197d18cfda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 07 Jan 2025 23:43:47 GMT
date
Mon, 08 Jan 2024 23:43:47 GMT
x-content-type-options
nosniff
age
306940
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18245
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 13:35:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 34BA 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 34BA 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240112
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98e7160d0075568ab28be42506ed89b44c76123d5129d54d527e05d8c36a8e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
32310
x-jsd-version
1.0.1932
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21959-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"640-cZdpNXfIE+7Ope7Y+eaLRIbw2+A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWtlf3D7%2FykXx0nWX%2BYHgOvJGpUfOmq%2BL%2FUhHbrPPahSOIYlkxaPyf77dI0lMTjsBkPT%2FedCPdzHjNwG24KBp2go7ZNUf1%2Brmsoxnsl83ZyEpfQ31bVWKZO7pLrftDdSsc1C%2BtzGGKuKiIp2F5A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
844593ac3eb72bce-FRA
IIQUniversalID-5.4.js
cdn.avantisvideo.com/js/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/IIQUniversalID-5.4.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:f400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db7b65df8750bb51c57b5ed15f1eb6cbc826d805943ffac2a10f494c7a2b702b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
19jbd449.l4plpiZGEH_KqaDOfWnHBCH
content-encoding
gzip
via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
date
Thu, 11 Jan 2024 15:37:59 GMT
last-modified
Sun, 18 Jun 2023 11:27:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
76890
x-amz-server-side-encryption
AES256
etag
W/"a483bdb2fa74476427b16deeaf3613ec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
NPNalO4UjyPRy2FhulVCiIhhez-jng7tZrOkP_zHmtSSNq-FWVjxiA==
ca
tt-11382-4.seg.t.tailtarget.com/ 		83 B
335 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-11382-4.seg.t.tailtarget.com/ca?tZ=404043329&env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
01c7e5d519cd8269f17a9152bd01663679fb02202295bb90c9ff275a290ddd81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ Frame 34BA 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e02e7de5e68811c310e7299c090355b1697b7213432639fe8abf372f1e1aae07

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 84C0 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 11:26:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 12:59:28 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 84C0 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:02:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
14223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:02:25 GMT
dpixel
cms.quantserve.com/ Frame A5CD 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBGCrUNHyezpaqWl_y3lcxo&google_cver=1&google_push=AXcoOmTFAR7hIwt9dHSJb1oIrNzM2axA9Tq2VkGyewlyoNgWsILT5xUGJXYzrJQD7QyNW3hUrvlQQ507XRAgYX4c_Swhep5LzEZmq2xaEWUfmasHv8cejeknZqAT4v74GyP_OXfAQ1CV2abh_1faVtjP462NIg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame A5CD 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENtgD6ymWHb4dv1JU9pX3Jg&google_cver=1&google_push=AXcoOmQ2D6Yvo6J7g3D1EBNeyGyRup3hnfWVPk0YkvrorgiXWG-0uOtOu2SJywtVD5Ivvsr1hl1vqzaabq5smA-LL57xlMCZgJCOCJBqXaol_SgYdLoSu_BcsCFdtNZG6hbCI95v5Cmjiu21Dskbo1NGmpGPzQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame A5CD
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPZbFcrI_8et3SvfEzJ2PW0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPZbFcrI_8et3SvfEzJ2PW0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBWdmNkNFcxUm9oOGM1&google_gid=CAESEPZbFcrI_8et3SvfEzJ2PW0&google_cver=1&google_push=AXcoOmR3VSMhsii2Q5gX3rZmpL3ieBE25a4vC7Covg8sB_N...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBWdmNkNFcxUm9oOGM1&google_gid=CAESEPZbFcrI_8et3SvfEzJ2PW0&google_cver=1&google_push=AXcoOmR3VSMhsii2Q5gX3rZmpL3ieBE25a4vC7Covg8sB_N-UagFDjxTly62qXxAe31iAJlVahwOVzuYLajjbRJiZJ5jKQ2inyYKojPn33g_qnGnqvh7CToEF0qgQbWekb-edDKndzYaf1NKT1vyPyCGcd2X
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 12:59:27 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBWdmNkNFcxUm9oOGM1&google_gid=CAESEPZbFcrI_8et3SvfEzJ2PW0&google_cver=1&google_push=AXcoOmR3VSMhsii2Q5gX3rZmpL3ieBE25a4vC7Covg8sB_N-UagFDjxTly62qXxAe31iAJlVahwOVzuYLajjbRJiZJ5jKQ2inyYKojPn33g_qnGnqvh7CToEF0qgQbWekb-edDKndzYaf1NKT1vyPyCGcd2X
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame A5CD
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPu44LW5wtCDtijZrodgnc8&google_cver=1&google_push=AXcoOmTjEQDmut5hM5AA3hMk9CBp78NugmM0Kaasewoj7eZecv-mLhWSW69MbMQOFg_aWV8Oj2W3dtZHAEaaz6-m2LV1RrT2KKH2s...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPu44LW5wtCDtijZrodgnc8&google_cver=1&google_push=AXcoOmTjEQDmut5hM5AA3hMk9CBp78NugmM0Kaasewoj7eZecv-mLhWSW69MbMQOFg_aWV8Oj2W3dtZHAEaaz6-m2LV1RrT2KKH...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPu44LW5wtCDtijZrodgnc8&google_cver=1&google_push=AXcoOmTjEQDmut5hM5AA3hMk9CBp78NugmM0Kaasewoj7eZecv-mLhWSW69MbMQOFg_aWV8Oj2W3dtZHAEaaz6-m2LV1RrT2KKH2stEiGFoyIKCDKgzhTBv9GnnelCKELE7zI1ahDVSTF0_F3MGMukPW_tY9CQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTjEQDmut5hM5AA3hMk9CBp78NugmM0Kaasewoj7eZecv-mLhWSW69MbMQOFg_aWV8Oj2W3dtZHAEaaz6-m2LV1RrT2KKH2stEiGFoyIKCDKgzhTBv9GnnelCKELE7zI1ahDVSTF0_F3MGMukPW_tY9CQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
844593adc97a1e4b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
4706
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPu44LW5wtCDtijZrodgnc8&google_cver=1&google_push=AXcoOmTjEQDmut5hM5AA3hMk9CBp78NugmM0Kaasewoj7eZecv-mLhWSW69MbMQOFg_aWV8Oj2W3dtZHAEaaz6-m2LV1RrT2KKH2stEiGFoyIKCDKgzhTBv9GnnelCKELE7zI1ahDVSTF0_F3MGMukPW_tY9CQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTjEQDmut5hM5AA3hMk9CBp78NugmM0Kaasewoj7eZecv-mLhWSW69MbMQOFg_aWV8Oj2W3dtZHAEaaz6-m2LV1RrT2KKH2stEiGFoyIKCDKgzhTBv9GnnelCKELE7zI1ahDVSTF0_F3MGMukPW_tY9CQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
844593ac78231e4b-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A5CD
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELXAJ72iKuEhlIz3C8ZlsWM&google_cver=1&google_push=AXcoOmSD3aGUWcM7RYLwJ1hfcNRs22uPr-QI1iquANXmNUWKRznlEqPuuFmRAJNv8KB9ETwiC-h8p_mAITjJDSDUebq3rPjoycCy--...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F85D6F5E267046DCB3FC8462E3718080&google_push=AXcoOmSD3aGUWcM7RYLwJ1hfcNRs22uPr-QI1iquANXmNUWKRznlEqPuuFmRAJNv8KB9ETwiC-h8p_mAITjJDSD...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F85D6F5E267046DCB3FC8462E3718080&google_push=AXcoOmSD3aGUWcM7RYLwJ1hfcNRs22uPr-QI1iquANXmNUWKRznlEqPuuFmRAJNv8KB9ETwiC-h8p_mAITjJDSDUebq3rPjoycCy--bARD1Bo-Xvc0Jxi-xW-VO55IhprIhXI35P9PO5HTkjd_01UkzHwzE39Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F85D6F5E267046DCB3FC8462E3718080&google_push=AXcoOmSD3aGUWcM7RYLwJ1hfcNRs22uPr-QI1iquANXmNUWKRznlEqPuuFmRAJNv8KB9ETwiC-h8p_mAITjJDSDUebq3rPjoycCy--bARD1Bo-Xvc0Jxi-xW-VO55IhprIhXI35P9PO5HTkjd_01UkzHwzE39Q
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 11 Jan 2024 12:59:28 GMT
pixel
cm.g.doubleclick.net/ Frame A5CD
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJq6FEE8NI2zHKE2oFi-wqQ&google_cver=1&google_push=AXcoOmQMWrqtXKZGxr9AnXfBtLzOnAiJdgaZ4rcMTch_ElyjjdyPxh2j1_oPX4RH9SMbGT_YAc_fHSlmcLTwub5h...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Nauh5w1DRrwBLKwaZpocRw&google_push=AXcoOmQMWrqtXKZGxr9AnXfBtLzOnAiJdgaZ4rcMTch_ElyjjdyPxh2j1_oPX4RH9SMbGT_YAc_fHSlmcLTwub5hmw38RzCFIDUT-R8...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Nauh5w1DRrwBLKwaZpocRw&google_push=AXcoOmQMWrqtXKZGxr9AnXfBtLzOnAiJdgaZ4rcMTch_ElyjjdyPxh2j1_oPX4RH9SMbGT_YAc_fHSlmcLTwub5hmw38RzCFIDUT-R8-H-brNB1wfaXV8J4hv8rcxZthRq-bBQzgj4F3x17D_9vbuP1t0n1s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 12:59:28 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Nauh5w1DRrwBLKwaZpocRw&google_push=AXcoOmQMWrqtXKZGxr9AnXfBtLzOnAiJdgaZ4rcMTch_ElyjjdyPxh2j1_oPX4RH9SMbGT_YAc_fHSlmcLTwub5hmw38RzCFIDUT-R8-H-brNB1wfaXV8J4hv8rcxZthRq-bBQzgj4F3x17D_9vbuP1t0n1s
x-host
tde-deliveryengine-production-5db7bf8975-2mj6p
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame A5CD
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEDbgwmSWa0Pw1zCG3QXGx7c&google_cver=1&google_push=AXcoOmT3nIgN3nS8IKnW1IplCmlsR4IBYCwayhQRGukwOYbOGp10ecJSs7zRrQ3JL6...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT3nIgN3nS8IKnW1IplCmlsR4IBYCwayhQRGukwOYbOGp10ecJSs7zRrQ3JL6z6vmjMPZiH1b4FbahMTHnLggwHKCiklcs8ErDrQK1GiyA2OS...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT3nIgN3nS8IKnW1IplCmlsR4IBYCwayhQRGukwOYbOGp10ecJSs7zRrQ3JL6z6vmjMPZiH1b4FbahMTHnLggwHKCiklcs8ErDrQK1GiyA2OSSskJyZojXOPVrawumhmn330TSX98oAwzuk1RiPEOwWpw&google_hm=VED4ynP-TpqVhQlqtijOWIM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT3nIgN3nS8IKnW1IplCmlsR4IBYCwayhQRGukwOYbOGp10ecJSs7zRrQ3JL6z6vmjMPZiH1b4FbahMTHnLggwHKCiklcs8ErDrQK1GiyA2OSSskJyZojXOPVrawumhmn330TSX98oAwzuk1RiPEOwWpw&google_hm=VED4ynP-TpqVhQlqtijOWIM
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A5CD 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KraGjjD3pKUg3dF14-4DYSel1QC3yqKhq_I9U2FuOgUX4U6ei3i2wq7oxpQPOnoyn0JaKKuw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
api.gif
tags.denakop.com/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fnotisul.com.br%2F&t=1705064368023&cb=0.2530890769395051&aa=first
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
844593ac2dfd1d9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
tags.denakop.com/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fnotisul.com.br%2F&t=1705064368024&cb=0.8168241427739056&aa=scroll
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
844593ac2dfe1d9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
tags.denakop.com/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fnotisul.com.br%2F&t=1705064368024&cb=0.6361924647587478&aa=side
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
844593ac2dff1d9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
tags.denakop.com/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fnotisul.com.br%2F&t=1705064368025&cb=0.724110936093987&aa=under
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
844593ac2e001d9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		252 KB
74 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1563553113345751&correlator=2791172800411109&eid=31080258%2C31080285%2C31080299%2C31079239%2C31080240&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&iu_parts=21715141650%3A21711708409%2Cnotisul.com.br%2Cdesktop_first%2Cdesktop_scroll%2Cdesktop_side%2Cdesktop_under&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90%7C970x250%7C728x180%2C160x600%7C120x600%7C120x450%2C970x90%7C728x90&ifi=7&didk=665378805~3319048361~3814765226~2937193744&sfv=1-0-40&sc=1&cookie=ID%3Dbc7cc4b331b3ed60%3AT%3D1705064367%3ART%3D1705064367%3AS%3DALNI_MZGAoXRq5zowuAjQUjFVIJ-f4535A&gpic=UID%3D00000d3fd0fecc2f%3AT%3D1705064367%3ART%3D1705064367%3AS%3DALNI_MZC9iF46vxQLx1jUxyGx2borJRrmw&abxe=1&dt=1705064368040&lmt=1705064368&adxs=315%2C315%2C0%2C0&adys=217%2C1809%2C0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&tos=~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnotisul.com.br%2F&vis=1&psz=1600x-1%7C1600x-1%7C1600x5255%7C1600x5255&msz=1600x-1%7C1600x-1%7C160x-1%7C970x-1&fws=4%2C4%2C512%2C512&ohw=1600%2C1600%2C0%2C0&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=true&ga_cid=180935877.1705064366&dlt=1705064365552&idt=1295&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dnotisul%2Ccom%2Cbr%2Cnotisul.com.br%26pathname%3D%252F%26placement_name%3Dfirst%26ttLS%3Dna%26ttS%3Dna%26ttT%3Dna%26ttC%3Dna%26ttU%3Dna%26ttCA%3Dna%26ttE%3Dna%26ttA%3Dna%26ttG%3Dna%26secom%3D1%26tier%3D3%26amznbid%3D2%26amznp%3D2%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dnotisul%2Ccom%2Cbr%2Cnotisul.com.br%26pathname%3D%252F%26placement_name%3Dscroll%26ttLS%3Dna%26ttS%3Dna%26ttT%3Dna%26ttC%3Dna%26ttU%3Dna%26ttCA%3Dna%26ttE%3Dna%26ttA%3Dna%26ttG%3Dna%26secom%3D1%26tier%3D3%26amznbid%3D2%26amznp%3D2%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dnotisul%2Ccom%2Cbr%2Cnotisul.com.br%26pathname%3D%252F%26placement_name%3Dside%26ttLS%3Dna%26ttS%3Dna%26ttT%3Dna%26ttC%3Dna%26ttU%3Dna%26ttCA%3Dna%26ttE%3Dna%26ttA%3Dna%26ttG%3Dna%26secom%3D1%26tier%3D3%26amznbid%3D2%26amznp%3D2%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dnotisul%2Ccom%2Cbr%2Cnotisul.com.br%26pathname%3D%252F%26placement_name%3Dunder%26ttLS%3Dna%26ttS%3Dna%26ttT%3Dna%26ttC%3Dna%26ttU%3Dna%26ttCA%3Dna%26ttE%3Dna%26ttA%3Dna%26ttG%3Dna%26secom%3D1%26tier%3D3%26amznbid%3D2%26amznp%3D2&adks=794144146%2C1984888843%2C3007838385%2C3817416296&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbeafbc4f6a75778d3e9a0b1c1fce5b05a68da8e8252d8b6056fb6304b8fcd4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75284
x-xss-protection
0
google-lineitem-id
-1,-2,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 312D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:28 GMT
expires
Sat, 11 Jan 2025 12:59:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 8845 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 11:26:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 12:59:28 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8845 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:02:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
14223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:02:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 8845 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
12489
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:31:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8845 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:16:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
63759
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:16:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8845 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67595
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:12:53 GMT
l
www.google.com/ads/measurement/ Frame 8845 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaShahQwWeXY50L78MtW-XeNtn4_t-QtezcbrZW0vePSIKerJFXjbj_jYEGsaA5Bs2YVy3mAj8XP0RBAngIIxZxuJIjk8w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8845 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 12:59:28 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 8845 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 22:18:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 08 Apr 2024 08:48:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8DCA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:16:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
63759
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:16:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8DCA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67595
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:12:53 GMT
l
www.google.com/ads/measurement/ Frame 8DCA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaStphyQFxw8Dm94Yc5pLtCSGf8MzBb6adRczndJrR01ht-0iQq-xAFbl4qkTypfpZwZ24-gesYVgrcH9I8YSnZYsrc63Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8DCA 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 12:59:28 GMT
api.gif
tags.denakop.com/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=e&p=https%3A%2F%2Fnotisul.com.br%2F&t=1705064368099&cb=0.29678952845108997&aa=intext&m=Auto%20placement%20container%20not%20found
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
844593acae731d9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/6724269009167282427/ Frame 84C0 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6724269009167282427/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c040139855d5ba23bef8ebcaff03801f1bfe54f439436e4ac59ec0e28e9af843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 12:41:23 GMT
date
Tue, 09 Jan 2024 12:41:23 GMT
x-content-type-options
nosniff
age
260285
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145455
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 10:15:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/356146372138964758/ Frame 84C0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/356146372138964758/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3e1c8c0bf59721959106ea234a8097a8bbd1c373d3e3c94ed40fd732bdbefc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 09:33:43 GMT
date
Fri, 12 Jan 2024 09:33:43 GMT
x-content-type-options
nosniff
age
12345
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2301
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 09:26:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
1680325555679650803
tpc.googlesyndication.com/simgad/ Frame 8845 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1680325555679650803?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dcaccfc57c5150856d89e4ab4ebb819b2adcd2b54e3cc9eaae007480d6e2315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 10:31:23 GMT
date
Fri, 12 Jan 2024 10:31:23 GMT
x-content-type-options
nosniff
age
8885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31016
x-xss-protection
0
last-modified
Mon, 15 Jun 2020 08:34:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 8845 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8845 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 84C0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
12489
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:31:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 84C0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:16:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
63759
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:16:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 96BE 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 19:20:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 84C0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67595
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:12:53 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 84C0 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 12:59:28 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 84C0 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 22:18:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 08 Apr 2024 08:48:22 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame CBC5 		176 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cd6589d30a0a5c61e1fe1467aa8a7e3447238d453a9c2ad40aba7f99d57cda0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:27 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rA2H6clBJe0fNkAW5IOMSnPxQPiECkAM-GAlSYMjrkA-PZSHdl8bVZbPmo2cMFwFRB1wPmMMEfdOuosed58N6fEUJd7lpqQqkwfF7i47SSzdqYmfTV30nCOFTZXHb2E6zCbJU8vNxzvGeHjkCgUGsIHHBzIDhR4Rd-Gqz2Hx_Np40WAQKzL_IONQgw_V1e4KfDOAEVP_VZgnto_GgmMHXhPsp-NuK9BYRGeUKN4Gg77c2X2offjT6ZH8qdCuHlLvPrM2vA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
74124265
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 128F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 19:20:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.612.0_en.html
imasdk.googleapis.com/js/core/ Frame 4B24 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.612.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b64c80b04cff2dc73a2bd8e0eae63e60e4c0168cb01f431f5031edeec71a2fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
313394
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246171
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 21:56:14 GMT
expires
Tue, 07 Jan 2025 21:56:14 GMT
last-modified
Mon, 08 Jan 2024 21:53:53 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
getuid
rtb.avantisvideo.com/api/v1/usersync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.67.132 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-67-132.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://notisul.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://notisul.com.br
access-control-max-age
86400
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Fri, 12 Jan 2024 12:59:28 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 12:59:28 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5B94 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:48:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 12 Jan 2024 13:48:21 GMT
getuid
rtb.avantisvideo.com/api/v1/usersync/ 		57 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.67.132 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-67-132.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7f6f67be713445e6488dcea2848b75732e6ebf6992ebc2a25ada7b0747eb8ab8
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
57
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notisul.com.br
x-download-options
noopen
access-control-allow-credentials
true
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AAB0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 19:20:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
events.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.30.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-30-234.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame CBC5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 06 Jan 2025 12:59:28 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame CBC5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 06 Jan 2025 12:59:28 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame CBC5 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 06 Jan 2025 12:59:28 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame CBC5 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 06 Jan 2025 12:59:28 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame CBC5 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=cD8nuN6CE6D-1zVCyUDLT1rTLHT-uRlJgC6-tGGvqZMtbLmA5exTzeLaqCbQrP5pTSOq6wtnFyKADrvDIyEhC8dU8EYyDY-XYDWRhLRNY3fy6lkV26DLxNvvMUgxTouF5O7Pn0hltCnWmZirFSqNAiRVU-D06pSR4z_Zv8RsJp3dejR0H8gaYdrB59yQMe_9wtGf1oCANm7MD8SYrhkREa2FIbcbxzqJBXX8CIoprKKkpb7nDi3eAN7tfFFT3IeGnjkfWS7NI3KCl1hCGgRSIRNiBh4e1sxfFOARfmwUyOkA0yW9psZjUibAGamQbTP2ewSo3wlY1-QUSBh2MZ8JlNOzOVdjWa9bkJO-wDfs98KZT6Z2yvL0420zkGj2W9UMeRvoK55oZXQRk2HfpOOtplKoQSkGW6UCACJlL3jma-THaHRv
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1827828
expires
Mon, 26 Jul 1997 05:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 34BA 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 00:19:37 GMT
x-content-type-options
nosniff
age
304791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 00:19:37 GMT
truncated
/ Frame 8DCA 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e912234bd72a615c013733b4d25d31ff0150e83c1fb186e17cb402112a04886b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 96BE
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFQUP6hho6b3CVNaGLz8JTE&google_cver=1&google_push=AXcoOmQxWJ3mnNw1fYG3XqoLGPObVETvujZt01oqmNInemwkZHU3il9KTX...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQxWJ3mnNw1fYG3XqoLGPObVETvujZt01oqmNInemwkZHU3il9KTXJBNFh9WyNsim7skYaRy-jflTHE09XuF3YWaQuGEwKa0DSOk3IN-_UJUigXxGA7Hsi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQxWJ3mnNw1fYG3XqoLGPObVETvujZt01oqmNInemwkZHU3il9KTXJBNFh9WyNsim7skYaRy-jflTHE09XuF3YWaQuGEwKa0DSOk3IN-_UJUigXxGA7HsiCLO_-V2R2FzPQlxHKnfOOx6e_Mw2vEVIOpg&google_hm=iHwdt87rtVjAwoIN1JW_yw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQxWJ3mnNw1fYG3XqoLGPObVETvujZt01oqmNInemwkZHU3il9KTXJBNFh9WyNsim7skYaRy-jflTHE09XuF3YWaQuGEwKa0DSOk3IN-_UJUigXxGA7HsiCLO_-V2R2FzPQlxHKnfOOx6e_Mw2vEVIOpg&google_hm=iHwdt87rtVjAwoIN1JW_yw
pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 96BE 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELbOlNxXkLYJIHMhB7DBH9E&google_cver=1&google_push=AXcoOmQfWfxH0WoEgMnnccOZM82z01LYQP0AFXEbhf_3_bdE-K2blu1SH2VMPqxW4PIXq8C_OoMRiuM4vmfK0H01lYnlPWFd28bkOW0QmWAzzTM22VwdxoQw4qW-Wbz3HUxcZSXlnuiQcRtKAGfxTCEBp6DghQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
a.tribalfusion.com/ Frame 96BE 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEKsfrx4F2_Cud1lCH12_PsQ&google_cver=1&google_push=AXcoOmSgKKve-oofXEXsNuV2TnBW5zjHmODUSiqZPCWEqt12avRsqoyH3BlLVWw8c8KUPOsxIyIN4v-Iuf5lPtu0WIMplY9bNOio658l8THizId153Z9kKuh81QVCwXHAAyMc3RmL_KGGyC2Nda4xtufVMhajA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSgKKve-oofXEXsNuV2TnBW5zjHmODUSiqZPCWEqt12avRsqoyH3BlLVWw8c8KUPOsxIyIN4v-Iuf5lPtu0WIMplY9bNOio658l8THizId153Z9kKuh81QVCwXHAAyMc3RmL_KGGyC2Nda4xtufVMhajA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
844593aefabe1e4b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 96BE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG2pmRI3dOqOafSfwPI3Ce0&google_push=AXcoOmTo1npKQ8Mh6adOHeWq1wCtwqhYsGwPKn14__CWhcr2EAbepGi8By...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG2pmRI3dOqOafSfwPI3Ce0&google_push=AXcoOmTo1npKQ8Mh6adOHeWq1wCtwqhYsGwPKn14__CWhcr2EAbepGi8Byl2hmTLb05KoemgyNAiPrb2ZUafaS3vrA90_AFzBYulEskNqVElFbL6BxK3ukgy83v2RxmQ70GxxecCb22gZRbTXzJuCQy_90K0_g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230123-FRA
pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705064369.507644,VS0,VE96
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG2pmRI3dOqOafSfwPI3Ce0&google_push=AXcoOmTo1npKQ8Mh6adOHeWq1wCtwqhYsGwPKn14__CWhcr2EAbepGi8Byl2hmTLb05KoemgyNAiPrb2ZUafaS3vrA90_AFzBYulEskNqVElFbL6BxK3ukgy83v2RxmQ70GxxecCb22gZRbTXzJuCQy_90K0_g
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 96BE
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMru2ryThqyrGhR0Y298TSo&google_cver=1&google_push=AXcoOmRQjd9J6wLLE3bgaUrPj3jkmM3R9HA7p1HUHKWIjsghEYjuHuJtk6PibQ45n_O_jScBqdUtZHCdMAeCeTgDEoS-k67d5pUBtI...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F85D6F5E267046DCB3FC8462E3718080&google_push=AXcoOmRQjd9J6wLLE3bgaUrPj3jkmM3R9HA7p1HUHKWIjsghEYjuHuJtk6PibQ45n_O_jScBqdUtZHCdMAeCeTg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F85D6F5E267046DCB3FC8462E3718080&google_push=AXcoOmRQjd9J6wLLE3bgaUrPj3jkmM3R9HA7p1HUHKWIjsghEYjuHuJtk6PibQ45n_O_jScBqdUtZHCdMAeCeTgDEoS-k67d5pUBtInT54KU2h9sEYvCk0-xZZfHHXjCs3GWbJ-mD-6CFOcCL94qaU0lZN7K
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F85D6F5E267046DCB3FC8462E3718080&google_push=AXcoOmRQjd9J6wLLE3bgaUrPj3jkmM3R9HA7p1HUHKWIjsghEYjuHuJtk6PibQ45n_O_jScBqdUtZHCdMAeCeTgDEoS-k67d5pUBtInT54KU2h9sEYvCk0-xZZfHHXjCs3GWbJ-mD-6CFOcCL94qaU0lZN7K
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 11 Jan 2024 12:59:28 GMT
google
match.adsrvr.org/track/cmf/ Frame 96BE 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEK8dIfg7sMFZdKdPrXA7Cw0&google_cver=1&google_push=AXcoOmSyuCDm6Z2VWDD0mulTt0Qk7Mi7MNBP_A_5oSyHsDllNnpF6GOAIhyELHgbE45jrF0kth3nSBhWvetz9FFVfUmrvOkC5ATHaKxxy_GNu-UHy0XDBv3yD-KwlC11B8vWKIvyc6KpUS7OGYdgnAT9-2EUBA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 96BE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEVUm7Uqa-bNbOCdK0t-eq0&google_cver=1&google_push=AXcoOmTQa386B7M0XtftYMox2guf1FQZqzxtLIK7lPa8BF4YEVnPWAEwt46schPoBychx3lyKtPXn2KnYroVWbPSMxr4Nhx...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTQa386B7M0XtftYMox2guf1FQZqzxtLIK7lPa8BF4YEVnPWAEwt46schPoBychx3lyKtPXn2KnYroVWbPSMxr4NhxOdLZ8P0zImiF_xdr0LEUM38Ym7IARrtz_wVRso...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTQa386B7M0XtftYMox2guf1FQZqzxtLIK7lPa8BF4YEVnPWAEwt46schPoBychx3lyKtPXn2KnYroVWbPSMxr4NhxOdLZ8P0zImiF_xdr0LEUM38Ym7IARrtz_wVRso9JYEul3Uj8YB6pLEVtXzZwMQQ&google_hm=eS1ZSTFtMUJoRTJwRXNMWWFtaFBIZWUwV3RTYjhQVy43T35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTQa386B7M0XtftYMox2guf1FQZqzxtLIK7lPa8BF4YEVnPWAEwt46schPoBychx3lyKtPXn2KnYroVWbPSMxr4NhxOdLZ8P0zImiF_xdr0LEUM38Ym7IARrtz_wVRso9JYEul3Uj8YB6pLEVtXzZwMQQ&google_hm=eS1ZSTFtMUJoRTJwRXNMWWFtaFBIZWUwV3RTYjhQVy43T35B
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 96BE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LfB6CPGSSob98kWACrRp3qdQrZQVdQ-FGjdkYKHiOe1fMe6snC8q4_MPknGtW-ttgETnu3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 128F
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPC3csZZoL_2Zd9vtjUERIM&google_cver=1&google_push=AXcoOmQODLs2nQMHIxokB57MJP5d_R1W4_-79UtYB_WvZyucFqYN5jwtoF...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQODLs2nQMHIxokB57MJP5d_R1W4_-79UtYB_WvZyucFqYN5jwtoFXmO8yeWaAED7rbubwO_HLFNc0UHYuDaFe51exCCY0yMx2dnJUgnl2KwmDsGHYejW6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQODLs2nQMHIxokB57MJP5d_R1W4_-79UtYB_WvZyucFqYN5jwtoFXmO8yeWaAED7rbubwO_HLFNc0UHYuDaFe51exCCY0yMx2dnJUgnl2KwmDsGHYejW6QCxoWLIAsmzHBPZYdMSkSBXbVEqt6HOM&google_hm=iHwdt87rtVjAwoIN1JW_yw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQODLs2nQMHIxokB57MJP5d_R1W4_-79UtYB_WvZyucFqYN5jwtoFXmO8yeWaAED7rbubwO_HLFNc0UHYuDaFe51exCCY0yMx2dnJUgnl2KwmDsGHYejW6QCxoWLIAsmzHBPZYdMSkSBXbVEqt6HOM&google_hm=iHwdt87rtVjAwoIN1JW_yw
pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 128F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOiroPfelLZJHsOx6ueyChM&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBWdmNkNFcxUm9oOGM1&google_gid=CAESEOiroPfelLZJHsOx6ueyChM&google_cver=1&google_push=AXcoOmQdKiadurshf8OyXSsPntNeZ6-lVDu4mZO7PMjCoVX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBWdmNkNFcxUm9oOGM1&google_gid=CAESEOiroPfelLZJHsOx6ueyChM&google_cver=1&google_push=AXcoOmQdKiadurshf8OyXSsPntNeZ6-lVDu4mZO7PMjCoVXoNtH5aW23nXijwoqmDI2SA1Uw49jgVbO4pVyP9koyer5oRW4ZeZO6My9y2diFKi0m-xeHbADTkLWS4nQ19VjRHv2Fquazlk6Q5ArzjwweyVqt
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 12:59:27 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBWdmNkNFcxUm9oOGM1&google_gid=CAESEOiroPfelLZJHsOx6ueyChM&google_cver=1&google_push=AXcoOmQdKiadurshf8OyXSsPntNeZ6-lVDu4mZO7PMjCoVXoNtH5aW23nXijwoqmDI2SA1Uw49jgVbO4pVyP9koyer5oRW4ZeZO6My9y2diFKi0m-xeHbADTkLWS4nQ19VjRHv2Fquazlk6Q5ArzjwweyVqt
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 128F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPM8mcGdTJMbFORi5J1D81A&google_push=AXcoOmShJM04TkSv1EPvb8REQbOgh2SJDieleOEx9VyiJaNipkrHDUaAhD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPM8mcGdTJMbFORi5J1D81A&google_push=AXcoOmShJM04TkSv1EPvb8REQbOgh2SJDieleOEx9VyiJaNipkrHDUaAhDbyJUX_yxWVDZO4eNJYGYMgxSof0hLireY_XQeo-yOkEXSwPTMqmG006j7R7f4e2uU8VoUns-0GFmsQun_vvcZRF-wsYwVZu4q1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230123-FRA
pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705064369.507670,VS0,VE94
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPM8mcGdTJMbFORi5J1D81A&google_push=AXcoOmShJM04TkSv1EPvb8REQbOgh2SJDieleOEx9VyiJaNipkrHDUaAhDbyJUX_yxWVDZO4eNJYGYMgxSof0hLireY_XQeo-yOkEXSwPTMqmG006j7R7f4e2uU8VoUns-0GFmsQun_vvcZRF-wsYwVZu4q1
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 128F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESENH0_uz70K_R2Nrb-AizLR8&google_cver=1&google_push=AXcoOmQk8-SXkpm7obOZci7R4CKVGbJeL_Sqq99i_B82i5J-R3wMoqGkYqnwpH56nFO5xI20XtA5X0V-TdlOU4a8_kFIpBQ9uiDnl3...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F85D6F5E267046DCB3FC8462E3718080&google_push=AXcoOmQk8-SXkpm7obOZci7R4CKVGbJeL_Sqq99i_B82i5J-R3wMoqGkYqnwpH56nFO5xI20XtA5X0V-TdlOU4a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F85D6F5E267046DCB3FC8462E3718080&google_push=AXcoOmQk8-SXkpm7obOZci7R4CKVGbJeL_Sqq99i_B82i5J-R3wMoqGkYqnwpH56nFO5xI20XtA5X0V-TdlOU4a8_kFIpBQ9uiDnl3FHMlNXQsdQFAJpzzLk1SpUXlPSmFj4O_FbDiJAeh-O_WpyJY7fmNtvig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F85D6F5E267046DCB3FC8462E3718080&google_push=AXcoOmQk8-SXkpm7obOZci7R4CKVGbJeL_Sqq99i_B82i5J-R3wMoqGkYqnwpH56nFO5xI20XtA5X0V-TdlOU4a8_kFIpBQ9uiDnl3FHMlNXQsdQFAJpzzLk1SpUXlPSmFj4O_FbDiJAeh-O_WpyJY7fmNtvig
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 11 Jan 2024 12:59:28 GMT
sync
x.bidswitch.net/ Frame 128F 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAyXNGpe0FNIHPAWpInyBzA&google_cver=1&google_push=AXcoOmRMpPpDA9xdzv-iA68cionyzs6GrqvkMmAoL_71fpSFv4IVlsWHhVSXjTszmaPs0t1hNQWR7JZNHZdZbLXE2-LH4_085l69pUGZn9wnRfkhxUCDUROdRfjhU8ZSU5CntfJ9ozCQiykzujJrR8Ape440gQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.61.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-61-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 128F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKIQ5HYkB_AvDMCpQjzGUOw&google_cver=1&google_push=AXcoOmSLrSRFwR1Dp7v1WER479vOElJgmDV_RJAiY_KAM0qKqh42CqOeaa-VyObfIEnJiWSLn-sUH0_W81-6vN6jAlT1Ke9...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSLrSRFwR1Dp7v1WER479vOElJgmDV_RJAiY_KAM0qKqh42CqOeaa-VyObfIEnJiWSLn-sUH0_W81-6vN6jAlT1Ke9t-HI6KhjUpsrcfgWnYhyCSlbrII6H6coknLKAe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSLrSRFwR1Dp7v1WER479vOElJgmDV_RJAiY_KAM0qKqh42CqOeaa-VyObfIEnJiWSLn-sUH0_W81-6vN6jAlT1Ke9t-HI6KhjUpsrcfgWnYhyCSlbrII6H6coknLKAeesU3uvLFfBWON6wDo8vOKdjGA&google_hm=eS16RnY4cVl0RTJwSFpINTcuZ1BoNjZyWUNnN2hlcnRfdH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSLrSRFwR1Dp7v1WER479vOElJgmDV_RJAiY_KAM0qKqh42CqOeaa-VyObfIEnJiWSLn-sUH0_W81-6vN6jAlT1Ke9t-HI6KhjUpsrcfgWnYhyCSlbrII6H6coknLKAeesU3uvLFfBWON6wDo8vOKdjGA&google_hm=eS16RnY4cVl0RTJwSFpINTcuZ1BoNjZyWUNnN2hlcnRfdH5B
content-length
0
report
sync.teads.tv/um/ Frame 128F
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKQ1R8h0qG3_...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQK3oRe8kKaw2QbSdbnNUYtKufih6ZS2T3hQqzb790pDKiQWdlydeVZYzIffWuGa8F_dmvxCabaM69M9PfNKxkI0zhP-4PDmBnU1aDb2o7tz8vcD...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 12 Jan 2024 12:59:28 GMT
pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 128F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JPCp66WTFHjzAkgOJhs3eJpD1ef5BOwMVNqhOSHrG7RiT-TIlRh_fpRrEMkpKn_J4QfQiG1w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
__tt.gif
t.tailtarget.com/ 		43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-11382-4&tE=0&tF=&tI=_volkach_bavaria_de_1705064367790_2997014915&tJ=&tU=0100007FAF37A165F3065F760235B311&tX=b.52&tY=1&tZ=26458084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=1563553113345751&bg=!OzilOHfNAAaumcC-jpk7ADQBe5WfOFf0Opk9pW9aML4YsS0AO_8I_n6dqyE0JKk2iDQvvs6VclDk5LSs1GaJhP3hFo7FAgAAAHpSAAAAAmgBBwoAUHOiNLo_JwMXs5Oc1BJpG9549MAksNs6oN0V9kdtKXiMAsqNcaA5p1Eb6yfALKOilBRagj8qVgt7GFtLdZjoeAB9qRGY66px9hdsqOeC1709mQLHlJhRJL6v_nyOMtTMpKzSf1IgFoZDTrudmKE1JEcZ8HIY3Gy0vmOO5bTN5flmuVQJeW76h2i1aUJ5DkvnLUWKBVjxJZoD6sPqkPj98d6ZvA_rTLkj-hzqVoBiYpYKZzvzWalL23MErBeSAREcKwWi8MPx9kU5U_iAKWF5Wmny47XImf52NTcwNM3Izg5C-AwZkAJsq6BW8MFBWxG_63cM2xmsYB_Y9zI5LRSH0x4oFXpodpcVvMNIXzwFoA7L_0yHzqwRKpgROCW0Tz_ISijq5BulU7TFqWMegzpBOVzcoe1cX8b2At76WNww5DunMyky3H-trkufxUdWXkJlaIQW72jAvJGaHAWr5j3knpBvMm0rj5hpJ1XXWt5MFWvma2ndwGpj-DTEgtvnkvyZ24LYX0MRH7S-OO1H_xqbAAEPw6VmtcHB_P_imfeJzZZV3WScuuk_S198pB2sPY9LbxUaxud8PLz3cVH_t_-oBeGZovdScJnairIR8rke78S1r6rXA6tZq3u7VS0t90vlH-1SmTlYqxIhsvGU8Xep-Y4wN1VKhaJbwzw_6c2RtJT4IpHJhfj2l873x7i0y8bxv2O48ChPRswAmKUUdyei76E_vpMTjSwqsqZz6oq4MKDYhDah0PdoGqhN-NEg4DqT5KLX3cbROizu8Hm8JewfcAXy9ZqV8J9Ju-Zp7RvAyxL5nPCRF1PTf8E2idEtd_045YjAu6rJIfZY6Ei7-omDssihReTMOygDBytIFAOaizVInA8bJuYLjOhri9vUCGCS7CAYDYPWOWsjVYIZFyuPfCeyya5ZayDBysT6j_nEgLRY1Yvnq14QZSbovFT5FfrrCW9CxngNQB-TaOCxG1LzG20_V_CskZvPL0Cap5BuqujE0wrM-A-Qh1jBq_x1dm6liLDR4iBdlLQFvn5lStTe5RgjMPxpMCJvgQu-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
truncated
/ Frame 8845 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25e96339d8d712ab7b1cd04cb49e22929bd6bfdee34044f3d28d92a9226ed7f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame CBC5 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 06 Jan 2025 12:59:28 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 34BA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CukXprzehZdrRHZ_w998PuLeXmA-i5IiQdcuKq9i2EWQQASDJ4-kDYJWCoIKwB6AB-OD0-gPIAQmpAh9uiy0rZrI-qAMByAPLBKoE_QFP0EKgA5woZ2VOTe4AfSsTv3rUCHBj9hD0OFet5Oq...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216997795289932490347%22,%22debug_reporting%22:true,%22destination%22:%22https://wago.com%22,%22event_report_window%22:%222...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216997795289932490347%22,%22debug_reporting%22:true,%22destination%22:%22https://wago.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221063071864%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227401980815078904497%22}&andc=true
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"16997795289932490347","debug_reporting":true,"destination":"https://wago.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1063071864"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"7401980815078904497"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 Jan 2024 12:59:28 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16997795289932490347","debug_reporting":true,"destination":"https://wago.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1063071864"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"7401980815078904497"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AAB0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEzIcylj9IAAb_1zsHWGeJQ&google_cver=1&google_push=AXcoOmQtIlSMdOF-ADRxURkmmybA6N2L0NxKztOlGrClM-8ygHxbjXLtl8RLtTjU8E1G7bnbn0fSzw_bsfRa7_RFzYVYmt5yNTzvn...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg0NzcxOTk1OTUyNjIzMzc5Ng==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIgQqXGE4SeYHg8gtFkLrcU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIgQqXGE4SeYHg8gtFkLrcU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIgQqXGE4SeYHg8gtFkLrcU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AAB0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJyae6JU2RE51ffQEkhBlck&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBWdmNkNFcxUm9oOGM1&google_gid=CAESEJyae6JU2RE51ffQEkhBlck&google_cver=1&google_push=AXcoOmROnUX5m_8AcDa4IqPqACbWpRNk2ebLtUJ76zTJsSf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBWdmNkNFcxUm9oOGM1&google_gid=CAESEJyae6JU2RE51ffQEkhBlck&google_cver=1&google_push=AXcoOmROnUX5m_8AcDa4IqPqACbWpRNk2ebLtUJ76zTJsSf6vdvJYGkPhxLtD6xAvHoOS4XzX0yHmVGxI-jqaxUHobK1g7eGsTJW0U3Vf714QVHQJqqDcaB8NQ7TsBlFQroC_2TU8RhAwjNV_0-fBwV-yNW0bOk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 12:59:27 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnBWdmNkNFcxUm9oOGM1&google_gid=CAESEJyae6JU2RE51ffQEkhBlck&google_cver=1&google_push=AXcoOmROnUX5m_8AcDa4IqPqACbWpRNk2ebLtUJ76zTJsSf6vdvJYGkPhxLtD6xAvHoOS4XzX0yHmVGxI-jqaxUHobK1g7eGsTJW0U3Vf714QVHQJqqDcaB8NQ7TsBlFQroC_2TU8RhAwjNV_0-fBwV-yNW0bOk
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame AAB0 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDxNhUBOfeVllcDGg7JUXK4&google_cver=1&google_push=AXcoOmQzo46k9u22H5R9oERxcnruz4IkG187mp6lD-RVLLJALH82BL2YAvB2nIOMxkKd8dIcuJn6bu9l7k_gtYEvCJIVvPc7ReMZthcQfr0pSs-GIkSJhmrxxOIFi4v-SBbOA8MeCWmictTrgYd5daRDrjWZ6g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.61.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-61-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame AAB0
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMhPrm4IR3g4iNp-1BH2px8&google_cver=1&google_push=AXcoOmRPZhRrMmOGUtwaylQ1xTqbCPuUE3mbB3geFonan8nLbZgFZvCbawI06JHPvmPHMl5-mbqdEhY73h_ymcRAhrIbTCy...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRPZhRrMmOGUtwaylQ1xTqbCPuUE3mbB3geFonan8nLbZgFZvCbawI06JHPvmPHMl5-mbqdEhY73h_ymcRAhrIbTCyoI3f1lNigVnzUTOk2C_bXF_l4Drsqe6UruwCYR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRPZhRrMmOGUtwaylQ1xTqbCPuUE3mbB3geFonan8nLbZgFZvCbawI06JHPvmPHMl5-mbqdEhY73h_ymcRAhrIbTCyoI3f1lNigVnzUTOk2C_bXF_l4Drsqe6UruwCYRbkc2meTT3NHVG6M075Yeoh-AxM&google_hm=eS1RcGlKaGtoRTJwRmhNRE9kaFdoUjE1LlZDVkFaWmFOTn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRPZhRrMmOGUtwaylQ1xTqbCPuUE3mbB3geFonan8nLbZgFZvCbawI06JHPvmPHMl5-mbqdEhY73h_ymcRAhrIbTCyoI3f1lNigVnzUTOk2C_bXF_l4Drsqe6UruwCYRbkc2meTT3NHVG6M075Yeoh-AxM&google_hm=eS1RcGlKaGtoRTJwRmhNRE9kaFdoUjE1LlZDVkFaWmFOTn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame AAB0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAAqzsqHaOid1E40wr4K1Ww&google_cver=1&google_push=AXcoOmTNTvF2ikwV6O71_ExFKM8q4Frrm79_9iqdsp6hG5ruDvszLVX3lAlKDP6lpuMI1fNVBE1nvwIF...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAAqzsqHaOid1E40wr4K1Ww&google_cver=1&google_push=AXcoOmTNTvF2ikwV6O71_ExFKM8q4Frrm79_9iqdsp6hG5ruDvszLVX3lAlKDP6lpuMI1fNVBE1...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4ODI1MDY0MzUyODk1NzMwNQ&google_push=AXcoOmTNTvF2ikwV6O71_ExFKM8q4Frrm79_9iqdsp6hG5ruDvszLVX3lAlKDP6lpuMI1fNVBE1nvw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4ODI1MDY0MzUyODk1NzMwNQ&google_push=AXcoOmTNTvF2ikwV6O71_ExFKM8q4Frrm79_9iqdsp6hG5ruDvszLVX3lAlKDP6lpuMI1fNVBE1nvwIFyZF9T0JRZD2i6RuUgNBplMmNrh_4jnptJON2DDLuh1246Ceh7R9M-1zOGADrvYxWOJPu6SAKJqX2Xg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4ODI1MDY0MzUyODk1NzMwNQ&google_push=AXcoOmTNTvF2ikwV6O71_ExFKM8q4Frrm79_9iqdsp6hG5ruDvszLVX3lAlKDP6lpuMI1fNVBE1nvwIFyZF9T0JRZD2i6RuUgNBplMmNrh_4jnptJON2DDLuh1246Ceh7R9M-1zOGADrvYxWOJPu6SAKJqX2Xg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync.aspx
dis.criteo.com/dis/ Frame AAB0 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRtg1A7NmFZiul_G4PMXoIY8vh5P3HHNkG18Ybo0YbrITMDg73Bew_lObJudwhqgJLTwngw-zOscgQbJuUHaPgHSy2vKoLYvZzVD5QcITN6BdLKAvW7WF72yOBJCZQ3V9vk_20_5fgSlEp62vFWHXpjWXc&google_gid=CAESEN2b_1FJntN3Vz5He4gtzeI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
362281
expires
Fri, 12 Jan 2024 00:00:00 GMT
report
sync.teads.tv/um/ Frame AAB0
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEI5OKU6VAhLl...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS-JyyshFmCAIID-iO5Tg1Y6rQQ0VTPkKOjIHxJq8MdCCz51b6d0eoGyIxxtgVAsViQFrZH_2fqZ9WWsAMLAoxoNK13O0Q7oDiZz-qJ1ygIEoHmn...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 12 Jan 2024 12:59:28 GMT
pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame AAB0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ly76IeivfBc9iIiB44Nedk_Ok0JyzjTvu7dZXqia-v-hbzF8bV9xOIxtPBra59_Lh3o61EHQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
img
imageproxy.eu.criteo.net/img/ Frame CBC5 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=528&rid=4&s=ivw_bvHA_3V0TvjH4yeRBukD
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
55005
expires
Fri, 06 Dec 2024 08:34:40 GMT
img
imageproxy.eu.criteo.net/img/ Frame CBC5 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=QvWAiJw45SA2Nxl5GvGoazQu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20960
expires
Fri, 02 Feb 2024 13:03:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame CBC5 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=P5mhH5gFjmG1_jQYQfekpmb0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10070
expires
Fri, 02 Feb 2024 12:26:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame CBC5 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=800&rid=4&s=6GZ-z3UnPHH7JWpJ_vUFM29H&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14338
expires
Sat, 03 Feb 2024 04:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame CBC5 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=800&rid=4&s=nK4TKOFBzfHIIkA2nAKvp5i6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
15494
expires
Sat, 03 Feb 2024 04:35:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame CBC5 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F7957_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=H3vTFG2Mu-TORbyXV24T3QLl&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ade73d875348d5e8ce1cb2a9f5e022f195a1d6ffefd7ce9ff9234104e87b6002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14118
expires
Tue, 06 Feb 2024 10:15:42 GMT
img
imageproxy.eu.criteo.net/img/ Frame CBC5 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=800&rid=4&s=roh5iC6wcuNgIZlqL0AhDz-j&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
22540
expires
Sat, 03 Feb 2024 04:28:09 GMT
all
csm.eu.criteo.net/ Frame CBC5 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=rA2H6clBJe0fNkAW5IOMSnPxQPiECkAM-GAlSYMjrkA-PZSHdl8bVZbPmo2cMFwFRB1wPmMMEfdOuosed58N6fEUJd7lpqQqkwfF7i47SSzdqYmfTV30nCOFTZXHb2E6zCbJU8vNxzvGeHjkCgUGsIHHBzIDhR4Rd-Gqz2Hx_Np40WAQKzL_IONQgw_V1e4KfDOAEVP_VZgnto_GgmMHXhPsp-NuK9BYRGeUKN4Gg77c2X2offjT6ZH8qdCuHlLvPrM2vA&sds=2&rev=90134&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 12 Jan 2024 12:59:27 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CBC5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 06 Jan 2025 12:59:28 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame CBC5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 06 Jan 2025 12:59:28 GMT
Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
pagead2.googlesyndication.com/bg/ Frame 3407 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4265146702&pi=t.aa~a.1062062165~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=2&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:44:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
274478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19690
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:44:50 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216997795289932490347%22,%22debug_reporting%22:true,%22destination%22:%22https://wago.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221063071864%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227401980815078904497%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 12:59:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8845 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 00:19:37 GMT
x-content-type-options
nosniff
age
304791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 00:19:37 GMT
truncated
/ Frame 84C0 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c0c4f5728ca6bd60259bdc6a6e192bd2a3ce4c9b2b17174ad10368bd77a5e96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
ads
pubads.g.doubleclick.net/gampad/ Frame 4B24 		156 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1824175421687993&iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&cust_params=avpp%3D2%26avtest%3D645b490f-24f2-429d-a04c-d266868eea7c_3&vpa=auto&sdkv=h.3.612.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=3356658098&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.612.0&sid=5D6B2038-9B90-4A5F-8252-22FA40BC62C5&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44804291%2C44809548&url=https%3A%2F%2Fnotisul.com.br%2F&top=https%3A%2F%2Fnotisul.com.br%2F&loc=https%3A%2F%2Fnotisul.com.br%2F&dt=1705064368696&cookie=ID%3Dbc7cc4b331b3ed60%3AT%3D1705064367%3ART%3D1705064367%3AS%3DALNI_MZGAoXRq5zowuAjQUjFVIJ-f4535A&gpic=UID%3D00000d3fd0fecc2f%3AT%3D1705064367%3ART%3D1705064367%3AS%3DALNI_MZC9iF46vxQLx1jUxyGx2borJRrmw&scor=4398838407392400&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.612.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 619C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:28 GMT
expires
Sat, 11 Jan 2025 12:59:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1615 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:28 GMT
expires
Sat, 11 Jan 2025 12:59:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8D52 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:28 GMT
expires
Sat, 11 Jan 2025 12:59:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		262 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 84C0 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
272954
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:10:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 84C0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:28:03 GMT
x-content-type-options
nosniff
age
329485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 17:28:03 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 84C0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CqhtsrzehZc7fHoL5998P9ce4-AX_0fqOdIHK2q-YEsqgsKf1ChABIMnj6QNglYKggrAHoAGR44zAKMgBCakCH26LLStmsj6oAwHIA8sEqgSLAk_Q8NAvPBthwH-5EO-IUE-eD5PLsbjP9ff...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226713411708094385757%22,%22debug_reporting%22:true,%22destination%22:%22https://vital-hotel-adt.de%22,%22event_report_windo...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226713411708094385757%22,%22debug_reporting%22:true,%22destination%22:%22https://vital-hotel-adt.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210871845265%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213737671449510034401%22}&andc=true
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"6713411708094385757","debug_reporting":true,"destination":"https://vital-hotel-adt.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10871845265"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"13737671449510034401"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 Jan 2024 12:59:28 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6713411708094385757","debug_reporting":true,"destination":"https://vital-hotel-adt.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10871845265"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"13737671449510034401"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 8845
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=ClwcZrzehZfGwH5nN998Pv7ytmA7_i5vQcYP76MfoC9zZHhABIMnj6QNglYKggrAHoAG1ofPfA8gBCakCD_HmP9Bisj6oAwHIA8sEqgT5AU_Q3Fa0mrrjPzy9UjZAqqdAhAqZPXPN2uT-Gmx...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211959936702680776666%22,%22debug_reporting%22:true,%22destination%22:%22https://koelnerputzteufel.de%22,%22event_report_wi...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211959936702680776666%22,%22debug_reporting%22:true,%22destination%22:%22https://koelnerputzteufel.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221006424245%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216382658509862401121%22}&andc=true
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"11959936702680776666","debug_reporting":true,"destination":"https://koelnerputzteufel.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1006424245"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"16382658509862401121"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 Jan 2024 12:59:28 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11959936702680776666","debug_reporting":true,"destination":"https://koelnerputzteufel.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1006424245"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"16382658509862401121"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 8DCA 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5uaDrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT4AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpK1wFcAllhvTYePgrteenZ_FPt9R6If7W4j-nARBSlfAWO-N1rXrgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjgyOTA3NjA3OTA0Njg5NBgA&sigh=ef8TlaEgkxU&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_uNWHseWragUo4AmgP6ZEeSnJeZicm8HpdxmAJWZq61BknrPE0DSiB-Anm810q8WKLQ-SVaV1GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 8DCA 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=ko7EGMz6RLAJmAKdg2ICAgAAAE0EVci-xpe_luWNfhCvN6Fleyo8H7P28sXkqQAAEgAACgpBUVVCRHdFQkR3&wp=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
136246
server
Kestrel
content-length
0
Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
pagead2.googlesyndication.com/bg/ Frame F7A9 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=326101615&adf=4106943416&pi=t.aa~a.1062062165~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:44:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
274478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19690
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:44:50 GMT
Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
pagead2.googlesyndication.com/bg/ Frame 6127 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=28778636&adf=205973858&pi=t.aa~a.2232825750~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:44:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
274478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19690
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:44:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0A65 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLKOu9IBMAE&v=APEucNU3Ey7HZ3kNhjV0leoekTN2uscMUiVvlR0lVbKDX41lyLBrtPsmf8ecC8yN_4DoD05eQTS1U1MGXYgvbC2R0DIKVzBI__hs5mYHdoFWv-fGPDMskCkexGPs1MjzmResx9k_aE1kEPw182PvMhrxEoJYZaE9whrP8u15wk2pdKLoM4HZgp3rwmc_HOOlpicxVDTbl18YboygpwMuw-3rZQjL3zhg0A
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 619C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 12:59:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 619C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ct4oJz0H0JIIp3r285F7cTrUgtsskPimvAcJBr_D3CoWuhuaZncEx7YDgcd8P_68zvO0xIwTdSbUVDuKPm4VQqIdrp9h149rrjwjdYIaTJPxc_yjo
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 619C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 05:30:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
26943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 05:30:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 619C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:10:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49733
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:10:35 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 619C 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 12:59:28 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9A42 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUcseBB5dNjuQNGPNyyu5BzgJ1rrTfZKoLqpeOtBa-OyWZ-BEQxh6fQyfhV8AFNE9Kof3CbIfQfld71XSS3OTqEHC5-_YL7GYJWdInY7lRcvnyX78FXCjrWYxwvZKZnIG8LotylYgqTp3epZCMWVEaEz-ymrNBdyS-JwJCjuEn2db3hNphY_Z3WoTbEr-pyWCv56zKnWKBKcPOx1ZcenZ2EKmvuIA
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 1615 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Origin
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 21:44:20 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 1615 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
49755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:10:13 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 1615 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
49755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:10:13 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1615 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 22:05:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
312832
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 22:05:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1615 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 05:30:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
26943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 05:30:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 45F4 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 19:20:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1615 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:10:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49733
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:10:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1615 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DCFxqSGx9oACVnKh1mOZf79HZEJE9SfGyzdkH6HRx1cAD_GUWBCMEzybMEd1Qwk_TV5FbZw8bMcvt8NNeYW5gpKvwNSwT3TFQ_8hJMVYsXvG6Ir24
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 1615 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTj4ex9TQj0FkIZq3R_SCToOSa8EbnZ1cS3h9VpxZVQXmrz6qDYI96brP9Y7wQpI_6aFN3jAyR8Nv5sb-XxXa-E3yHtpw
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1615 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 12:59:28 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226713411708094385757%22,%22debug_reporting%22:true,%22destination%22:%22https://vital-hotel-adt.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210871845265%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213737671449510034401%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 12:59:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame A262 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNVvUDGJy1kjMDczk7q3frGihgUH2scSpS-WkghRh6t2rDck3YXJ7hv8IqokOklJbF1gyQ-t5vRL4TkV0-P2DzgCUdvPpTGtWdt6Ixp3cIHdmbMJMsIktZO9SAgMJT4eIIuFGbcJ7L3LG9Nb-zxa8kF_XKHWdAmfqgmMykqORu7Wud-_jVrzUK9B7xKVmKQpUJsH0-eIMuSD1AIECAZrVqdQ7e_H6A
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 8D52 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Origin
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 21:44:20 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 8D52 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
49755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:10:13 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 8D52 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
49755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:10:13 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8D52 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 22:05:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
312832
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 22:05:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8D52 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 05:30:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
26943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 05:30:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9F7F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 19:20:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8D52 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:10:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49733
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:10:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D52 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrEqiUz02CFdTOf4uXe30cgONhtOrD7LS8BsnRyaaYaVjuJcNDyyk7CRtmAh39Ub-3Zv3tV8FJnU-oiiRDtlyWvM8f02T2CjkhZNJuS43zbGKMvMs
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 8D52 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-JA6qAQxAskIW3cLF-_h1CKJ3rAsfLxqmtTjTymUjYg8Fh5wIgiflRdqk-3xbrdDpv1EOHUAYmqKTy58I2E5PmsS3Og
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8D52 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 12:59:28 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211959936702680776666%22,%22debug_reporting%22:true,%22destination%22:%22https://koelnerputzteufel.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221006424245%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216382658509862401121%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 12:59:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 4B24 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lranaupz&c=5252623613645&slotId=2626311806822.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.612.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0A65
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1&C=1
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLKOu9IBMAE&v=APEucNU3Ey7HZ3kNhjV0leoekTN2uscMUiVvlR0lVbKDX41lyLBrtPsmf8ecC8yN_4DoD05eQTS1U1MGXYgvbC2R0DIKVzBI__hs5mYHdoFWv-fGPDMskCkexGPs1MjzmResx9k_aE1kEPw182PvMhrxEoJYZaE9whrP8u15wk2pdKLoM4HZgp3rwmc_HOOlpicxVDTbl18YboygpwMuw-3rZQjL3zhg0A
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWPkh%2B%2FFk5vFFFbnUSfySrpsnLAsJlBZKO%2Bx8OsgdCkzX6an9p1%2FM%2F8xsep6F62HPXhPEro9Wh79UogRRdZFipVOmNGd3ezT8saO7NcF3qsrXlH0FVXzkaf22uDOyWMRerRGpDZwsfjA1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844593b2db5e3738-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebn7fPaTj71jJ9FPHUT9t2drPJvtokATiBTqbb9SespFnUZTkGzIJQnm2eLXP5YXjydpgC1SQRC%2BeMpWpgaP%2BMUFiLpi6NAllWET1MZt28CeOcetd1a5Ot3vboyv7c1t3npBfZuOlNhEIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1&C=1
cache-control
no-cache
cf-ray
844593b29b103738-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 0A65
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaE3sTPg4qm-IvcbY3VjLwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLKOu9IBMAE&v=APEucNU3Ey7HZ3kNhjV0leoekTN2uscMUiVvlR0lVbKDX41lyLBrtPsmf8ecC8yN_4DoD05eQTS1U1MGXYgvbC2R0DIKVzBI__hs5mYHdoFWv-fGPDMskCkexGPs1MjzmResx9k_aE1kEPw182PvMhrxEoJYZaE9whrP8u15wk2pdKLoM4HZgp3rwmc_HOOlpicxVDTbl18YboygpwMuw-3rZQjL3zhg0A
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNqqzDsrY%2BqdFky4JhceLGnbk80mB5%2FQqxYyxwfyWqzzZ%2Btu8rvr5h7bLCSHiCQt%2BG8flAFbJ%2BHo3ne0LxQXCABGxj%2BqBPE8u2t6HR4hCyX5Y1nWdzTyArOMtWtD%2FvSBul4Gcrczcb4mfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844593b33dc91903-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0A65
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED49d1kSAbxI9c4jFWTLYWE&google_cver=1
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESED49d1kSAbxI9c4jFWTLYWE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLKOu9IBMAE&v=APEucNU3Ey7HZ3kNhjV0leoekTN2uscMUiVvlR0lVbKDX41lyLBrtPsmf8ecC8yN_4DoD05eQTS1U1MGXYgvbC2R0DIKVzBI__hs5mYHdoFWv-fGPDMskCkexGPs1MjzmResx9k_aE1kEPw182PvMhrxEoJYZaE9whrP8u15wk2pdKLoM4HZgp3rwmc_HOOlpicxVDTbl18YboygpwMuw-3rZQjL3zhg0A
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
an-x-request-uuid
0a321029-73ab-4da7-a392-b40a1db468ce
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESED49d1kSAbxI9c4jFWTLYWE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0A65
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLKOu9IBMAE&v=APEucNU3Ey7HZ3kNhjV0leoekTN2uscMUiVvlR0lVbKDX41lyLBrtPsmf8ecC8yN_4DoD05eQTS1U1MGXYgvbC2R0DIKVzBI__hs5mYHdoFWv-fGPDMskCkexGPs1MjzmResx9k_aE1kEPw182PvMhrxEoJYZaE9whrP8u15wk2pdKLoM4HZgp3rwmc_HOOlpicxVDTbl18YboygpwMuw-3rZQjL3zhg0A
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
an-x-request-uuid
45efb1d5-7b0a-4dc6-bac2-c0260da19787
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9A42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1&C=1
43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUcseBB5dNjuQNGPNyyu5BzgJ1rrTfZKoLqpeOtBa-OyWZ-BEQxh6fQyfhV8AFNE9Kof3CbIfQfld71XSS3OTqEHC5-_YL7GYJWdInY7lRcvnyX78FXCjrWYxwvZKZnIG8LotylYgqTp3epZCMWVEaEz-ymrNBdyS-JwJCjuEn2db3hNphY_Z3WoTbEr-pyWCv56zKnWKBKcPOx1ZcenZ2EKmvuIA
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tl4tFnJaN%2B%2FHqdKOXs87H4PXPIUKU3SySO08oUHMS9DKmshhCmYIXfi%2Boc%2BiqTgU0%2BIsKmU4osVnTSPdulyfZu1AlkiWoBKXiPxcDMTR7sKeyX%2BCjqPLjIMiYg2yYtQpu2Kb9GO2FaY0OA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844593b2db613738-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reqnhpA6%2BFYK6pFWUAttDGNR6r5eJNEV1dcq0XOqzTXJz8G%2FHmyWYox4nmsgdqZtU7d90zNegUAecMWdBK0YWSJzK94ekBu3V4S25tVy1gXpYDzezD9O9B2unmMfLjun%2BqFCpKdQl4H%2Bjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1&C=1
cache-control
no-cache
cf-ray
844593b29b133738-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 9A42
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaE3sfGF4DgZrID8JkRfYAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
43 B
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUcseBB5dNjuQNGPNyyu5BzgJ1rrTfZKoLqpeOtBa-OyWZ-BEQxh6fQyfhV8AFNE9Kof3CbIfQfld71XSS3OTqEHC5-_YL7GYJWdInY7lRcvnyX78FXCjrWYxwvZKZnIG8LotylYgqTp3epZCMWVEaEz-ymrNBdyS-JwJCjuEn2db3hNphY_Z3WoTbEr-pyWCv56zKnWKBKcPOx1ZcenZ2EKmvuIA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsT5HkLZxjC50DjA7iPed2TCy3Gb5adokwx9WF7zHKrVWPXYUCSSx%2BvUbSDIUBjQ5RckWdWy967lph3tAJPtSDTyZYApxdgJkIAafrsDL28FUDhTI8%2FxKvYQ1d2PYBCB193YWI6kQrhx7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844593b3ae3f1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9A42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED49d1kSAbxI9c4jFWTLYWE&google_cver=1
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESED49d1kSAbxI9c4jFWTLYWE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUcseBB5dNjuQNGPNyyu5BzgJ1rrTfZKoLqpeOtBa-OyWZ-BEQxh6fQyfhV8AFNE9Kof3CbIfQfld71XSS3OTqEHC5-_YL7GYJWdInY7lRcvnyX78FXCjrWYxwvZKZnIG8LotylYgqTp3epZCMWVEaEz-ymrNBdyS-JwJCjuEn2db3hNphY_Z3WoTbEr-pyWCv56zKnWKBKcPOx1ZcenZ2EKmvuIA
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
an-x-request-uuid
afb49a21-7f1d-4aca-82ad-f3a55009a0fc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESED49d1kSAbxI9c4jFWTLYWE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9A42
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNUcseBB5dNjuQNGPNyyu5BzgJ1rrTfZKoLqpeOtBa-OyWZ-BEQxh6fQyfhV8AFNE9Kof3CbIfQfld71XSS3OTqEHC5-_YL7GYJWdInY7lRcvnyX78FXCjrWYxwvZKZnIG8LotylYgqTp3epZCMWVEaEz-ymrNBdyS-JwJCjuEn2db3hNphY_Z3WoTbEr-pyWCv56zKnWKBKcPOx1ZcenZ2EKmvuIA
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
an-x-request-uuid
64c9e15f-c9cb-4015-8dba-285744a402b4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A262
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1&C=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNVvUDGJy1kjMDczk7q3frGihgUH2scSpS-WkghRh6t2rDck3YXJ7hv8IqokOklJbF1gyQ-t5vRL4TkV0-P2DzgCUdvPpTGtWdt6Ixp3cIHdmbMJMsIktZO9SAgMJT4eIIuFGbcJ7L3LG9Nb-zxa8kF_XKHWdAmfqgmMykqORu7Wud-_jVrzUK9B7xKVmKQpUJsH0-eIMuSD1AIECAZrVqdQ7e_H6A
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UhLIOGOVe8lDEWpz0v4882%2F5EsmtxZVJYwx%2F1hcC%2BrVgTzJREwg%2FkG%2BrL%2BqIb5rh0RyhmpwcdZi80xI1%2B0Zov%2Flx9H7whZevjf90U%2FQLqL6Mp%2BK4Qj%2FgmhaSTTrEyWmgHonuTuUUBFdRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844593b2db633738-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syDYwI1AnQ2U6URFbsXtAD3Opcs5zqNCxGQ1VFi6%2Bj%2F6KQCq8TzqaFPEQTtfwg0l1vaomr4%2FJclgXfwG8nriTlvgmUtRZ6X57LXRKESuzYrHUiBu3Ueaq5ER1ypZqxFVLBh%2FmlAUx4Tcfg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1&C=1
cache-control
no-cache
cf-ray
844593b29b123738-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame A262
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaE3sTPg4qm-IvcbY3VjLwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNVvUDGJy1kjMDczk7q3frGihgUH2scSpS-WkghRh6t2rDck3YXJ7hv8IqokOklJbF1gyQ-t5vRL4TkV0-P2DzgCUdvPpTGtWdt6Ixp3cIHdmbMJMsIktZO9SAgMJT4eIIuFGbcJ7L3LG9Nb-zxa8kF_XKHWdAmfqgmMykqORu7Wud-_jVrzUK9B7xKVmKQpUJsH0-eIMuSD1AIECAZrVqdQ7e_H6A
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsoudTYaSkPNYaz8L%2BqN4RvNoYWPNTQSJ2B5ld5xUVVmCCJClNJeA7OBGwkVZtC9mYbH0tkE%2FMv0Jnv9pwKmKGcNt3NfDFRWuLW4EfkOagxXiioL4MVFa1CLnaVMGNPPWIJdm1zbj6vXag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844593b33dc61903-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzCEw_UYbC3fXRXRC6YAbc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A262
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED49d1kSAbxI9c4jFWTLYWE&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESED49d1kSAbxI9c4jFWTLYWE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNVvUDGJy1kjMDczk7q3frGihgUH2scSpS-WkghRh6t2rDck3YXJ7hv8IqokOklJbF1gyQ-t5vRL4TkV0-P2DzgCUdvPpTGtWdt6Ixp3cIHdmbMJMsIktZO9SAgMJT4eIIuFGbcJ7L3LG9Nb-zxa8kF_XKHWdAmfqgmMykqORu7Wud-_jVrzUK9B7xKVmKQpUJsH0-eIMuSD1AIECAZrVqdQ7e_H6A
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
an-x-request-uuid
b56dfe06-99ba-4e05-b794-90e67329a770
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESED49d1kSAbxI9c4jFWTLYWE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A262
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNVvUDGJy1kjMDczk7q3frGihgUH2scSpS-WkghRh6t2rDck3YXJ7hv8IqokOklJbF1gyQ-t5vRL4TkV0-P2DzgCUdvPpTGtWdt6Ixp3cIHdmbMJMsIktZO9SAgMJT4eIIuFGbcJ7L3LG9Nb-zxa8kF_XKHWdAmfqgmMykqORu7Wud-_jVrzUK9B7xKVmKQpUJsH0-eIMuSD1AIECAZrVqdQ7e_H6A
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
an-x-request-uuid
5d69ee83-c705-42b5-9446-85bba8007145
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 1615 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3388f0b3e622718eed824757d3f5def73cfcd67735570b4f8bf258f1c6e0537c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 45F4
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEO7ye58sRM_x4gMudake7J4&google_cver=1&google_push=AXcoOmQRgYF3r1DXNuV9Z-PL6R3jJ7ZiCGuD9OGeP6pJfxeO6WkX1H-dxpVEDS5J2LyangxNrsQBF...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQRgYF3r1DXNuV9Z-PL6R3jJ7ZiCGuD9OGeP6pJfxeO6WkX1H-dxpVEDS5J2LyangxNrsQBF6Hk2WNEK_jQLsPOfvTk5q7n
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQRgYF3r1DXNuV9Z-PL6R3jJ7ZiCGuD9OGeP6pJfxeO6WkX1H-dxpVEDS5J2LyangxNrsQBF6Hk2WNEK_jQLsPOfvTk5q7n
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 12:59:29 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: A0978E57DB66439CADA3708AFBFBDD4C Ref B: FRAEDGE1306 Ref C: 2024-01-12T12:59:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQRgYF3r1DXNuV9Z-PL6R3jJ7ZiCGuD9OGeP6pJfxeO6WkX1H-dxpVEDS5J2LyangxNrsQBF6Hk2WNEK_jQLsPOfvTk5q7n
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOvzwKyhdylmTSFjcDPw==
sync
x.bidswitch.net/ Frame 45F4 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAyXNGpe0FNIHPAWpInyBzA&google_cver=1&google_push=AXcoOmQNaaGtuE68JilUWl3S-zqq_rYzXT2sutsc5yi2qfAZoDiSzCBlrrRBSc-hv9kYfHmzv3XzulBA9hrV4tGNCSS70c0lzKQ_JA
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.61.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-61-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 45F4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELMiM23ctRsBeCv2kDpgzvY&google_cver=1&google_push=AXcoOmQY7iD9_LzOPJrTUu-V3rTAK-lJR_GvALLwlnsgMu9m3AFnpoqFbHIeNG8loNrnekr7CD1jpxgErjAXIkT...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ahGjWPxAUa1kWs2TPT1hcbKi0YM&google_push=AXcoOmQY7iD9_LzOPJrTUu-V3rTAK-lJR_GvALLwlnsgMu9m3AFnpoqFbHIeNG8loNrnekr7CD1jpxgErjAXIk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ahGjWPxAUa1kWs2TPT1hcbKi0YM&google_push=AXcoOmQY7iD9_LzOPJrTUu-V3rTAK-lJR_GvALLwlnsgMu9m3AFnpoqFbHIeNG8loNrnekr7CD1jpxgErjAXIkTi7cMa61QQum6KVA
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ahGjWPxAUa1kWs2TPT1hcbKi0YM&google_push=AXcoOmQY7iD9_LzOPJrTUu-V3rTAK-lJR_GvALLwlnsgMu9m3AFnpoqFbHIeNG8loNrnekr7CD1jpxgErjAXIkTi7cMa61QQum6KVA
Date
Fri, 12 Jan 2024 12:59:29 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
ebda
match.360yield.com/match/ Frame 45F4 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEOgMAIXxwyis3u_X3OYEMJo&google_cver=1&google_push=AXcoOmTwNYi27YwSPlap0HV6OnZpKXF2_lfE_p61VEd3RWTUj26QfRKrrGNxBoAZdCmT5e6SBjQPn8OZ-xonbhd3ggtF-AnbWgOTRA
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.215.137.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-137-102.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 Jan 2024 12:59:29 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 45F4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmT-6A-KAEs4_NB5Y_ytZ3Y5M0RJ7NfvaLmsfT19MTYDl6oS_2R3yNE6lVZE2t57OT8g2CqmFMjF3iFADBWH_F30aRpxTN5egQ&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-3b032c35-dab2-46ca-b3ba-c571f93d9289-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmT-6A-KAEs4_NB5Y_ytZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmT-6A-KAEs4_NB5Y_ytZ3Y5M0RJ7NfvaLmsfT19MTYDl6oS_2R3yNE6lVZE2t57OT8g2CqmFMjF3iFADBWH_F30aRpxTN5egQ&google_hm=AzsDLDXaskbKs7rFcfk9kok
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmT-6A-KAEs4_NB5Y_ytZ3Y5M0RJ7NfvaLmsfT19MTYDl6oS_2R3yNE6lVZE2t57OT8g2CqmFMjF3iFADBWH_F30aRpxTN5egQ&google_hm=AzsDLDXaskbKs7rFcfk9kok
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmT-6A-KAEs4_NB5Y_ytZ3Y5M0RJ7NfvaLmsfT19MTYDl6oS_2R3yNE6lVZE2t57OT8g2CqmFMjF3iFADBWH_F30aRpxTN5egQ&google_hm=AzsDLDXaskbKs7rFcfk9kok
date
Fri, 12 Jan 2024 12:59:29 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3b032c35dab246cab3bac571f93d9289003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 45F4
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEBeefLGQE9_Kb8fFTLPNE2E&google_cver=1&google_push=AXcoOmTCyIvTcSRZyEznJKOBrrJ7zAWE1ajU4NVOXi1jsTUMkWkhDUctLUBCItZdvbKDezIBXSbgOFjZ6ooJ3FbRHQS3yCx15...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4MDY1OTY5MTQ5MTUyODAwMFYxMA%3d%3d&mn_hm=MzQ4MDY1OTY5MTQ5MTUyODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTCyIvTcSRZyEznJKOBrrJ7zAW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4MDY1OTY5MTQ5MTUyODAwMFYxMA%3d%3d&mn_hm=MzQ4MDY1OTY5MTQ5MTUyODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTCyIvTcSRZyEznJKOBrrJ7zAWE1ajU4NVOXi1jsTUMkWkhDUctLUBCItZdvbKDezIBXSbgOFjZ6ooJ3FbRHQS3yCx15PijNQ&gdpr=&gdpr_consent=
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 12:59:29 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4MDY1OTY5MTQ5MTUyODAwMFYxMA%3d%3d&mn_hm=MzQ4MDY1OTY5MTQ5MTUyODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTCyIvTcSRZyEznJKOBrrJ7zAWE1ajU4NVOXi1jsTUMkWkhDUctLUBCItZdvbKDezIBXSbgOFjZ6ooJ3FbRHQS3yCx15PijNQ&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 12 Jan 2024 12:59:29 GMT
pixel
cm.g.doubleclick.net/ Frame 45F4
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEGrMq0mzU0dBeacaZSwfiCQ&google_cver=1&google_push=AXcoOmTiX2sXb7yJ7Qj-Rr1mttt0EqVA670TLrVWdNHcdE8UcB67fjRAEAHgG5JsmEv...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTiX2sXb7yJ7Qj-Rr1mttt0EqVA670TLrVWdNHcdE8UcB67fjRAEAHgG5JsmEvhIctC_RBbxre3lScd_I9C6EdGVUVqLMvDBXs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTiX2sXb7yJ7Qj-Rr1mttt0EqVA670TLrVWdNHcdE8UcB67fjRAEAHgG5JsmEvhIctC_RBbxre3lScd_I9C6EdGVUVqLMvDBXs
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
494fb64.5a79448
date
Fri, 12 Jan 2024 12:59:29 GMT
x-bytefaas-request-id
2024011212592917EB3129828C364DEE6F
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24011212592917EB3129828C364DEE6F-74381EF6872A5122-00
x-cache
TCP_MISS from a23-54-206-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-parent-response-time
91,23.54.206.6
server-timing
cdn-cache; desc=MISS, edge; dur=83, origin; dur=8, inner; dur=4
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024011212592917EB3129828C364DEE6F
x-cache-remote
TCP_MISS from a23-222-0-46.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTiX2sXb7yJ7Qj-Rr1mttt0EqVA670TLrVWdNHcdE8UcB67fjRAEAHgG5JsmEvhIctC_RBbxre3lScd_I9C6EdGVUVqLMvDBXs
x-bytefaas-execution-duration
3.42
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01782c1aa098d441e14c7848822c4a7ef0dd70a227068d1fc7d16c6a8edfb827ff8317feb85585e7753dc308c9344eac5e7e293a2133af90510bb066c8a6c12a93e5a998d6f47a2e3f37ff0a182989f0c3bda045255e2e33a8f52afac79762e9cd020d97d687dc6ad2f84a09a620ac3080
x-origin-response-time
8,23.222.0.46
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Fri, 12 Jan 2024 12:59:29 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 45F4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvHcU0ZszxYtUP0gs_DnMllDCI9b8pQ-tl99-EyXXE38IcBAq3Tfc2AQz_6eQgZuvj7gdvWw
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F916 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
312833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 22:05:36 GMT
expires
Tue, 07 Jan 2025 22:05:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 619C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3764928338111&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 619C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3764928338111&version=m202309260101&ct=76&x=1&cor=2973605578481860000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 619C 		113 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1snLLFK-FTIUdaDd6q7ZkHFxBrqfL5VpJrYwTrNot-9dupY75_UU_si4aiYF_ZRB4ttb752ncWaJEBJgEdtiXvOEkzcNtCADRRouOlVLSGon5bfFAVD71dm95AxznQc7rr_-FxutKHSlKE3j0QVA5V7PtSuwkol0qBnFQlP6dTT7SdlI&dbm_d=AKAmf-CimbDFpGMXgAVd98RhU3F0FFhmUl26cTyOrXhj-bCCYeqpNs9ZNGLXvgOreslB2b1CwMTs4ttcmdBZwSRtGeRE8fWUh2fc5W5KxnId5Xd6an2XaDLaNi6Msb37tF0-hPkjiJN48cKle5sGZcmWHi8hUwfHIA2rxLrD9iB1xl5YeGmMpvXI21tL9mMVB-bzJLy1Vau0biIDWLl5AcjvTucNTC8m2Vnt0f89CA9rnM9jPPZIEPo2sVYyMMWlzrjEYOLOVfXTE_mM6wX3PM3rxzX02R6Miwk6eSSFW9KnNwEYNBEkQ69KpRuvLyxhilRNjVCXIAYBQ72YLTyv2p5UvNiNqn7POF9nu_DFtIZ5EcARjlkKRH8NVaB2xAfKo6_jFhP9LaoSJNfHkZb1F4nUMkeq-MVYod4YZg9wDHdmSieey7P5IFCx6773JvqjfU2NeXOeiwOnwmke4BWCqjXFs6DzBWP09EQnSqfsxhRXlXiKnvagAFXFnXrXPBQy58YYa2p9QTxl3VUnLEVnKYB759VyAZ5S95afbxwEFCm7KV60ZO3gzPf0fsxAY6C4OCO63_kIExmWgQjAq1OOQd3eqEnhHc_4NPwpY3nioaZ5iX_BtQ6b3SmilPl7-rSZDDTf0Fg7nKatj4jQYwKaIZgaUkF-ZD5XAX8rk-QSpkKrrnWtwfLwRd20eGwduRU2sE9mOIxEU8iFkYJDKBxqM7TaV5ZkpV-h6CN-urAM-SZY0mgTgBsJK69Ko4Csrn71ZfW0ZxIzXBZ0llwjPHCJdZlQjjWy3fVnp1I0SAM0eVHjaGk6IqJk2ktPRt2I022ZU1zJz8AI8BeMA2ccEDwAVeJGPJgVRRx3c8dPlRZ0NrFpHbnLmjZCsYLbaiN3HC3pL6PBwD6895moYoMzhHVzzQV7yrfd8H-1PySKIv_gAcZNQjuZQP_SMaLpZb6OUNaWa-Bh_JQG3PBCVuPyCYmx4rrbJNcGLPfWCrlQvmm9sn_PH840LxnI4Zqbhtx3krceu3sufE3Ryidgc8EZWsDKmGLZsFqVVXSfUYmAst4UqI_Sk0d7gGX_FRzUTk-_0ySsDLpcFQUpzxX9APKveDxMfF1PX81KmOA0rUaf_P0ZeAM9Fp3WDgqJ0x34q3v6Le0rJ41Op6T_C6AL2H7byTnvT562PvnpO-9YhsuL5ziJen5e7c6iChvOPa8pNR-6If4aSVFp_NkqZYxGmvliDoj7c7yz2SNIhiE5YFN-wVND8Mj7BQFN5tFEfGTyE-TTkcYi-7tTkt9DUsDodyyIQDVF5CRM2nhy1EJc9cu2HrLa4gJ_OOeiir7GN6jktXXjA__o2-q7Uh_ak8cRgWVyrDWtIweBSU1cOvAUTp082fUGHfBcSUQnLYJ1C_otwV7oc7HnpCrY6xTqshdR_7nMv6Jch0CttgP91qpb7fmdR_1g93nM58tDWDBcXakaAPtk_8NWup4wtAr-JgJ4nwlPtvH9prIzN9KBBOqteWpN5MtNPKL_Gdx-W1Rav2UNFQx5wTBsGrVak0xgbQfLADgWVN6sqoL5zAJXUrqc81G4LeTonTUolgy354gMQ_sgGfsjx5KkGkTOX1YGf7YBTTBe3dwu4UFK49dtl6Ov3AGRNavYm-tUEieRXxajEhbDoR34WYnkSkN1GsbS_mgQop2vsNFzuNUJwZ4wD7sKCuPlRmN6q9cPgdR-DOgGcXVuiIFHagaSdBC9Xc6V_SbFRYFugJH-8NmZb8TzExVlsHobNPEEovE8MfGVTmPJJ8cDrpFcgVSL7loZ-2EKWFVdwq7cO5apRyMSaGEifSZH_-c3zvmX4LGe9i3x7FiIbEG2YXdMdiAGGmOOYoMKxtW4aIxrQa5HMS_OovtTsPb1mTN-8QRexn7fgBL4twlDJ_X8nfyQCYvJdtDaFKog7yLpiX6aq1YEuyCuaeA-bqoq-Phb1oj-0-XO15h8VTcmb_j_UelEKUwe6FkyF7tDFinsUgLtNJke2_ZO9q3ZHlJbibFaWxG7VnC_0Y0yJ6UivBnq_g3PM9cs55msgRoKhiloh54Kls8naXQHPaTyE_DwH_bo6KspayC6G3tygysrRtPojqtSFgC4A5x3qA7j_D-TM9IK2p3SUEYzUvoI-1kRFfhR4ffKom9_rJy2YpTODvDb1ignu2k25t6IwOaKIa1hyS_BmE_TBfPlnMoe8sKyFCJGID9xIGrOSiJxX6zdACCN_uZHPnzvzQV_opEionggrS7IngoRubdQf1-JuApmEAVXmL5l3tuf-36bx0HPEReBA-t9mzDI82nQziWE14sHhfpQe-olHJFXVF8stIG8D8-3n8CyBKyiO68fy8nr0oBrbrmdedvdG_Xd-93g81CRjNCM3nE9Dg1RE65y6X5K7_ihdfy6mqDQXePo9XT66SHskiQdghLO-Z4-u3Lwi83xopHca5R2nzStfyP2QZmzcBEGrsUaK7m0G85MqC0eLSiJmSli-T_J4e7vAZdkE-hsbMobbWaVM-buO2Uzlvgnbgv1wdfP16oRLYEVqS0J-ydfmZjwqq1Ih_VfxqEvFZ2DfOfFqyXva57Ss3P3gOSIy1AKD-QoAUgRY_4GPvYSJR1RTo4u55zppY0NUl79h_DHNG4zjE36gzBpTGrh11XbXvm3Kib8f0UfSBLSvBQFDPQvKiBHpigs_OGuo88WTFL8RIHomUggoY6lJ-AYx5LbZRC8Zdc61zj3spjM3lx2tYDRKAQXXAkzSRWcKPMxiIvWn5dauAeCKjECiHfiN-ril0dmbvXHCAPIDqyGywSwVdpHR8vnJf1x2lWpaAPZHcX616Qg4f4X2GrZTWxYvq33syGz6qTLaKfzSO5mKF1j1-UTDVQxe9BIhFz1XB6Z0ENKqIc8zF12hoUXMI1uMvrJd30Mw8AoFQWmeDQZe6ZnPwT0Xiyu4RyUJJnJEGIr0OGAWSUNpMUYqTu1i4eqBA17vt4LlOaNB9AhEdaABZCOOApkOLzMYk3_gsy67ajcik-UaBXsOQ-LFpGtzlWFtB747QfQJyERvSOBLKjCHw7ph5wUiL_CsMtTnC3SkRj0aYSveKa6PlzXS3sZ_0QtQxewzBhTEQrM04Bm-LqKa-4qzaTkyaDw2InBN7nsbJbPUtNuPCdL6t3pOw3R5L_vHBTsQk7TOGj_9PDq6uzEd8o04ggEiXye5zYbrX0IpV5T5yIfS55leAwRiH8AdUEpS9W5s24XT8sGuFvY4j20E-lhKjHD8BcuTDO4-McDDPkH_rsktVv5RUoZ_d4vd2sYDMSMc2oxClJ8tTzMC7HK3TWcUzU5Mh-TSDstnncrbocm7fjeXfMvoh8w5D9dwDwl92qNhbsLar4kLdhNIGiCauiZhCoZj8mN-XVixUPX-07VsZaAlRvb2u3jTKEQ5FhNN43gR49vh2-qexJbij-RsTOWgTX-AxhAmTFltNt39UgnTEl-kKmdL0PtrNVv9_rGIHY7TJUI9hlLyutbjiYxZazj1uZ6tCFl826DamhfzqE0Mlr1MAxbeLqQHHT_YoFVUiTP4xE4FJLyPcw5aZjIF_2Fokp7GU_4s_U8cSeu75Pxk_cDmWKKwZhrH9Bm5PeI8UQ9VB3r7t_rDQ9OOX_3z7o26n6Tdqwqqw6FLYxxKxS9ecIgzqx_J57ZosXFxDrv4GNEh1eHlquaUonLoNKzXbd1FRafhYET65WftSjifrzo6mYyHZnOoVAf8uERqz271CYynMPXTYZWTsl5tX1uELOAkTWMSpkqFhIG9ZfcQOr4upEY8HUPmJPInmqLO3cbkyZ7vw2yaIKiLq0_gKXSuAh8FlYP9m9wmW71FGS-jt6KpmItWBgrWqqzoELoEJfsSQkikEIZUlaVTbCPAtRoI9oqbxqbnLADf6LRF1mwzu-IOp4t0UmTo42hO3GJrq6KewyI5srvLIUv7oE4iTxqipEEUnvu8b-cqt_mEJY5lr5efFnT8-6nPdkYnqXUhuwIuL7zj1LbA_SPcaRDVz1KU6fE4hkka4uXULgqeMurH6vNbxTTOG7oz-4qCUZ2ZNFerrohJA&cid=CAQSPAAvHhf_vLx-OvY2AnyNu-WUZL4QoMFRYJcOa83xe-SAvGhNCfvCQrfjDVxW_1UVy-qJeX5VUsAD0edjsRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnotisul.com.br%2F&ds=l&xdt=1&iif=1&cor=2973605578481860000&adk=4188270524&idt=119&cac=0&dtd=35
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99b90cccd2915f69ba4e0f69009b566708fe74252b449850400fd0b368434b6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43153
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.30.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-30-234.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
truncated
/ Frame 8D52 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abab1cf75ef646954e763c9fd3a548527d5076d782c13b0dc1a9ba3ebdb923ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
i.match
a.tribalfusion.com/ Frame 9F7F 		43 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEI1zYTIk3m2kA8X1cx2FD6Q&google_cver=1&google_push=AXcoOmSHZpZbUnyOpMIqNfa4m9XTfCU3bLH0IeuX1qBGYBeozY_AY8L3oeefF1PmhFTSS8TXj9XPQuVznJoKRk-CPDo5SRkZoN8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSHZpZbUnyOpMIqNfa4m9XTfCU3bLH0IeuX1qBGYBeozY_AY8L3oeefF1PmhFTSS8TXj9XPQuVznJoKRk-CPDo5SRkZoN8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
844593b329966add-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9F7F
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKdLWmb-WAe0A1AmzGBIzZw&google_cver=1&google_push=AXcoOmSIjrr9Rv7fqDIJ52XAbBeu2WJkKPdPlAsa4XRFeFyD4fPKKp2LKgf9MsJ_dMIfDSRLpOcKc2d9-zb...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSIjrr9Rv7fqDIJ52XAbBeu2WJkKPdPlAsa4XRFeFyD4fPKKp2LKgf9MsJ_dMIfDSRLpOcKc2d9-zbfAqXIFYFaA-fZeAwm&google_hm=VED4ynP-TpqVhQlqtijOWIM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSIjrr9Rv7fqDIJ52XAbBeu2WJkKPdPlAsa4XRFeFyD4fPKKp2LKgf9MsJ_dMIfDSRLpOcKc2d9-zbfAqXIFYFaA-fZeAwm&google_hm=VED4ynP-TpqVhQlqtijOWIM
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:28 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSIjrr9Rv7fqDIJ52XAbBeu2WJkKPdPlAsa4XRFeFyD4fPKKp2LKgf9MsJ_dMIfDSRLpOcKc2d9-zbfAqXIFYFaA-fZeAwm&google_hm=VED4ynP-TpqVhQlqtijOWIM
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9F7F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL43oR0Ve4JQAyOkART0i2I&google_cver=1&google_push=AXcoOmQ2_hsG7gDVjEMyXfBIk0n2kJCojPHCmz_pCFCrGGKirUSD4QW0vvDlhB16omJbRj1hTB5X46cO...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4ODI1MDY0MzUyODk1NzMwNQ&google_push=AXcoOmQ2_hsG7gDVjEMyXfBIk0n2kJCojPHCmz_pCFCrGGKirUSD4QW0vvDlhB16omJbRj1hTB5X46...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4ODI1MDY0MzUyODk1NzMwNQ&google_push=AXcoOmQ2_hsG7gDVjEMyXfBIk0n2kJCojPHCmz_pCFCrGGKirUSD4QW0vvDlhB16omJbRj1hTB5X46cOCo6WFZh1IIIsozPAHrs
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4ODI1MDY0MzUyODk1NzMwNQ&google_push=AXcoOmQ2_hsG7gDVjEMyXfBIk0n2kJCojPHCmz_pCFCrGGKirUSD4QW0vvDlhB16omJbRj1hTB5X46cOCo6WFZh1IIIsozPAHrs
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9F7F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELrfBXqUf--J37T4uuA67kE&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELrfBXqUf--J37T4uuA67kE&google_hm=ZaE3sTPg4qm_IvcbY3VjLwAADR8AAAAB&google_nid=index&google_push=AXcoOmR264eGyiHFthLogeWE5eL4nTHfJS3-C...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELrfBXqUf--J37T4uuA67kE&google_hm=ZaE3sTPg4qm_IvcbY3VjLwAADR8AAAAB&google_nid=index&google_push=AXcoOmR264eGyiHFthLogeWE5eL4nTHfJS3-CDUqYYQvKZcP5qWnhDlZvpiB4Z-R8mhWYyT_iyL2wa35B2uQ6BosN7KdMq3KTL0
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEvLe3cPDM%2BfIdk4EG48%2Bvujm12WckHnodz8dUXypmIV2xJAN2M1g0GAqIC5xFxlNzJP32G%2FQxGPPX9ffra5WZVEPq8AMOVSGXKdzMF%2BTHxGdhl1PJH%2FFV7%2BM%2BpgRmfNCs6nTzcU5sQjig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELrfBXqUf--J37T4uuA67kE&google_hm=ZaE3sTPg4qm_IvcbY3VjLwAADR8AAAAB&google_nid=index&google_push=AXcoOmR264eGyiHFthLogeWE5eL4nTHfJS3-CDUqYYQvKZcP5qWnhDlZvpiB4Z-R8mhWYyT_iyL2wa35B2uQ6BosN7KdMq3KTL0
cache-control
no-cache
cf-ray
844593b33bba3738-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 9F7F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIU9r59hWtPxFFjA4ZBMf9A&google_cver=1&google_push=AXcoOmTHx85pUpWyB3GKTq7Qbv3N1Jy3D5VPycrRPHdviG_B07g5MHV9VkTkI8NU6EUUGSp49BGOT7UD6M7...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTHx85pUpWyB3GKTq7Qbv3N1Jy3D5VPycrRPHdviG_B07g5MHV9VkTkI8NU6EUUGSp49BGOT7UD6M7_byRA1ckwX-wq0FGxKQ
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9F7F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDoZ2HchBWPvbVP3pcrreG4&google_cver=1&google_push=AXcoOmQEwpqIRcooV...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D&google_gid=CAESEDoZ2HchBWPvbVP3pcrreG4&google_cver=1&google_push=AXcoOmQEwpqIRcooVMOsKB8B0zJWi56rOn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D&google_gid=CAESEDoZ2HchBWPvbVP3pcrreG4&google_cver=1&google_push=AXcoOmQEwpqIRcooVMOsKB8B0zJWi56rOngP24jYbvV5eRI4aZbeeM4GzuN1RloZIov5TVGt6gE9QfeEIH4GyVtCUAWY-MtZsTJyGw
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
an-x-request-uuid
bd5785de-78f3-4d72-9dc6-2e6b68425706
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzcxOTc2MDYyMjgwODExOTA4Mw%3D%3D&google_gid=CAESEDoZ2HchBWPvbVP3pcrreG4&google_cver=1&google_push=AXcoOmQEwpqIRcooVMOsKB8B0zJWi56rOngP24jYbvV5eRI4aZbeeM4GzuN1RloZIov5TVGt6gE9QfeEIH4GyVtCUAWY-MtZsTJyGw
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 9F7F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJ1NvqZNtOam3gCxgawKvxY&google_cver=1&google_push=AXcoOmSFToeoej_3syRNpWurHUwxDMv75Ueuxl2-q_QwFy0uNEd28wtgQzl3KW5q2gMPvoozRKegZ76lF5j510PWZz6N6t0cv8BVXg
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.61.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-61-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 9F7F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5m1m4QmFSakNkr-DIE9KqIpAZUo_DBpwi7o2ex0D_K4AloK1O3HfJFt3iTPxTdEHhug7D-d9H
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 556E 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
312833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 22:05:36 GMT
expires
Tue, 07 Jan 2025 22:05:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/14731813396773076992/ Frame 7252 		88 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2376fa7cdcd7bd2d36310978896a01b090e53c99f2c7ce45e2fa62a563b7644a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
274424
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18652
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 08:45:45 GMT
expires
Wed, 08 Jan 2025 08:45:45 GMT
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 1615 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsucQGDTFdWbnfw6jpDJJR0a-q93_XAqflR1-B15hqM7dqyxcY9WL1ukHK3XRGIPQdWIPRza0o7d0HpOvleunNOfBNvJSfirmRRZUGVTRuXPiBNy6zmrtK943HAgrGu2AGCjQkiANw21E3HC5p5Qp3WTrnGrwIwi1fhYQMgdFJ7Sg5x_d1d00NxdkxLzDmlBDxNv9e-Gk7ltU853waq3Qdl-vpQ8WAW1_Mbcg44k1pdmUb37LAzQvmcgyFaOytGKlNYtqI-qE_gfnR27lZzrEeoOEW9xPMJy70YkNnqR-hgEsexqqCMvVmRvt7qbTEbZNST4w2if7OvBAR1PncCOaU7UyGAl0EbE4igHk7jfEthb3hrTfOw2d8QNAPaAL9YVxy1UW0e6Gw6OEiSL6GR2vA1qbGqeqwE8NxWLTLJ-Bi6Fv6YHoOTGAmeb2aQuqA0HWVGkHP3jiW8AyDH2L3yr_bDgkEF8JLnm1ctUE1nalwXb221Vikw4uJy5Pa-jum259TeRdHQWNvXTwHD6I5DCb82AanCQmY1yO1Gr0dCJKEfnpowh_PhK7zkaOSO2_rnwjZrmR5op11PMArIo3d65J0OEABK9LBZiMBannJYWwy7_toRGD3GQaiQ3WGbroFvubqTkp7l0OdOvtLgDY8kEcA09oCjO4_WB0wmRMbyUWINjOqhCyf-kV7tdx9Mdlxw7QKig1q3HBNICWZo0YbfVCspXFi-VLuYtyf4M62jznt0tYq3_DchGYEJ25C-v5KfbhFzK3iNrSLHFI_ZQeu6C6wSE6TfuBa7yVCuqPaXdjk6FYoKaNykY0OimIEiQNg63RMAG6xK8H3e3alzOeFYx6sF9XufiHiO_ZW8wgVShzmduZdOx_cEBD4NKLB3KmSo_S-XQjzdHerKBsc5aTyGe5IuVh2fb_fkGILtilz_HPFXfI1uHXO4O11G4jeysZAwj1WnyLSeifSE8QKwqPH5haRCgYC8IDmxJyyi-MSQGe_8uj2jMHAq_Hw4ZNHDkQm7mPfuGAxw0czeApjUqhHr0PPKu8NjKpqmw0BW9BjGhU0oW2je-sg9gUE6nY-w39BN3sLZH9-orojwLT0s9ndysBNVgRjS7_ftXeUuMjeFROzByAPxKw-5ehl0DgAJZtdHZ1vuxAuYqYPK4_XYOBwwwOSMOiZOQjJqTZxHJs9ndEFVeODrTcooYUVGZ-Lxsqm7wrgaVi20rxTXDhoIM-t7Z57qNnyrpiamHMKmQieoXN5cwGI9uCBDtKsEFm2iKtFw7ifCs2OgFdwV9O7xhelTg7YTnMkEyD-BdQd0qasMSeWhKT2QRkK2JCZRc3x15cCaOq5G3YbMXFAhjS6Zt0I-wY0Si1ASv9QG93Qlm3fHAaNtTmtP-0zFLB_iDgmBCvTZ5U3pl-ec_yfdanyLzNK3kh5fsCFmhFOuPh2PUWAm9HuNpynlRfW2qhy26IZV15hMR-umMFn3eKolZZBKeJtGUa8745yZZR349Awo&sai=AMfl-YTnuLq5ExWly--Sx7D3AnnZ2tvHPhCI1J0ZxVpwaBZ933GCvuR0_ua2torBFdyICvjQ2ntHDWxCKlAzTzYW3juNt3jR4prHMPh5eT6-k3L4S3CxDzGJ0RWbUeL4ur5FspkdXLa_Vet-bci7iNdaGfTwPSeDX-87T2aml1mp98oAwaFOhnErkRvGdOaAeGd780zK-_S02HxxIO0lsktVOo8pf2S-8lR3mvWgCzl2nGt2sArE5XXTdBjZewK8tF-3BG-tyRsq-GMD9gLFq4JJvdCLho1eHc2KImSyklOYLeFS7KmzOxwAKT9jRqpjciRfuvOpUooePuyIienVW8D69MSQe-VXz5xfY7zBvK4zL9ZvHf9ICjI-2yJBIphqwjQWDZ2udGoAVgxAlk4ykWJyipkoDO2FyHZFRPUdX4j_dSl_&sig=Cg0ArKJSzGS8P4XPKJp2EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=269&cbvp=1&cstd=265&cisv=r20240109.53382&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 12:59:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/915966008651415552/ Frame 93A8 		87 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e86f0a0524c3fb3e98d533eb9e2f80e1239344aebaa34565a2f42a47332e0b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
274280
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18594
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 08:48:09 GMT
expires
Wed, 08 Jan 2025 08:48:09 GMT
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 8D52 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvAbHnRTBjF8wNEMsj_LCvP5RA5Vg4znSf-B6qGd-XoK9lYNF3yaH5fKvPPDt5Z7Jn-1Fhv9QlZALaQ3A1pVUc57AmGGHnfEcmO7QP4UKY_Shs_wD8Cw0OKCb3OXUAXiLn03YQjZp7MGtFpFHm-cx8wPrRiPe03n0BrhBvWhobd7CVpvgOzLXP6c5PVVaULBUCJ00sWKS4Bau8S5IFdsyK52DH91R6SJ5bQDRwLUmRILRxIP1QdpsnKJBx4kNuO8Y29ywQMSJ0nb1QbL_ZBHPe8jDbRuFbXF3iyIjVtQKbcXvCbS_qSU-XPFkFvMUpOfo9yIQkO7dT4qK_fLHz8w3JCRLoziEVFg7HQE29Gb4Nt3yKtwXO1cZOiYelm8pKUp8nQycwojW3MuK5QhAVFsuefQuLFbM3NF4kxHEympGhsoUImM5tDk84uxbTkUJfFZ-EFWNEex3g4N1w7s7C1Jc7j43jhLjNElayTat82lW_14SgdBOMlXbsdJVshziQQ25KcsgOQN_rWiBg1beb8imeUIqZFtZGmbYqDBDDpKzvjnyD3Cp7v2mWDZ6_lSjZbnBV5Jl_3X7C6_PBIhMl8qBcN3gFuXOEGjCbM1uU3_zcmQ1R7TpGI3ntBqk9iO4cvGgUS3PWGiXx-N4zoZmrJM8QOVAFCWeyHQ-28I-efNShk865qmkUPhCtvhT49rcVXEVUiRG675eCvK2umOyxbZlsb2hDyi_SShQtRtWIe5NNy1wScxKa-1JtYh7Nx202IH_uK2RrvibuVB7BtYDuHANNj7IHoxcmlxDET6A1vu9j1wMEsTKy6iNo8o1FPmIHEUWs_g_mvNsTRia1clw6gpEKQA2nQ-4CHYaAohSPzVlzIosk-NWNubvLSnTRGXkEpE6JLuCd5kFoUk4Pezg2phZrgkhOFiRRaMbO5Iv9F5pBmZPxWIpIlwEwWU5ABk2VI9YDQW8lf9Jedy_hUjCrxizAeVc-euMXksWtScDZXUJmEP0o_mK64MgBKdvfWaos5yd-4FxlKQ4SVYJNe5Qh8UZOct7YsIpXkXuhwnPt_zuNMZe3rFNdM46p40afVHo8Kem8rB5wvyvNPx46H8IxEhMwDqDpiKLOScDURFM-GKaQMhmQJf7VbLRQUTxRpQsiozx0lWUnwQL218Pm4JcUnrl3bjOCpM4Z2pe5NXwRsfcMfnxXKUY6mWfVfQSv3-4s7vosDdN9_1SuJWS9bHJ4PLKWIEMN9ZicHlNOz4kv5IAOnEz0PM_PvB8oXq0TK8sEYVRnFsdyl1o4wyYfD6hR5AT5NT7hTn4bbZY6rONEg_4t6K6jdYBF6lQMRO_1_EvKIBhxqy06hy8njFNoU2Ug5Ptr3Zb4p1G0XLHRMCstCrL6g8h69whjQCF7EU9Xc513T2UEC_VT_zRSzX-peDiAm5YcOkbadcYSYE_OEu4smFYNud3LicB2RNMuvHwv1oDTJsbjpIhqcO4tvy_19MkKCyfQxFahw967NrA&sai=AMfl-YSe-UQO1Nrq6haK5ptfGkjKsy5PLHqFR-vgCIqpqsqybHDfXtOGqF1K280C0qDm5fDjR5j8N_CR4_9dNTG5QVTKism-0Qvo6Z1Tarhat2BZSegFA565weOWCR56AwFifAiAido7vntshHjxMmYyzSWtwPsQ1MHNGutCaxMw24eCcC4Ss6jtrv07J9bT74wvzIJHO25ZEFyusRHfAPXlE-ImmrFtzDPjjXnpVnyShHlQNCv75iTcTVHnzlXAf28DtyDQtt4rXCn_Vp100DIU91yQHwjOU4XYK30vA-T_sZW8fylz_AWFy_7dLO2OPWch4Jq-mxk23r3ZJbzWkHTBDDedWpy3S9Yd18o9Ibl4NC5FExoTpsGdLIVd-vNZMSr0gtajfRGOqafOog0jtiCjHNVgVXV-sByzogFV-BFD3_sn&sig=Cg0ArKJSzB56PS72EVHzEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=264&cbvp=1&cstd=263&cisv=r20240109.95094&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 12:59:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/924068/65485209/ Frame 619C 		269 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/924068/65485209/skeleton.js?ias_dspID=3&ias_campId=1010491284&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20321508888&bidurl=https://notisul.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iub-UiXTELeZ8CZfksNtzV
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.209.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-209-93.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4ca06dcc493b6b79191cb1173a9b1b93c993dadbeb5ecabd566c573d849c2fb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 619C 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Origin
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 23:49:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 619C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1snLLFK-FTIUdaDd6q7ZkHFxBrqfL5VpJrYwTrNot-9dupY75_UU_si4aiYF_ZRB4ttb752ncWaJEBJgEdtiXvOEkzcNtCADRRouOlVLSGon5bfFAVD71dm95AxznQc7rr_-FxutKHSlKE3j0QVA5V7PtSuwkol0qBnFQlP6dTT7SdlI&dbm_d=AKAmf-CimbDFpGMXgAVd98RhU3F0FFhmUl26cTyOrXhj-bCCYeqpNs9ZNGLXvgOreslB2b1CwMTs4ttcmdBZwSRtGeRE8fWUh2fc5W5KxnId5Xd6an2XaDLaNi6Msb37tF0-hPkjiJN48cKle5sGZcmWHi8hUwfHIA2rxLrD9iB1xl5YeGmMpvXI21tL9mMVB-bzJLy1Vau0biIDWLl5AcjvTucNTC8m2Vnt0f89CA9rnM9jPPZIEPo2sVYyMMWlzrjEYOLOVfXTE_mM6wX3PM3rxzX02R6Miwk6eSSFW9KnNwEYNBEkQ69KpRuvLyxhilRNjVCXIAYBQ72YLTyv2p5UvNiNqn7POF9nu_DFtIZ5EcARjlkKRH8NVaB2xAfKo6_jFhP9LaoSJNfHkZb1F4nUMkeq-MVYod4YZg9wDHdmSieey7P5IFCx6773JvqjfU2NeXOeiwOnwmke4BWCqjXFs6DzBWP09EQnSqfsxhRXlXiKnvagAFXFnXrXPBQy58YYa2p9QTxl3VUnLEVnKYB759VyAZ5S95afbxwEFCm7KV60ZO3gzPf0fsxAY6C4OCO63_kIExmWgQjAq1OOQd3eqEnhHc_4NPwpY3nioaZ5iX_BtQ6b3SmilPl7-rSZDDTf0Fg7nKatj4jQYwKaIZgaUkF-ZD5XAX8rk-QSpkKrrnWtwfLwRd20eGwduRU2sE9mOIxEU8iFkYJDKBxqM7TaV5ZkpV-h6CN-urAM-SZY0mgTgBsJK69Ko4Csrn71ZfW0ZxIzXBZ0llwjPHCJdZlQjjWy3fVnp1I0SAM0eVHjaGk6IqJk2ktPRt2I022ZU1zJz8AI8BeMA2ccEDwAVeJGPJgVRRx3c8dPlRZ0NrFpHbnLmjZCsYLbaiN3HC3pL6PBwD6895moYoMzhHVzzQV7yrfd8H-1PySKIv_gAcZNQjuZQP_SMaLpZb6OUNaWa-Bh_JQG3PBCVuPyCYmx4rrbJNcGLPfWCrlQvmm9sn_PH840LxnI4Zqbhtx3krceu3sufE3Ryidgc8EZWsDKmGLZsFqVVXSfUYmAst4UqI_Sk0d7gGX_FRzUTk-_0ySsDLpcFQUpzxX9APKveDxMfF1PX81KmOA0rUaf_P0ZeAM9Fp3WDgqJ0x34q3v6Le0rJ41Op6T_C6AL2H7byTnvT562PvnpO-9YhsuL5ziJen5e7c6iChvOPa8pNR-6If4aSVFp_NkqZYxGmvliDoj7c7yz2SNIhiE5YFN-wVND8Mj7BQFN5tFEfGTyE-TTkcYi-7tTkt9DUsDodyyIQDVF5CRM2nhy1EJc9cu2HrLa4gJ_OOeiir7GN6jktXXjA__o2-q7Uh_ak8cRgWVyrDWtIweBSU1cOvAUTp082fUGHfBcSUQnLYJ1C_otwV7oc7HnpCrY6xTqshdR_7nMv6Jch0CttgP91qpb7fmdR_1g93nM58tDWDBcXakaAPtk_8NWup4wtAr-JgJ4nwlPtvH9prIzN9KBBOqteWpN5MtNPKL_Gdx-W1Rav2UNFQx5wTBsGrVak0xgbQfLADgWVN6sqoL5zAJXUrqc81G4LeTonTUolgy354gMQ_sgGfsjx5KkGkTOX1YGf7YBTTBe3dwu4UFK49dtl6Ov3AGRNavYm-tUEieRXxajEhbDoR34WYnkSkN1GsbS_mgQop2vsNFzuNUJwZ4wD7sKCuPlRmN6q9cPgdR-DOgGcXVuiIFHagaSdBC9Xc6V_SbFRYFugJH-8NmZb8TzExVlsHobNPEEovE8MfGVTmPJJ8cDrpFcgVSL7loZ-2EKWFVdwq7cO5apRyMSaGEifSZH_-c3zvmX4LGe9i3x7FiIbEG2YXdMdiAGGmOOYoMKxtW4aIxrQa5HMS_OovtTsPb1mTN-8QRexn7fgBL4twlDJ_X8nfyQCYvJdtDaFKog7yLpiX6aq1YEuyCuaeA-bqoq-Phb1oj-0-XO15h8VTcmb_j_UelEKUwe6FkyF7tDFinsUgLtNJke2_ZO9q3ZHlJbibFaWxG7VnC_0Y0yJ6UivBnq_g3PM9cs55msgRoKhiloh54Kls8naXQHPaTyE_DwH_bo6KspayC6G3tygysrRtPojqtSFgC4A5x3qA7j_D-TM9IK2p3SUEYzUvoI-1kRFfhR4ffKom9_rJy2YpTODvDb1ignu2k25t6IwOaKIa1hyS_BmE_TBfPlnMoe8sKyFCJGID9xIGrOSiJxX6zdACCN_uZHPnzvzQV_opEionggrS7IngoRubdQf1-JuApmEAVXmL5l3tuf-36bx0HPEReBA-t9mzDI82nQziWE14sHhfpQe-olHJFXVF8stIG8D8-3n8CyBKyiO68fy8nr0oBrbrmdedvdG_Xd-93g81CRjNCM3nE9Dg1RE65y6X5K7_ihdfy6mqDQXePo9XT66SHskiQdghLO-Z4-u3Lwi83xopHca5R2nzStfyP2QZmzcBEGrsUaK7m0G85MqC0eLSiJmSli-T_J4e7vAZdkE-hsbMobbWaVM-buO2Uzlvgnbgv1wdfP16oRLYEVqS0J-ydfmZjwqq1Ih_VfxqEvFZ2DfOfFqyXva57Ss3P3gOSIy1AKD-QoAUgRY_4GPvYSJR1RTo4u55zppY0NUl79h_DHNG4zjE36gzBpTGrh11XbXvm3Kib8f0UfSBLSvBQFDPQvKiBHpigs_OGuo88WTFL8RIHomUggoY6lJ-AYx5LbZRC8Zdc61zj3spjM3lx2tYDRKAQXXAkzSRWcKPMxiIvWn5dauAeCKjECiHfiN-ril0dmbvXHCAPIDqyGywSwVdpHR8vnJf1x2lWpaAPZHcX616Qg4f4X2GrZTWxYvq33syGz6qTLaKfzSO5mKF1j1-UTDVQxe9BIhFz1XB6Z0ENKqIc8zF12hoUXMI1uMvrJd30Mw8AoFQWmeDQZe6ZnPwT0Xiyu4RyUJJnJEGIr0OGAWSUNpMUYqTu1i4eqBA17vt4LlOaNB9AhEdaABZCOOApkOLzMYk3_gsy67ajcik-UaBXsOQ-LFpGtzlWFtB747QfQJyERvSOBLKjCHw7ph5wUiL_CsMtTnC3SkRj0aYSveKa6PlzXS3sZ_0QtQxewzBhTEQrM04Bm-LqKa-4qzaTkyaDw2InBN7nsbJbPUtNuPCdL6t3pOw3R5L_vHBTsQk7TOGj_9PDq6uzEd8o04ggEiXye5zYbrX0IpV5T5yIfS55leAwRiH8AdUEpS9W5s24XT8sGuFvY4j20E-lhKjHD8BcuTDO4-McDDPkH_rsktVv5RUoZ_d4vd2sYDMSMc2oxClJ8tTzMC7HK3TWcUzU5Mh-TSDstnncrbocm7fjeXfMvoh8w5D9dwDwl92qNhbsLar4kLdhNIGiCauiZhCoZj8mN-XVixUPX-07VsZaAlRvb2u3jTKEQ5FhNN43gR49vh2-qexJbij-RsTOWgTX-AxhAmTFltNt39UgnTEl-kKmdL0PtrNVv9_rGIHY7TJUI9hlLyutbjiYxZazj1uZ6tCFl826DamhfzqE0Mlr1MAxbeLqQHHT_YoFVUiTP4xE4FJLyPcw5aZjIF_2Fokp7GU_4s_U8cSeu75Pxk_cDmWKKwZhrH9Bm5PeI8UQ9VB3r7t_rDQ9OOX_3z7o26n6Tdqwqqw6FLYxxKxS9ecIgzqx_J57ZosXFxDrv4GNEh1eHlquaUonLoNKzXbd1FRafhYET65WftSjifrzo6mYyHZnOoVAf8uERqz271CYynMPXTYZWTsl5tX1uELOAkTWMSpkqFhIG9ZfcQOr4upEY8HUPmJPInmqLO3cbkyZ7vw2yaIKiLq0_gKXSuAh8FlYP9m9wmW71FGS-jt6KpmItWBgrWqqzoELoEJfsSQkikEIZUlaVTbCPAtRoI9oqbxqbnLADf6LRF1mwzu-IOp4t0UmTo42hO3GJrq6KewyI5srvLIUv7oE4iTxqipEEUnvu8b-cqt_mEJY5lr5efFnT8-6nPdkYnqXUhuwIuL7zj1LbA_SPcaRDVz1KU6fE4hkka4uXULgqeMurH6vNbxTTOG7oz-4qCUZ2ZNFerrohJA&cid=CAQSPAAvHhf_vLx-OvY2AnyNu-WUZL4QoMFRYJcOa83xe-SAvGhNCfvCQrfjDVxW_1UVy-qJeX5VUsAD0edjsRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnotisul.com.br%2F&ds=l&xdt=1&iif=1&cor=2973605578481860000&adk=4188270524&idt=119&cac=0&dtd=35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
63558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:20:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 619C 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1snLLFK-FTIUdaDd6q7ZkHFxBrqfL5VpJrYwTrNot-9dupY75_UU_si4aiYF_ZRB4ttb752ncWaJEBJgEdtiXvOEkzcNtCADRRouOlVLSGon5bfFAVD71dm95AxznQc7rr_-FxutKHSlKE3j0QVA5V7PtSuwkol0qBnFQlP6dTT7SdlI&dbm_d=AKAmf-CimbDFpGMXgAVd98RhU3F0FFhmUl26cTyOrXhj-bCCYeqpNs9ZNGLXvgOreslB2b1CwMTs4ttcmdBZwSRtGeRE8fWUh2fc5W5KxnId5Xd6an2XaDLaNi6Msb37tF0-hPkjiJN48cKle5sGZcmWHi8hUwfHIA2rxLrD9iB1xl5YeGmMpvXI21tL9mMVB-bzJLy1Vau0biIDWLl5AcjvTucNTC8m2Vnt0f89CA9rnM9jPPZIEPo2sVYyMMWlzrjEYOLOVfXTE_mM6wX3PM3rxzX02R6Miwk6eSSFW9KnNwEYNBEkQ69KpRuvLyxhilRNjVCXIAYBQ72YLTyv2p5UvNiNqn7POF9nu_DFtIZ5EcARjlkKRH8NVaB2xAfKo6_jFhP9LaoSJNfHkZb1F4nUMkeq-MVYod4YZg9wDHdmSieey7P5IFCx6773JvqjfU2NeXOeiwOnwmke4BWCqjXFs6DzBWP09EQnSqfsxhRXlXiKnvagAFXFnXrXPBQy58YYa2p9QTxl3VUnLEVnKYB759VyAZ5S95afbxwEFCm7KV60ZO3gzPf0fsxAY6C4OCO63_kIExmWgQjAq1OOQd3eqEnhHc_4NPwpY3nioaZ5iX_BtQ6b3SmilPl7-rSZDDTf0Fg7nKatj4jQYwKaIZgaUkF-ZD5XAX8rk-QSpkKrrnWtwfLwRd20eGwduRU2sE9mOIxEU8iFkYJDKBxqM7TaV5ZkpV-h6CN-urAM-SZY0mgTgBsJK69Ko4Csrn71ZfW0ZxIzXBZ0llwjPHCJdZlQjjWy3fVnp1I0SAM0eVHjaGk6IqJk2ktPRt2I022ZU1zJz8AI8BeMA2ccEDwAVeJGPJgVRRx3c8dPlRZ0NrFpHbnLmjZCsYLbaiN3HC3pL6PBwD6895moYoMzhHVzzQV7yrfd8H-1PySKIv_gAcZNQjuZQP_SMaLpZb6OUNaWa-Bh_JQG3PBCVuPyCYmx4rrbJNcGLPfWCrlQvmm9sn_PH840LxnI4Zqbhtx3krceu3sufE3Ryidgc8EZWsDKmGLZsFqVVXSfUYmAst4UqI_Sk0d7gGX_FRzUTk-_0ySsDLpcFQUpzxX9APKveDxMfF1PX81KmOA0rUaf_P0ZeAM9Fp3WDgqJ0x34q3v6Le0rJ41Op6T_C6AL2H7byTnvT562PvnpO-9YhsuL5ziJen5e7c6iChvOPa8pNR-6If4aSVFp_NkqZYxGmvliDoj7c7yz2SNIhiE5YFN-wVND8Mj7BQFN5tFEfGTyE-TTkcYi-7tTkt9DUsDodyyIQDVF5CRM2nhy1EJc9cu2HrLa4gJ_OOeiir7GN6jktXXjA__o2-q7Uh_ak8cRgWVyrDWtIweBSU1cOvAUTp082fUGHfBcSUQnLYJ1C_otwV7oc7HnpCrY6xTqshdR_7nMv6Jch0CttgP91qpb7fmdR_1g93nM58tDWDBcXakaAPtk_8NWup4wtAr-JgJ4nwlPtvH9prIzN9KBBOqteWpN5MtNPKL_Gdx-W1Rav2UNFQx5wTBsGrVak0xgbQfLADgWVN6sqoL5zAJXUrqc81G4LeTonTUolgy354gMQ_sgGfsjx5KkGkTOX1YGf7YBTTBe3dwu4UFK49dtl6Ov3AGRNavYm-tUEieRXxajEhbDoR34WYnkSkN1GsbS_mgQop2vsNFzuNUJwZ4wD7sKCuPlRmN6q9cPgdR-DOgGcXVuiIFHagaSdBC9Xc6V_SbFRYFugJH-8NmZb8TzExVlsHobNPEEovE8MfGVTmPJJ8cDrpFcgVSL7loZ-2EKWFVdwq7cO5apRyMSaGEifSZH_-c3zvmX4LGe9i3x7FiIbEG2YXdMdiAGGmOOYoMKxtW4aIxrQa5HMS_OovtTsPb1mTN-8QRexn7fgBL4twlDJ_X8nfyQCYvJdtDaFKog7yLpiX6aq1YEuyCuaeA-bqoq-Phb1oj-0-XO15h8VTcmb_j_UelEKUwe6FkyF7tDFinsUgLtNJke2_ZO9q3ZHlJbibFaWxG7VnC_0Y0yJ6UivBnq_g3PM9cs55msgRoKhiloh54Kls8naXQHPaTyE_DwH_bo6KspayC6G3tygysrRtPojqtSFgC4A5x3qA7j_D-TM9IK2p3SUEYzUvoI-1kRFfhR4ffKom9_rJy2YpTODvDb1ignu2k25t6IwOaKIa1hyS_BmE_TBfPlnMoe8sKyFCJGID9xIGrOSiJxX6zdACCN_uZHPnzvzQV_opEionggrS7IngoRubdQf1-JuApmEAVXmL5l3tuf-36bx0HPEReBA-t9mzDI82nQziWE14sHhfpQe-olHJFXVF8stIG8D8-3n8CyBKyiO68fy8nr0oBrbrmdedvdG_Xd-93g81CRjNCM3nE9Dg1RE65y6X5K7_ihdfy6mqDQXePo9XT66SHskiQdghLO-Z4-u3Lwi83xopHca5R2nzStfyP2QZmzcBEGrsUaK7m0G85MqC0eLSiJmSli-T_J4e7vAZdkE-hsbMobbWaVM-buO2Uzlvgnbgv1wdfP16oRLYEVqS0J-ydfmZjwqq1Ih_VfxqEvFZ2DfOfFqyXva57Ss3P3gOSIy1AKD-QoAUgRY_4GPvYSJR1RTo4u55zppY0NUl79h_DHNG4zjE36gzBpTGrh11XbXvm3Kib8f0UfSBLSvBQFDPQvKiBHpigs_OGuo88WTFL8RIHomUggoY6lJ-AYx5LbZRC8Zdc61zj3spjM3lx2tYDRKAQXXAkzSRWcKPMxiIvWn5dauAeCKjECiHfiN-ril0dmbvXHCAPIDqyGywSwVdpHR8vnJf1x2lWpaAPZHcX616Qg4f4X2GrZTWxYvq33syGz6qTLaKfzSO5mKF1j1-UTDVQxe9BIhFz1XB6Z0ENKqIc8zF12hoUXMI1uMvrJd30Mw8AoFQWmeDQZe6ZnPwT0Xiyu4RyUJJnJEGIr0OGAWSUNpMUYqTu1i4eqBA17vt4LlOaNB9AhEdaABZCOOApkOLzMYk3_gsy67ajcik-UaBXsOQ-LFpGtzlWFtB747QfQJyERvSOBLKjCHw7ph5wUiL_CsMtTnC3SkRj0aYSveKa6PlzXS3sZ_0QtQxewzBhTEQrM04Bm-LqKa-4qzaTkyaDw2InBN7nsbJbPUtNuPCdL6t3pOw3R5L_vHBTsQk7TOGj_9PDq6uzEd8o04ggEiXye5zYbrX0IpV5T5yIfS55leAwRiH8AdUEpS9W5s24XT8sGuFvY4j20E-lhKjHD8BcuTDO4-McDDPkH_rsktVv5RUoZ_d4vd2sYDMSMc2oxClJ8tTzMC7HK3TWcUzU5Mh-TSDstnncrbocm7fjeXfMvoh8w5D9dwDwl92qNhbsLar4kLdhNIGiCauiZhCoZj8mN-XVixUPX-07VsZaAlRvb2u3jTKEQ5FhNN43gR49vh2-qexJbij-RsTOWgTX-AxhAmTFltNt39UgnTEl-kKmdL0PtrNVv9_rGIHY7TJUI9hlLyutbjiYxZazj1uZ6tCFl826DamhfzqE0Mlr1MAxbeLqQHHT_YoFVUiTP4xE4FJLyPcw5aZjIF_2Fokp7GU_4s_U8cSeu75Pxk_cDmWKKwZhrH9Bm5PeI8UQ9VB3r7t_rDQ9OOX_3z7o26n6Tdqwqqw6FLYxxKxS9ecIgzqx_J57ZosXFxDrv4GNEh1eHlquaUonLoNKzXbd1FRafhYET65WftSjifrzo6mYyHZnOoVAf8uERqz271CYynMPXTYZWTsl5tX1uELOAkTWMSpkqFhIG9ZfcQOr4upEY8HUPmJPInmqLO3cbkyZ7vw2yaIKiLq0_gKXSuAh8FlYP9m9wmW71FGS-jt6KpmItWBgrWqqzoELoEJfsSQkikEIZUlaVTbCPAtRoI9oqbxqbnLADf6LRF1mwzu-IOp4t0UmTo42hO3GJrq6KewyI5srvLIUv7oE4iTxqipEEUnvu8b-cqt_mEJY5lr5efFnT8-6nPdkYnqXUhuwIuL7zj1LbA_SPcaRDVz1KU6fE4hkka4uXULgqeMurH6vNbxTTOG7oz-4qCUZ2ZNFerrohJA&cid=CAQSPAAvHhf_vLx-OvY2AnyNu-WUZL4QoMFRYJcOa83xe-SAvGhNCfvCQrfjDVxW_1UVy-qJeX5VUsAD0edjsRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnotisul.com.br%2F&ds=l&xdt=1&iif=1&cor=2973605578481860000&adk=4188270524&idt=119&cac=0&dtd=35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
63558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:20:11 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 619C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 22:05:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
312833
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 22:05:36 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 7252 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3668451
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25280
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-62c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POqxotgyam%2BYKaHPeQPn3tt7mOU%2FoY2VxtD95VNiVqqxsdx3B07DYCzm70TeuIJdylRguu6QTVa4KVRSxsPXaRyqzgpm1R3qyIHKi6o80JdP1TGx9EL0toXCHnw8KvQU4HlU9daT8TPCscLMa2BzWcGq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
844593b43b491e66-FRA
expires
Wed, 01 Jan 2025 12:59:29 GMT
CSSRulePlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 7252 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6246585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
821
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-335"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9QnOtpS6Wd%2Fvs9gDDaUxZlDE88Q6Jsu1t1g19XlIyfi8EnrRjKXSAVLEi%2B9O%2BHr2GzbnuqTycOW292Dg%2FieevKv5vXiKGA9awpYLHbYkK0hgZLOX709zS7%2BXIqhEx0Q64L5Nvh8EowfZxzMZXs68MdP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
844593b43b4d1e66-FRA
expires
Wed, 01 Jan 2025 12:59:29 GMT
f378cfc5.svg
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/f378cfc5.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 09:07:46 GMT
date
Tue, 09 Jan 2024 09:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273103
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2433
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
13dc9848.svg
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		669 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/13dc9848.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 11:37:57 GMT
date
Fri, 12 Jan 2024 11:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4892
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4332eb45.svg
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/4332eb45.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:53:44 GMT
date
Tue, 09 Jan 2024 08:53:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273945
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2343
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
680f0e38.jpg
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/680f0e38.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f8337699a9d881fc34d9d9078ac68b45d9a53dfae0d2fbf2b10cc7c727dc9aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:53:49 GMT
date
Tue, 09 Jan 2024 08:53:49 GMT
x-content-type-options
nosniff
age
273940
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55040
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
50a5bd3a.jpeg
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/50a5bd3a.jpeg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc515702575df353afefc760cdbe5b200a89fd9b4e10939142001f41b0ef0a7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:47:05 GMT
date
Tue, 09 Jan 2024 08:47:05 GMT
x-content-type-options
nosniff
age
274344
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78195
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4c957c4e.jpg
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/4c957c4e.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efc9fd1be32fe67eb8c42c46a4eec9773844b09c3181edb23e3b5fa38e69a2f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 06:00:26 GMT
date
Fri, 12 Jan 2024 06:00:26 GMT
x-content-type-options
nosniff
age
25143
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35239
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
31152810.svg
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		302 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/31152810.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:48:26 GMT
date
Tue, 09 Jan 2024 08:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274263
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ca3cf992.png
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/ca3cf992.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8897aaf8bcb4fda8e1ab3c189b898b336db6648567a6e40788a36495aadcd6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:47:23 GMT
date
Wed, 10 Jan 2024 20:47:23 GMT
x-content-type-options
nosniff
age
144726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2548
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
6eb0cb99.png
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/6eb0cb99.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0eb1723fb6707e32a0f0bf794bebcaca9aa48b414a9569fc4fc097d0451c47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:47:08 GMT
date
Tue, 09 Jan 2024 08:47:08 GMT
x-content-type-options
nosniff
age
274341
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4322
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
6564fd3a.png
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/6564fd3a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e451b803dd55379c994420c1f85f6f405914d31b781f7dd7e06d92555a04ebb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 09:04:47 GMT
date
Tue, 09 Jan 2024 09:04:47 GMT
x-content-type-options
nosniff
age
273282
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2227
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
f5d5637d.png
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/f5d5637d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
703aa1a34adc0fb4dd4927b41f0416cddc4fe0a838bd844e582d06ea45e209fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 11:37:57 GMT
date
Fri, 12 Jan 2024 11:37:57 GMT
x-content-type-options
nosniff
age
4892
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3809
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
2e37c1fc.png
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/2e37c1fc.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2930f1b043eb43513a572ab009bc93af14a97086bccceb715cb21cf1a6e75b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:59:19 GMT
date
Wed, 10 Jan 2024 20:59:19 GMT
x-content-type-options
nosniff
age
144010
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1638
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4e0a8199.png
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/4e0a8199.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a90725ba7b25beeb67a6ed70a1a1ad5f68a4e7dcf7194d1da51cce6797aac6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:53:13 GMT
date
Tue, 09 Jan 2024 08:53:13 GMT
x-content-type-options
nosniff
age
273976
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3163
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
d3ce6798.svg
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		820 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/d3ce6798.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 12:56:58 GMT
date
Fri, 12 Jan 2024 12:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
470
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1147abdf.svg
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		769 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/1147abdf.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:48:30 GMT
date
Tue, 09 Jan 2024 08:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274259
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
401
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
fb219268.png
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/fb219268.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bff1f388d80b2f7dbc9b192279bf2815032558656ac3599a586d291b5d36c35e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:56:01 GMT
date
Tue, 09 Jan 2024 08:56:01 GMT
x-content-type-options
nosniff
age
273808
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3011
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4f96e9f5.png
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/4f96e9f5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9720467b788e8976050b4faf85895c09c71bf3e5b10b3ed3cec0f3dcc0b8a41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:45:46 GMT
date
Tue, 09 Jan 2024 08:45:46 GMT
x-content-type-options
nosniff
age
274423
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5255
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
0f373144.png
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/0f373144.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:44:39 GMT
date
Tue, 09 Jan 2024 08:44:39 GMT
x-content-type-options
nosniff
age
274490
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
c8840ccb.png
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/c8840ccb.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:48:30 GMT
date
Tue, 09 Jan 2024 08:48:30 GMT
x-content-type-options
nosniff
age
274259
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
fda95bfc.png
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/fda95bfc.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20e11c94a46d8cc1048433774b7d06e75c38566a06bbe38806386c3f93f66aea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 12:52:47 GMT
date
Fri, 12 Jan 2024 12:52:47 GMT
x-content-type-options
nosniff
age
402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9445
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
c491ebbf.png
s0.2mdn.net/sadbundle/14731813396773076992/images/ Frame 7252 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14731813396773076992/images/c491ebbf.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aba70f8bb9e5dea8a5278cd67158dbec9deca46281cd1021023d2850abe29bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14731813396773076992/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:58:16 GMT
date
Tue, 09 Jan 2024 08:58:16 GMT
x-content-type-options
nosniff
age
273673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23093
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 559D 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63558
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 19:20:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 619C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
829c8a9ecdaef92c8655fb576cb6fcde16de5ab95638d953c513e4362faf0181

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame F916 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 02:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
37007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 02:42:42 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 556E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 02:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
37007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 02:42:42 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 93A8 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3668451
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25280
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-62c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WsCO%2FAaAGkzNOeOZzVcEh%2FLUrRtauw7G2XuVrvV4PzxiOsB2JrCFGb5wVzwSV78H5e2PLGIkFrxuo70JcI4idigT6pgznx07SFQynPTRCaynvNvkfI3p5Jpb6IHrxm3eBJh7Kh84%2Bbus3waQSvOtN741"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
844593b44b5c1e66-FRA
expires
Wed, 01 Jan 2025 12:59:29 GMT
CSSRulePlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 93A8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6246585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
821
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-335"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3furGMbiQ8Msx4Fj1GQNGoKqKqvV0OJ3nAl7%2B1wdN50iHODsgQiRCLrhUYcNlwMzUBlaoAlCDaLaNZw3hxwZlIQKpqxcWwQ86HhSTK8yRQ4V6znLgXMyBRCg3G86jQEfzzTs486Q24yTs4hDXew4%2Bdn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
844593b44b5d1e66-FRA
expires
Wed, 01 Jan 2025 12:59:29 GMT
13dc9848.svg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		669 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/13dc9848.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 09:03:10 GMT
date
Tue, 09 Jan 2024 09:03:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273379
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4d968df7.jpg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/4d968df7.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67da98923e0202fdb1531f6d788ff4c85b696db4e87fbc1711769a2fdd79c071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:48:09 GMT
date
Tue, 09 Jan 2024 08:48:09 GMT
x-content-type-options
nosniff
age
274280
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36931
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
925934db.jpg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/925934db.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1c4c7350feb68bef34a3bfe27712366db8ced582e51b85f934568d87848826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:45:29 GMT
date
Tue, 09 Jan 2024 08:45:29 GMT
x-content-type-options
nosniff
age
274440
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25536
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
d357c4fb.jpg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/d357c4fb.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc14bcc45ee7406a2aa6a28f7158443230ec0d48d3bc6b1d6707e98ea68204a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 19:12:12 GMT
date
Tue, 09 Jan 2024 19:12:12 GMT
x-content-type-options
nosniff
age
236837
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42994
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4332eb45.svg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/4332eb45.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 17:49:29 GMT
date
Tue, 09 Jan 2024 17:49:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241800
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2343
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
f378cfc5.svg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/f378cfc5.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 09:04:49 GMT
date
Tue, 09 Jan 2024 09:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273280
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2433
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
31152810.svg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		302 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/31152810.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:44:21 GMT
date
Tue, 09 Jan 2024 08:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274508
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
aef85528.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/aef85528.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6e3fd75e470cd50759b897eab984da9b5cafeda028be8eba2e779e41df6d818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 19:42:19 GMT
date
Wed, 10 Jan 2024 19:42:19 GMT
x-content-type-options
nosniff
age
148630
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2559
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
083066d0.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/083066d0.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
185ee6c604469276f38fddfd5ec30d536bc7d1ec539289d947184abc8e6226b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:56:56 GMT
date
Tue, 09 Jan 2024 08:56:56 GMT
x-content-type-options
nosniff
age
273753
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4267
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
e8339025.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/e8339025.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
544d408eda70d8e8e0fd9a5545da5cd334699f0dc0323df9433d2fba23abdb02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:47:03 GMT
date
Tue, 09 Jan 2024 08:47:03 GMT
x-content-type-options
nosniff
age
274346
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1890
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
41374161.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/41374161.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
206efabc5087f2c77692b82b7be8c386d62d4030e6274934b97158d2e0fc3d2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 09:07:50 GMT
date
Tue, 09 Jan 2024 09:07:50 GMT
x-content-type-options
nosniff
age
273099
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3284
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
5e0da0d6.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/5e0da0d6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f26944bb0a49105870ed138904641479bf78b09126c60f19be224f02c07eb89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 09:04:49 GMT
date
Tue, 09 Jan 2024 09:04:49 GMT
x-content-type-options
nosniff
age
273280
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1579
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
a32ff691.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/a32ff691.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053fc6fcd14cf8117c1262ce3601b7922eab00187ee6a3ad05cf77ced1e144bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:47:18 GMT
date
Tue, 09 Jan 2024 08:47:18 GMT
x-content-type-options
nosniff
age
274331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3153
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
d3ce6798.svg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		820 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/d3ce6798.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:47:42 GMT
date
Wed, 10 Jan 2024 20:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144707
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
470
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1147abdf.svg
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		769 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/1147abdf.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 09:05:43 GMT
date
Tue, 09 Jan 2024 09:05:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273226
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
401
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
0f373144.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/0f373144.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:51:48 GMT
date
Tue, 09 Jan 2024 08:51:48 GMT
x-content-type-options
nosniff
age
274061
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
c8840ccb.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/c8840ccb.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 06:29:38 GMT
date
Fri, 12 Jan 2024 06:29:38 GMT
x-content-type-options
nosniff
age
23391
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
04c2b1b2.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/04c2b1b2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4537461f441a3efc94cd109d0778ec4167ab27d45ae7b3b3a16ca6bd1f8a5d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:56:56 GMT
date
Tue, 09 Jan 2024 08:56:56 GMT
x-content-type-options
nosniff
age
273753
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3118
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
03ff1f4d.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/03ff1f4d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f9559aa325d9cd7b03b11455ab23d2c0a40cc8bcc9a587db57dc967bb90ab52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 09:00:59 GMT
date
Tue, 09 Jan 2024 09:00:59 GMT
x-content-type-options
nosniff
age
273510
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5559
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4e2e399c.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/4e2e399c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7206b90765eb10db48bbf9957d0ac0bc36b251354b5d196af83bd1a766713124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 09:05:13 GMT
date
Tue, 09 Jan 2024 09:05:13 GMT
x-content-type-options
nosniff
age
273256
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15167
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
6b6f69c1.png
s0.2mdn.net/sadbundle/915966008651415552/images/ Frame 93A8 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/915966008651415552/images/6b6f69c1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69b0bfc7061b97ed7930edb3b4fbc57da801322b7e62eb7f595c128d052edd46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/915966008651415552/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:48:09 GMT
date
Tue, 09 Jan 2024 08:48:09 GMT
x-content-type-options
nosniff
age
274280
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32884
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 11:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame A3C8 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
312833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 22:05:36 GMT
expires
Tue, 07 Jan 2025 22:05:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 559D
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEDnIO7JMGhVZIVJrjpPmDEU&google_cver=1&google_push=AXcoOmTa2KlJJG_BaQe2O_L532ckFVBZU2cIAXTR3sTjz-DbdvS7zBJ87GkTpmQ92GmwHXX4fPEj-mC0lm0jHP4RsqcXDh8TTkra
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=876041865416&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=876041865416&us_privacy=1---
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=876041865416&us_privacy=1---
content-length
0
sync
x.bidswitch.net/ Frame 559D 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAyXNGpe0FNIHPAWpInyBzA&google_cver=1&google_push=AXcoOmQsqWXRilZR_K_YwWR0v40lykJazJnAxssW7tqehgWBYbK3bpFQv0XWEJ-SeDwO5s848pQHicqSsZpsIxftH9sY9l1rmAFd
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.61.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-61-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 559D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKIQ5HYkB_AvDMCpQjzGUOw&google_cver=1&google_push=AXcoOmQ1v1_dZYUcxNC9C4bUINl96m1b8PIQl1HasMpMm5rPDISh9DWaBtylLtbHlUDQGBONxa33RuBS-3BnwSVlNrpNSeL...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ1v1_dZYUcxNC9C4bUINl96m1b8PIQl1HasMpMm5rPDISh9DWaBtylLtbHlUDQGBONxa33RuBS-3BnwSVlNrpNSeLtBg4&google_hm=eS1RcGlKaGtoRTJwRmhNRE9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ1v1_dZYUcxNC9C4bUINl96m1b8PIQl1HasMpMm5rPDISh9DWaBtylLtbHlUDQGBONxa33RuBS-3BnwSVlNrpNSeLtBg4&google_hm=eS1RcGlKaGtoRTJwRmhNRE9kaFdoUjE1LlZDVkFaWmFOTn5B
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 12:59:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ1v1_dZYUcxNC9C4bUINl96m1b8PIQl1HasMpMm5rPDISh9DWaBtylLtbHlUDQGBONxa33RuBS-3BnwSVlNrpNSeLtBg4&google_hm=eS1RcGlKaGtoRTJwRmhNRE9kaFdoUjE1LlZDVkFaWmFOTn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 559D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL43oR0Ve4JQAyOkART0i2I&google_cver=1&google_push=AXcoOmQ9sQtxv3NoUNbPS5fh0EsV8YiR_qKmRVeaWa3Kw0vo-K5LEZJNUUbuc9DlIVmE4RIDESHEzLDp...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4ODI1MDY0MzUyODk1NzMwNQ&google_push=AXcoOmQ9sQtxv3NoUNbPS5fh0EsV8YiR_qKmRVeaWa3Kw0vo-K5LEZJNUUbuc9DlIVmE4RIDESHEzL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4ODI1MDY0MzUyODk1NzMwNQ&google_push=AXcoOmQ9sQtxv3NoUNbPS5fh0EsV8YiR_qKmRVeaWa3Kw0vo-K5LEZJNUUbuc9DlIVmE4RIDESHEzLDpf5RnxPyTYl34XPNtSTBU
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4ODI1MDY0MzUyODk1NzMwNQ&google_push=AXcoOmQ9sQtxv3NoUNbPS5fh0EsV8YiR_qKmRVeaWa3Kw0vo-K5LEZJNUUbuc9DlIVmE4RIDESHEzLDpf5RnxPyTYl34XPNtSTBU
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 559D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
  • https://sync.targeting.unrulymedia.com/csync/RX-3b032c35-dab2-46ca-b3ba-c571f93d9289-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmS6Ugd7EA0VRv-CFVG_l...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS6Ugd7EA0VRv-CFVG_lljHhMFKnaUcwqYWqWZeX9o8VEnAsnRbwz8urmACTKzOiI7TqPSTU0MOb77uCoh3IdaQ_jAu_mt-&google_hm=AzsDLDXaskbKs7rFcfk9kok
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS6Ugd7EA0VRv-CFVG_lljHhMFKnaUcwqYWqWZeX9o8VEnAsnRbwz8urmACTKzOiI7TqPSTU0MOb77uCoh3IdaQ_jAu_mt-&google_hm=AzsDLDXaskbKs7rFcfk9kok
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS6Ugd7EA0VRv-CFVG_lljHhMFKnaUcwqYWqWZeX9o8VEnAsnRbwz8urmACTKzOiI7TqPSTU0MOb77uCoh3IdaQ_jAu_mt-&google_hm=AzsDLDXaskbKs7rFcfk9kok
date
Fri, 12 Jan 2024 12:59:29 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3b032c35dab246cab3bac571f93d9289003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 559D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKYFc8cke-y8aJhVVmafNl0&google_cver=1&google_push=AXcoOmSen2VOfCczchTGWWQnxAGLaDAozyF-N8JOwWuch4sVsMPotU08XQ7hkImoglXjkswNcHIS2ZO0_xAtnCJgyNQMRw9w3rQ
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSen2VOfCczchTGWWQnxAGLaDAozyF-N8JOwWuch4sVsMPotU08XQ7hkImoglXjkswNcHIS2ZO0_xAtnCJgyNQMRw9w3rQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg5NTY4MzAyMTgwNTE5Mjc2MTU0&google_push=AXcoOmSen2VOfCczchTGWWQnxAGLaDAozyF-N8JOwWuch4sVsMPotU08XQ7hkImo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg5NTY4MzAyMTgwNTE5Mjc2MTU0&google_push=AXcoOmSen2VOfCczchTGWWQnxAGLaDAozyF-N8JOwWuch4sVsMPotU08XQ7hkImoglXjkswNcHIS2ZO0_xAtnCJgyNQMRw9w3rQ
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg5NTY4MzAyMTgwNTE5Mjc2MTU0&google_push=AXcoOmSen2VOfCczchTGWWQnxAGLaDAozyF-N8JOwWuch4sVsMPotU08XQ7hkImoglXjkswNcHIS2ZO0_xAtnCJgyNQMRw9w3rQ
date
Fri, 12 Jan 2024 12:59:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 559D 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDEASgcLWPYMljIm0S6tJAg&google_cver=1&google_push=AXcoOmTdPLGwuUwW-NXhBPnA4CkQNh3m_bMCnOSlH_awb_SeOfL7pZOiFokbI3Mo5aiO2jCzA16jSY4gwfb3Ex9TjPhex1vDM5In
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.75 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:28 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 559D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYHpcecugw2ILIDvB7etPDf4zDPDY29FHSl96OfyW06V1uIcLSj5hQka2Eb9ALGssRylqo
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/17763968863331942400/ Frame CA06 		1000 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17763968863331942400/index.html?e=69&leftOffset=0&topOffset=0&c=iWvrM2yztd&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
890ada2c96922f7b20f83d63909f22bd3d65ed040ca82bf61607746d05d332a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
514
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:29 GMT
expires
Sat, 11 Jan 2025 12:59:29 GMT
last-modified
Thu, 25 Aug 2022 12:19:20 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 619C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0BZRKr_6X8_DtphF41StEqiegHfRlLdXSjOzpmDlMSEtbNrXgR0tHdLnA5uRZHtj1bjJZhyUk4OtrQQwGRLIi3LaHZd7zUK69ORvdNwydbNfJg9Y_rwfPV-e3uYgfPm0vNvAlK066jftFiAXuHreBETyF2EiYPfTbJMBExq-KYpgJbEsJve2f8x6Bv9KLCxBNglqlWUp0-f5OEFtFLG762jG6PahSBlO0Ucd_KpCJJ4SHNhHdExRHHBI5tf3fNUGgtKXp4uKCx4Ru_zkrhU7GyNi0DZimBsIywNDydxc5QORzrN34Ot2cHYAY-HnKxkYNTlx5J-rbtHwZIl0asyixtTtEthJYASdekyQuwNmvT5aye9Hm45jTcV20D2zUa_A07L2dbGSln8nnCMrBaiYQYaDePv4ABylYnTUW7lX1X0UAVqcMQlhmSF2rUmN49Oskc_epQwhJAuwj8UpNXjFp3cBb5z_QzpwRhbucnbiWzy2j7nJd40DrtE19gVezXR6q0gEK96n-V_UI0fx0tbTwB8qbO7a8yewIkv5YZA8OV9e1K04QvakjhFDlXLcGejJYj_NMJ-0RV5KCEPuc_7oBKUCqtjgAttGNpG2EzTIV5ho4zwW2FJh4M3na_e3zzeQ6m09L8pEgV6FniuOMc_SEuu7lwN73ryztdrg_TnApYh8WNSJ8jCnN0Uj-41GpSd3B2mF0yH2xrQTdkH8yPCLzQyvekPAZegRxPA92xsBHp70IU2JiElmbHsLk1b6BIAiz7-6gO6V4ZvJB-o_VFCljgLllr2wsrqkQFYxt59ldoUlPwBdmukXmjmcPg7g38TrWkrrE2c_mWhAx7aipF-PJ-fQiQcysfSbTwxD2xmMEcYS1zt966_XL41UuUTbrTTVCt-aovN0cL1ASLhR_f6OYwA6M_X6N4Ych3svAC8vC3cXv8ZjKtnVCo_7JRrgVlcRsC_9eb1GPUElZjx4p8On0w7eyPUZ2QJpTfrE28JnZv9-MDc4bjgpS21-rlgh4s18a_QSdXlCTOlw8iw-_k8y8yrI-rRwo6Cb3J_rpMgIMRF4UjDQ_-8Cg5V8tBvM1rcoWQk4n_Ugz46nixPROArKAaZhcU2p3ADMi23Tp2_w-zW2hENslxqdx6eyF1TmPhqKrlLA7CXTFyWDxOTfDwQ-DgtvUmpR8juyPZlZXrsFZvVeHGc2S5esPyM3jFYWEojXkb0Kt28fZ1T3ppqz-htDY1VaMc2rU7ka5upVfYJQiuJkG29K4GohXT6vmMgfbUkZRVtN-MrkEptglBBRt4c90VSBOaiWMLZmswyN7xFLJm2amowehQQlHu6pRJgcwsyDOWvWNZRmDwTrhZezQPx1uZfRORlAUhZbdOJgiObYECdWvcJGKcEpjqjxCTDnackNSOK1wrQeBrbu_fmhwqdk9b8fesu5HtVm1-xdLSqGaonpCdNVmsotIn947KDLwRdB8WSjfgHEPw_6y2OP8ClOKhqMUAR5Yvg&sai=AMfl-YTNOs_5nzsVTjwnNxvqJRB8uj2G5u_zse69xGuKs_fDjacjRFR0F62ZwHCl20Ifnz9O53IwxXViAS3nhpmeyF0TicTPpZpGH0EwLlq18EzQw1SOGDxmWl1AWot4AvGks-mU3Z-QCrVBPescQe1F3fCK0uhSHMJRGpR1WgFg7jmWRl83d20sc7t9V8-GQPAlDePQZjYeru4pREIacPTh9_Gg2LDqy4Cp4q3tK9qKNpdWBQ7jZO82ufF2pgCKueoBpBA1zC0&sig=Cg0ArKJSzMmtcjOJ4uH3EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=214&cbvp=1&cstd=204&cisv=r20240108.91314&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 12:59:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
getbid
rtb.avantisvideo.com/api/v1/auction/ 		11 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.67.132 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-67-132.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
11
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notisul.com.br
x-download-options
noopen
access-control-allow-credentials
true
getbid
rtb.avantisvideo.com/api/v1/auction/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.67.132 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-67-132.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://notisul.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://notisul.com.br
access-control-max-age
86400
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Fri, 12 Jan 2024 12:59:29 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
3
rtb.avantisvideo.com/api/v1/usersync/setuid/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=$UID&suid=3d3f422c-5ad7-4b03-bed7-ca0dff21fa49
  • https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=7719760622808119083&suid=3d3f422c-5ad7-4b03-bed7-ca0dff21fa49
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=7719760622808119083&suid=3d3f422c-5ad7-4b03-bed7-ca0dff21fa49
Protocol
H2
Server
34.215.67.132 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-67-132.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
an-x-request-uuid
f2e5d000-289b-489b-ae84-78b3f65cb844
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=7719760622808119083&suid=3d3f422c-5ad7-4b03-bed7-ca0dff21fa49
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame 1615 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsucQGDTFdWbnfw6jpDJJR0a-q93_XAqflR1-B15hqM7dqyxcY9WL1ukHK3XRGIPQdWIPRza0o7d0HpOvleunNOfBNvJSfirmRRZUGVTRuXPiBNy6zmrtK943HAgrGu2AGCjQkiANw21E3HC5p5Qp3WTrnGrwIwi1fhYQMgdFJ7Sg5x_d1d00NxdkxLzDmlBDxNv9e-Gk7ltU853waq3Qdl-vpQ8WAW1_Mbcg44k1pdmUb37LAzQvmcgyFaOytGKlNYtqI-qE_gfnR27lZzrEeoOEW9xPMJy70YkNnqR-hgEsexqqCMvVmRvt7qbTEbZNST4w2if7OvBAR1PncCOaU7UyGAl0EbE4igHk7jfEthb3hrTfOw2d8QNAPaAL9YVxy1UW0e6Gw6OEiSL6GR2vA1qbGqeqwE8NxWLTLJ-Bi6Fv6YHoOTGAmeb2aQuqA0HWVGkHP3jiW8AyDH2L3yr_bDgkEF8JLnm1ctUE1nalwXb221Vikw4uJy5Pa-jum259TeRdHQWNvXTwHD6I5DCb82AanCQmY1yO1Gr0dCJKEfnpowh_PhK7zkaOSO2_rnwjZrmR5op11PMArIo3d65J0OEABK9LBZiMBannJYWwy7_toRGD3GQaiQ3WGbroFvubqTkp7l0OdOvtLgDY8kEcA09oCjO4_WB0wmRMbyUWINjOqhCyf-kV7tdx9Mdlxw7QKig1q3HBNICWZo0YbfVCspXFi-VLuYtyf4M62jznt0tYq3_DchGYEJ25C-v5KfbhFzK3iNrSLHFI_ZQeu6C6wSE6TfuBa7yVCuqPaXdjk6FYoKaNykY0OimIEiQNg63RMAG6xK8H3e3alzOeFYx6sF9XufiHiO_ZW8wgVShzmduZdOx_cEBD4NKLB3KmSo_S-XQjzdHerKBsc5aTyGe5IuVh2fb_fkGILtilz_HPFXfI1uHXO4O11G4jeysZAwj1WnyLSeifSE8QKwqPH5haRCgYC8IDmxJyyi-MSQGe_8uj2jMHAq_Hw4ZNHDkQm7mPfuGAxw0czeApjUqhHr0PPKu8NjKpqmw0BW9BjGhU0oW2je-sg9gUE6nY-w39BN3sLZH9-orojwLT0s9ndysBNVgRjS7_ftXeUuMjeFROzByAPxKw-5ehl0DgAJZtdHZ1vuxAuYqYPK4_XYOBwwwOSMOiZOQjJqTZxHJs9ndEFVeODrTcooYUVGZ-Lxsqm7wrgaVi20rxTXDhoIM-t7Z57qNnyrpiamHMKmQieoXN5cwGI9uCBDtKsEFm2iKtFw7ifCs2OgFdwV9O7xhelTg7YTnMkEyD-BdQd0qasMSeWhKT2QRkK2JCZRc3x15cCaOq5G3YbMXFAhjS6Zt0I-wY0Si1ASv9QG93Qlm3fHAaNtTmtP-0zFLB_iDgmBCvTZ5U3pl-ec_yfdanyLzNK3kh5fsCFmhFOuPh2PUWAm9HuNpynlRfW2qhy26IZV15hMR-umMFn3eKolZZBKeJtGUa8745yZZR349Awo&sai=AMfl-YTnuLq5ExWly--Sx7D3AnnZ2tvHPhCI1J0ZxVpwaBZ933GCvuR0_ua2torBFdyICvjQ2ntHDWxCKlAzTzYW3juNt3jR4prHMPh5eT6-k3L4S3CxDzGJ0RWbUeL4ur5FspkdXLa_Vet-bci7iNdaGfTwPSeDX-87T2aml1mp98oAwaFOhnErkRvGdOaAeGd780zK-_S02HxxIO0lsktVOo8pf2S-8lR3mvWgCzl2nGt2sArE5XXTdBjZewK8tF-3BG-tyRsq-GMD9gLFq4JJvdCLho1eHc2KImSyklOYLeFS7KmzOxwAKT9jRqpjciRfuvOpUooePuyIienVW8D69MSQe-VXz5xfY7zBvK4zL9ZvHf9ICjI-2yJBIphqwjQWDZ2udGoAVgxAlk4ykWJyipkoDO2FyHZFRPUdX4j_dSl_&sig=Cg0ArKJSzGS8P4XPKJp2EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=619&vt=11&dtpt=350&dett=3&cstd=265&cisv=r20240109.53382&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Enabler_01_247.js
s0.2mdn.net/879366/ Frame CA06 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17763968863331942400/index.html?e=69&leftOffset=0&topOffset=0&c=iWvrM2yztd&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17763968863331942400/index.html?e=69&leftOffset=0&topOffset=0&c=iWvrM2yztd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Jan 2024 04:12:33 GMT
adlDCO.js
s0.2mdn.net/creatives/assets/3705119/ Frame CA06 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3705119/adlDCO.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17763968863331942400/index.html?e=69&leftOffset=0&topOffset=0&c=iWvrM2yztd&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516662dd9977e229a39c361398cb3c298ae5ca241f184f898806392fc484a5f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17763968863331942400/index.html?e=69&leftOffset=0&topOffset=0&c=iWvrM2yztd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16176
x-xss-protection
0
last-modified
Sun, 18 Sep 2022 20:07:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 13:13:06 GMT
adl.css
s0.2mdn.net/creatives/assets/3705119/ Frame CA06 		3 KB
967 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3705119/adl.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17763968863331942400/index.html?e=69&leftOffset=0&topOffset=0&c=iWvrM2yztd&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24ee784f7efaee9e6b398f4f20335d9cef65475d258a436bc3d4c22fc8770a58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17763968863331942400/index.html?e=69&leftOffset=0&topOffset=0&c=iWvrM2yztd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
932
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 08:22:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 13:04:03 GMT
view
ad.doubleclick.net/pcs/ Frame 8D52 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvAbHnRTBjF8wNEMsj_LCvP5RA5Vg4znSf-B6qGd-XoK9lYNF3yaH5fKvPPDt5Z7Jn-1Fhv9QlZALaQ3A1pVUc57AmGGHnfEcmO7QP4UKY_Shs_wD8Cw0OKCb3OXUAXiLn03YQjZp7MGtFpFHm-cx8wPrRiPe03n0BrhBvWhobd7CVpvgOzLXP6c5PVVaULBUCJ00sWKS4Bau8S5IFdsyK52DH91R6SJ5bQDRwLUmRILRxIP1QdpsnKJBx4kNuO8Y29ywQMSJ0nb1QbL_ZBHPe8jDbRuFbXF3iyIjVtQKbcXvCbS_qSU-XPFkFvMUpOfo9yIQkO7dT4qK_fLHz8w3JCRLoziEVFg7HQE29Gb4Nt3yKtwXO1cZOiYelm8pKUp8nQycwojW3MuK5QhAVFsuefQuLFbM3NF4kxHEympGhsoUImM5tDk84uxbTkUJfFZ-EFWNEex3g4N1w7s7C1Jc7j43jhLjNElayTat82lW_14SgdBOMlXbsdJVshziQQ25KcsgOQN_rWiBg1beb8imeUIqZFtZGmbYqDBDDpKzvjnyD3Cp7v2mWDZ6_lSjZbnBV5Jl_3X7C6_PBIhMl8qBcN3gFuXOEGjCbM1uU3_zcmQ1R7TpGI3ntBqk9iO4cvGgUS3PWGiXx-N4zoZmrJM8QOVAFCWeyHQ-28I-efNShk865qmkUPhCtvhT49rcVXEVUiRG675eCvK2umOyxbZlsb2hDyi_SShQtRtWIe5NNy1wScxKa-1JtYh7Nx202IH_uK2RrvibuVB7BtYDuHANNj7IHoxcmlxDET6A1vu9j1wMEsTKy6iNo8o1FPmIHEUWs_g_mvNsTRia1clw6gpEKQA2nQ-4CHYaAohSPzVlzIosk-NWNubvLSnTRGXkEpE6JLuCd5kFoUk4Pezg2phZrgkhOFiRRaMbO5Iv9F5pBmZPxWIpIlwEwWU5ABk2VI9YDQW8lf9Jedy_hUjCrxizAeVc-euMXksWtScDZXUJmEP0o_mK64MgBKdvfWaos5yd-4FxlKQ4SVYJNe5Qh8UZOct7YsIpXkXuhwnPt_zuNMZe3rFNdM46p40afVHo8Kem8rB5wvyvNPx46H8IxEhMwDqDpiKLOScDURFM-GKaQMhmQJf7VbLRQUTxRpQsiozx0lWUnwQL218Pm4JcUnrl3bjOCpM4Z2pe5NXwRsfcMfnxXKUY6mWfVfQSv3-4s7vosDdN9_1SuJWS9bHJ4PLKWIEMN9ZicHlNOz4kv5IAOnEz0PM_PvB8oXq0TK8sEYVRnFsdyl1o4wyYfD6hR5AT5NT7hTn4bbZY6rONEg_4t6K6jdYBF6lQMRO_1_EvKIBhxqy06hy8njFNoU2Ug5Ptr3Zb4p1G0XLHRMCstCrL6g8h69whjQCF7EU9Xc513T2UEC_VT_zRSzX-peDiAm5YcOkbadcYSYE_OEu4smFYNud3LicB2RNMuvHwv1oDTJsbjpIhqcO4tvy_19MkKCyfQxFahw967NrA&sai=AMfl-YSe-UQO1Nrq6haK5ptfGkjKsy5PLHqFR-vgCIqpqsqybHDfXtOGqF1K280C0qDm5fDjR5j8N_CR4_9dNTG5QVTKism-0Qvo6Z1Tarhat2BZSegFA565weOWCR56AwFifAiAido7vntshHjxMmYyzSWtwPsQ1MHNGutCaxMw24eCcC4Ss6jtrv07J9bT74wvzIJHO25ZEFyusRHfAPXlE-ImmrFtzDPjjXnpVnyShHlQNCv75iTcTVHnzlXAf28DtyDQtt4rXCn_Vp100DIU91yQHwjOU4XYK30vA-T_sZW8fylz_AWFy_7dLO2OPWch4Jq-mxk23r3ZJbzWkHTBDDedWpy3S9Yd18o9Ibl4NC5FExoTpsGdLIVd-vNZMSr0gtajfRGOqafOog0jtiCjHNVgVXV-sByzogFV-BFD3_sn&sig=Cg0ArKJSzB56PS72EVHzEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=628&vt=11&dtpt=364&dett=3&cstd=263&cisv=r20240109.95094&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame 619C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/924068/65485209/4.js?ias_dspID=3&ias_campId=1010491284&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20321508888&bidurl=https://notisul.com.br/&i...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_sTehZauAB4WQ1PIPk_emmAQ&cbFunctionName=goog_wrapCb_sTehZauAB4WQ1PIPk_emmAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_sTehZauAB4WQ1PIPk_emmAQ&cbFunctionName=goog_wrapCb_sTehZauAB4WQ1PIPk_emmAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:47:27 GMT
x-amz-version-id
chJzWGuhkrqyagXtH_ztVZhv7KoeCC.y
content-encoding
gzip
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
54723
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 11 Jan 2024 21:47:25 GMT
server
AmazonS3
etag
W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
PusK4ykA8xCt6_IEmslXthN3n7CqgT1rY-kG72utFhQEfDkuhfPJBQ==

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
server
nginx
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_sTehZauAB4WQ1PIPk_emmAQ&cbFunctionName=goog_wrapCb_sTehZauAB4WQ1PIPk_emmAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 5E13 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
9809419
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
eH0obXPofau6zO4-OxdTr1sY7r9qOwMA0hhyv1pRQkt15bhwoIWo1g==
dt
dt.adsafeprotected.com/ Frame 619C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=924068&asId=425795c2-c37c-da1d-79c5-d748c5f03df2&tv=%7Bc:15J7Tv,pingTime:-3,time:91,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:91,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u19ykye+11%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e*.924068-65485209%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f31%7C1f4%7C1g1%7C1g2%7C1g31%7C1g4,idMap:1e*,rmeas:1,rend:0,renddet:na,siq:30%7D&br=c
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:531c:b18f:f16f:baba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:30 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 619C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=924068&asId=425795c2-c37c-da1d-79c5-d748c5f03df2&tv=%7Bc:15J7Tx,pingTime:-6,time:93,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:93,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B85~0%5D,as:%5B85~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u19ykye+11%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e*.924068-65485209%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f31%7C1f4%7C1g1%7C1g2%7C1g31%7C1g4,idMap:1e*,rmeas:1,rend:0,renddet:na,siq:30%7D&tpiLookup=ao:notisul.com.br*&br=c
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:531c:b18f:f16f:baba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:30 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame A3C8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 02:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
37007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 02:42:42 GMT
csi
csi.gstatic.com/ Frame 4B24 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lranav70&c=5252623613645&slotId=2626311806822.5&ghmsh_eids=44752052%2C44772139%2C44777649%2C44781409%2C44804291%2C44809548
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.612.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 619C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=924068&asId=425795c2-c37c-da1d-79c5-d748c5f03df2&tv=%7Bc:15J7TZ,pingTime:-2,time:121,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:809,beZ:811,mfA:814,cmA:815,inA:815,inZ:819,prA:819,prZ:831,si:838,poA:839,poZ:866,cmZ:866,mfZ:866,loA:902,loZ:905,ltA:930,ltZ:930%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:121,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B113~0%5D,as:%5B113~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u19ykye+11%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e*.924068-65485209%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f31%7C1f4%7C1g1%7C1g2%7C1g31%7C1g4,idMap:1e*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:30,sinceFw:90,readyFired:true%7D&br=c
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:531c:b18f:f16f:baba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:30 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame 619C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0BZRKr_6X8_DtphF41StEqiegHfRlLdXSjOzpmDlMSEtbNrXgR0tHdLnA5uRZHtj1bjJZhyUk4OtrQQwGRLIi3LaHZd7zUK69ORvdNwydbNfJg9Y_rwfPV-e3uYgfPm0vNvAlK066jftFiAXuHreBETyF2EiYPfTbJMBExq-KYpgJbEsJve2f8x6Bv9KLCxBNglqlWUp0-f5OEFtFLG762jG6PahSBlO0Ucd_KpCJJ4SHNhHdExRHHBI5tf3fNUGgtKXp4uKCx4Ru_zkrhU7GyNi0DZimBsIywNDydxc5QORzrN34Ot2cHYAY-HnKxkYNTlx5J-rbtHwZIl0asyixtTtEthJYASdekyQuwNmvT5aye9Hm45jTcV20D2zUa_A07L2dbGSln8nnCMrBaiYQYaDePv4ABylYnTUW7lX1X0UAVqcMQlhmSF2rUmN49Oskc_epQwhJAuwj8UpNXjFp3cBb5z_QzpwRhbucnbiWzy2j7nJd40DrtE19gVezXR6q0gEK96n-V_UI0fx0tbTwB8qbO7a8yewIkv5YZA8OV9e1K04QvakjhFDlXLcGejJYj_NMJ-0RV5KCEPuc_7oBKUCqtjgAttGNpG2EzTIV5ho4zwW2FJh4M3na_e3zzeQ6m09L8pEgV6FniuOMc_SEuu7lwN73ryztdrg_TnApYh8WNSJ8jCnN0Uj-41GpSd3B2mF0yH2xrQTdkH8yPCLzQyvekPAZegRxPA92xsBHp70IU2JiElmbHsLk1b6BIAiz7-6gO6V4ZvJB-o_VFCljgLllr2wsrqkQFYxt59ldoUlPwBdmukXmjmcPg7g38TrWkrrE2c_mWhAx7aipF-PJ-fQiQcysfSbTwxD2xmMEcYS1zt966_XL41UuUTbrTTVCt-aovN0cL1ASLhR_f6OYwA6M_X6N4Ych3svAC8vC3cXv8ZjKtnVCo_7JRrgVlcRsC_9eb1GPUElZjx4p8On0w7eyPUZ2QJpTfrE28JnZv9-MDc4bjgpS21-rlgh4s18a_QSdXlCTOlw8iw-_k8y8yrI-rRwo6Cb3J_rpMgIMRF4UjDQ_-8Cg5V8tBvM1rcoWQk4n_Ugz46nixPROArKAaZhcU2p3ADMi23Tp2_w-zW2hENslxqdx6eyF1TmPhqKrlLA7CXTFyWDxOTfDwQ-DgtvUmpR8juyPZlZXrsFZvVeHGc2S5esPyM3jFYWEojXkb0Kt28fZ1T3ppqz-htDY1VaMc2rU7ka5upVfYJQiuJkG29K4GohXT6vmMgfbUkZRVtN-MrkEptglBBRt4c90VSBOaiWMLZmswyN7xFLJm2amowehQQlHu6pRJgcwsyDOWvWNZRmDwTrhZezQPx1uZfRORlAUhZbdOJgiObYECdWvcJGKcEpjqjxCTDnackNSOK1wrQeBrbu_fmhwqdk9b8fesu5HtVm1-xdLSqGaonpCdNVmsotIn947KDLwRdB8WSjfgHEPw_6y2OP8ClOKhqMUAR5Yvg&sai=AMfl-YTNOs_5nzsVTjwnNxvqJRB8uj2G5u_zse69xGuKs_fDjacjRFR0F62ZwHCl20Ifnz9O53IwxXViAS3nhpmeyF0TicTPpZpGH0EwLlq18EzQw1SOGDxmWl1AWot4AvGks-mU3Z-QCrVBPescQe1F3fCK0uhSHMJRGpR1WgFg7jmWRl83d20sc7t9V8-GQPAlDePQZjYeru4pREIacPTh9_Gg2LDqy4Cp4q3tK9qKNpdWBQ7jZO82ufF2pgCKueoBpBA1zC0&sig=Cg0ArKJSzMmtcjOJ4uH3EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=462&vt=11&dtpt=248&dett=3&cstd=204&cisv=r20240108.91314&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
47170-323927-1656322333271_26007dff19141b3e39ac240b8463f0ffce01fbda.jpg_1700485263910_47170-323927-1656322333271_26007dff19141b3e39ac240b8463f0ffce01fbda.jpg
s0.2mdn.net/dynamic/2/10999261/d1lidoxie3x3o8.cloudfront.net/dco/47170/ Frame CA06 		10 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dynamic/2/10999261/d1lidoxie3x3o8.cloudfront.net/dco/47170/47170-323927-1656322333271_26007dff19141b3e39ac240b8463f0ffce01fbda.jpg_1700485263910_47170-323927-1656322333271_26007dff19141b3e39ac240b8463f0ffce01fbda.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3705119/adlDCO.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1e2cc26ba6f0887e92a918e38c2b8ec94f6de33468a3552fcc64f7c8aa3ea7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17763968863331942400/index.html?e=69&leftOffset=0&topOffset=0&c=iWvrM2yztd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:58:03 GMT
x-content-type-options
nosniff
age
273686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10729
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 13:01:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:58:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CA06 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07c6c27216ac390015acaf3a3240490cb13ea8e93c3ee4f46cb453b4ab1f54a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5953
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F916 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=ButIPsDehZc7LBrfn1PIPxqmSkAYAAAAAOAHgBAI&bg=!KimlKWbNAAaumcC-jpk7ADQBe5WfOMDFYvqm2wS1Xk4HX7tKo8wIyloDisS_X5nW3sK4XJJh2LpFS0q1d6YQeNfrIVgIAgAAAXpSAAAAA2gBBwoAATCZAwKp4Or9jDpCnwmq1xXJrjQOYPfdoVZrIJnRioD1ltk9-pSF9qLuGEp6pap9-IHe8IPJKeV1T8qj5YsgJ7KADpGLYCsHDjuo_YH_2ZNjs-lysaeNXzulHSxIBxEKC6CNgQ9Rcn7YDc1-LGJl1CjWjLlvHaMUAb-0_6klJ-W571rlupH24aMoYx466NEeURdF-ADmlxUmDbhybjTuGeMb8birnAfaplUjyhoaZ4kWdDmbepw3xhJHMpFa6iUbUqIXcjcev9EcjfpDg6nV9j1oV1h1rWx5vVl_YvXwEREwu4GeEIzAs7U78opXnCSPxOiC0pagn1kkqoxY5cJJk3J0h-2P8DlFL0CMWTyFRMBhMh4OmGS6qSys2ZdeWLre0YMDI2NSQaRJDAStOdjCSHoH4BYlmsCTetlm6vs1ACu8lQ72ZOll9lLWXKi8o6qd7P14DyvTwZulp2ZxKNWD1T55XlELZpjyqrR6mWTGsMb5oTBqDA0FPACjn5evLjiqF51MQgTzrnG8bXKvirU8FiI2-oqgecdRtHSvD1442T8pnX3X3GwDXv9-8L_qFo6Jt3TVMnhEFoco5oMYMTX9_TCl3SVISu-OzESh2axnRCeXfmO62VU22IghxfWzALJHbfvCR8kMoBNsnpEg790mp4S29-tsO5MqzPMl557vX2cimLvGnmjwximM3HzQrn8hDh8lVL_hHttPVGrK49WrxzelOrz1YfJY1ynPMVg83InHv4qmKG59NtNG6hnQ9zmDwopBO4Momp9dhRlUoUTZQGC-AOtT-qKmQDeiG2cek6xVlT6erkGAawrghmvA9IuDTG2ZsgjbfPiyDmNU5onBJcwOKKQHCt0MXnkm7G5y1Di88dEfEGEjov9j8H4a3Yt75acvBaKL5KiFT7f45wdBkWcyS1lcAUnR0EUvJWAMsGPch495J7ZaBaX3SeW0E1yMre3vIh7BDZ56x46Xbym3pKsR7goinf_vpNHZyf_1u0PYrNqvJCRFGelEZNf7gcLM6wxxq07LDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CA06 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 12:59:29 GMT
volvonovum.css
s0.2mdn.net/creatives/assets/4028882/ Frame CA06 		2 KB
281 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4028882/volvonovum.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3705119/adlDCO.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5b0d723bddb063bc19dce7596120bc82b9dcf0f8e36c5ebbbd29f9ec0161e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17763968863331942400/index.html?e=69&leftOffset=0&topOffset=0&c=iWvrM2yztd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
837
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
244
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 12:07:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 13:00:32 GMT
1656402900738_a6f1d48ee21c10f656c36fb834954bb4c41329b9.jpg_1689260552566_1656402900738_a6f1d48ee21c10f656c36fb834954bb4c41329b9.jpg
s0.2mdn.net/dynamic/2/10999261/d1lidoxie3x3o8.cloudfront.net/flt/dv_441/ Frame CA06 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10999261/d1lidoxie3x3o8.cloudfront.net/flt/dv_441/1656402900738_a6f1d48ee21c10f656c36fb834954bb4c41329b9.jpg_1689260552566_1656402900738_a6f1d48ee21c10f656c36fb834954bb4c41329b9.jpg
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f03c80196bdfbf7d4f6a6f5c1e0d5e8613b5813a187195910fe034367cd1c920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17763968863331942400/index.html?e=69&leftOffset=0&topOffset=0&c=iWvrM2yztd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:50:41 GMT
x-content-type-options
nosniff
age
274128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142994
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 15:03:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:50:41 GMT
1656402900737_b16bd3b7677b559c0526a0e1ce0c7e8f82c22405.jpg_1689260552566_1656402900737_b16bd3b7677b559c0526a0e1ce0c7e8f82c22405.jpg
s0.2mdn.net/dynamic/2/10999261/d1lidoxie3x3o8.cloudfront.net/flt/dv_441/ Frame CA06 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10999261/d1lidoxie3x3o8.cloudfront.net/flt/dv_441/1656402900737_b16bd3b7677b559c0526a0e1ce0c7e8f82c22405.jpg_1689260552566_1656402900737_b16bd3b7677b559c0526a0e1ce0c7e8f82c22405.jpg
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
675e4f36e802cfd2dfda59775e870e1f1847b0cea75c30b83187ba905280a153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17763968863331942400/index.html?e=69&leftOffset=0&topOffset=0&c=iWvrM2yztd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:59:48 GMT
x-content-type-options
nosniff
age
273581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110781
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 15:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:59:48 GMT
truncated
/ Frame CA06 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3c493846d41fc55b4db348e142c41b61761198554cbc0a4a648effda5b9e47f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ Frame 556E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvydYsDehZc_LBrfn1PIPxqmSkAYAAAAAOAHgBAI&bg=!gYKlgs3NAAaumcC-jpk7ADQBe5WfOON0bwPVWbEEvQmBHRGfHoj-oGIv4TJt73JE-2Cdp3SkcVy1AjD_5ZfIwCjw0omWAgAAAYZSAAAAA2gBB5kDDHnzxCUHSUSLzxuMcYYdc2CWHkAjPqH71NiI_PmYrTb9TOvz9GCUbUk_9OCWf1Vz_M1yH_Dq-VOfAWC1f0zYv1HHGtxCCHmEPhTTCp0SmEriRSBT2cg45WgFpREtD-EH3pYMkrmkkwkInjCrNLWbII0HwaqoMeDCiWz1AuOf6AXimWsDSVxII2BciGSc4QBFOAKR2qk6Iqrg1dX8Jqo8Ha45xLKc56MonhAzWQxDJmRk2rs-UW450QGnZQuPpPjmLqKk2-w4vuV1CNDLXtn1q501x1JDkpZTZ9m1QgO-moc933BrtVTIaV1W1wIzzVgil6IX99OswLM0Ox4g1SPFXnf-VFrDTnKgTlmug8bAcrkR5GbJZ5bGOtmMGrkdGzyODaGOnwpVzGXpl82Ee6cx7R7BhVMrfD95GBeEuAI7RSkpNnLSnZECYwcF0Rp1TexJnECBom58yP7FT66JoXbxAD9AWSXUtxn1drTEkx_WyY65XYa7Jt6RgiNxsVQCOFVS8T-ks7MEF6BJdC2bOl2Pmh654sTz2oqT4jXVCRNLNc6YngIoSLCAotSPtpcKjPmUfBYJmGGfPhDvDhaKPRP2WkYt6nLPrU03PTVUUOCeQSSTrhX-vbh9aISmnKrDsnxoQes4_ywOJvf9J_B4Z5tUR4-4BtCp9EgL5Lx7Ypi3rdMJFFFnZr-xGNNa0ePh5dpxLqrNJdJ4FHm_HS2Dh8rTGqKD3ocINnIi7XY1S69JoKOcd2p4hPb2IlPmwU0b4nEJFxD-VeMeLeHX8xM1l-mirvOaUqXGpM7lamp-kmvl9b5bwNmuKNyt-7m2mhG2fXxo6vMCHRif2n7r-1rle3KbWCdb6Ee8NkJjQnJwZbDOtByhUEPtoNbfM5a6R4UuXnsw3L5We97paq_xillRhryk-5nZ9guUFM2ZGnugH14X7dyEcgxxFSeJojuqB1rFIWF7HvMkG6iwAij9kXKz4EIsrLgzMzgYKUVAZIbmqhV0Y3QMjVqIvXDGnAF73L9Lo_Ilxusim9N_8EkzZwV9WA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VolvoNovum-Regular.woff
s0.2mdn.net/creatives/assets/4028882/ Frame CA06 		81 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4028882/VolvoNovum-Regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4028882/volvonovum.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fce70f8cc151b178d49948cd6ca11ba3870aa9635cc6dcb7c7952a102934167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4028882/volvonovum.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:47:19 GMT
x-content-type-options
nosniff
age
730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82644
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 13:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 13:02:19 GMT
VolvoNovum-Light.woff
s0.2mdn.net/creatives/assets/4028882/ Frame CA06 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4028882/VolvoNovum-Light.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4028882/volvonovum.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6cc2c7a76f694544da32e4f5b65d9cffbabd6b247a70f06892086ae35b34ce2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4028882/volvonovum.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:49:51 GMT
x-content-type-options
nosniff
age
578
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76448
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 13:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 13:04:51 GMT
VolvoNovum-Medium.woff
s0.2mdn.net/creatives/assets/4028882/ Frame CA06 		80 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4028882/VolvoNovum-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4028882/volvonovum.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c5035e04845f6a26f9a9482717abf3ac36711b85e5b2ac87e423ba0ceaaf89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4028882/volvonovum.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:47:19 GMT
x-content-type-options
nosniff
age
730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81784
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 13:40:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 13:02:19 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame E128 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 02:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
37007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 02:42:42 GMT
dt
dt.adsafeprotected.com/ Frame 619C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=924068&asId=425795c2-c37c-da1d-79c5-d748c5f03df2&tv=%7Bc:15J7X6,time:314,type:e,im:%7Bpci:%7Btdr:130%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:314,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B306~0%5D,as:%5B306~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u19ykye+11%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e*.924068-65485209%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f31%7C1f4%7C1g1%7C1g2%7C1g31%7C1g4,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:30,sis:207%7D&br=c
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:531c:b18f:f16f:baba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:30 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
css
fonts.googleapis.com/ Frame 4CD2 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 12:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 11:33:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 12:59:29 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 4CD2 		2 KB
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:02:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
14224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:02:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 4CD2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
12490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:31:19 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B034 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1265
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 4CD2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:16:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
63760
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:16:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 4CD2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67596
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:12:53 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4CD2 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 12:59:29 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 4CD2 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 22:18:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 08 Apr 2024 08:48:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A3C8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B6mqBsTehZauAB4WQ1PIPk_emmAQAAAAAOAHgBAI&bg=!nZ6lntHNAAaumcC-jpk7ADQBe5WfOACA36sYMKp9kinoKYj0dNM5H5ByBhUXaZdpnW2cfBkxKKkyTvAvkvHA231wtWm3AgAAALlSAAAAA2gBBwoAHXM_MJsfhCGpnhnQI5MerRpy4vFHTaBsoxngKc85mQMBd_1NagMeCfpSMpqEVhKW9qbGtiZXXA0vVQksdzUNYe9mvjWhS4ZBVbTkJyhFDmaaOieLDrOXmldV0eKi4yKgMzPN_8AFssi0GcW28tqdoBPMDo6si22q85qJ3UiX85f9-AcimoPJTT72g30UermZW8EK6hbX92EZQXMs9Ihy8e52DyWW-KsM9G6A0oAfEFqaIhKE2ybLQznD1fg3-mDNTBDcR5SSxlME2b8IJKNNFfCxpUqwtqEyoVwD1rxHYS71WcM_1lL5UDMPoDMwVSWPsAakFs4zQiZy_Sks49g5JpJnPMsq9pAfbv9nxjCUkZvUD6bBduucDSUKbd8mDFY2grJ9hRYNcYci_A0wWb_fKFOIVQc_rc2F5oR2lX-YIcRNVEQ3xUJyDuAkerRdkwX5eMWjiF_hY5-vLPM8FCUBBaLFGhssm2G2Ct4pIuHF3yfHRQCVvLwpf81gOqYF6P0luqUQrok1-Y4MSAkWljrwBA04HappTuzOKfT9bRC_rbZF3Zo9MP6Uy1_cSZIbVHSZfavApWYT9IlZxSrlP7kAIIPqpb-54GLviU4P-9Tg-O3N2dcu4xH4qyLzZrSey3K5pIVbVZzT5WsPcNqeYrf9U6FOdGEiGoYt2xgqDIvqORH7b1RqQgnu_WWiCwbRf6S6RDPYcbgrHNJ9zJuHqkxLausqRvKWkkXw6Q4u8vgLDBRAFoVPQbuETkMgHLDT0XRVhGiaepYvoxmbrCNKh6kydgi8728_JlyqhSZiMipuyweLnWL2YuV5FVwq0pUCbJwkFZnuZ719IFTNSL-pi3BXG8FA8pFY9cYHb_kbOipzlqEEFD0w4xN0VOWv-sra9BOnlt_typ9pclCN1QKkQjJnSVWIgJs674gIubBFJxBCkA9LC1OtXYUO4JPurIdz5Me6Q0BcfgMaAVVcPYA_aK9NbeUz1j3JolR3D7QQjDmxATryCmqwSOskF8AE1d9WuyD0dlhyXJlEd7y7pwD8pbA6YH4EdvlAWJdiLjF-na7DPJzClw
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 619C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=924068&asId=425795c2-c37c-da1d-79c5-d748c5f03df2&tv=%7Bc:15J80u,pingTime:-10,time:524,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIxNiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705064370054%7C%7Cb7b6948e0dba63dc454c51311d3f4df5%7C%7Cacc8ce73e974315fdfcc4ebb5f3c527d%7C%7C0865b013c36f5c91a672de4e25245353%7C%7C9fe0ae2456b5d947b1e008f03c07590b%7C%7C07478d39bc3e31072dfec1e128d6f9fc%7C%7Ce86158d9602833173addfbcbe70e92ee%7C%7C41ea7af723e6d49ed05728d0a20cf0d4%7C%7C1663701684%7D
Requested by
Host: b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
URL: https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:531c:b18f:f16f:baba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:30 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
si
googleads.g.doubleclick.net/pagead/drt/ Frame B034
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:30 GMT
expires
Fri, 12 Jan 2024 12:59:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:59:30 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
pagead2.googlesyndication.com/bg/ Frame 4E84 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Requested by
Host: notisul.com.br
URL: https://notisul.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:44:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
274480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19690
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:44:50 GMT
/
events.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.30.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-30-234.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Jan 2024 12:59:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1615 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFFL_ZZQIlRrmKgH1lqj9pdDf8GQR8dye2sGOdRB88AN_dSxQnsM1U_Rt0VWmredOhYGcFvZiAPBs3cqUzSHW5hSQxy8WJV03MNbNLyV9Litbd2NGrmqtEiG0bUiuUX_YCjK5MpXNaAx0yRfn6crMSyBRT&sai=AMfl-YQX4jjrJxOfJe9MbGG5s3VtSRFnl_MeocY4AqxMtrTKFkJm5Zc3gfdJ1PI0ggkO9GpjBDf3QWioEBDwhWITPHbn9Fl59C0ptrBd_Gk7K8c_ufpNadqGP4cz1SL3&sig=Cg0ArKJSzB6MaSBznlQKEAE&cid=CAQSPAAvHhf_vLx-OvY2AnyNu-WUZL4QoMFRYJcOa83xe-SAvGhNCfvCQrfjDVxW_1UVy-qJeX5VUsAD0edjsRgB&id=lidar2&mcvt=1026&p=300,1440,900,1600&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3007838385&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705064368730&rpt=383&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8D52 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRdnojtsq1XzCKx9zOb_z4YKtfxY8mOhHAdasIui7JgicEw9NDZm8rJqcXhFgB8013bqJpkw8fOx8EeE4cGo2YinvGlp1OqOhuNbEwKiNdnFbIrmAuKFLzDDQoSdSh-sAcniya1Ag5by9Km9QJuuZoW3K9&sai=AMfl-YT61w7Q0BQYT6cWuJRSiHxEdcfe4y7h-a1dFRNjbLbOupClggIp24Ak_Ti6JtGZ7oGyDGLlYd9QaGJ6k_CMmxGmpj2QaoxN0qPoijHyZnrha7r7rj2w6atmXUWY&sig=Cg0ArKJSzNVo3_eGWoNJEAE&cid=CAQSPAAvHhf_vLx-OvY2AnyNu-WUZL4QoMFRYJcOa83xe-SAvGhNCfvCQrfjDVxW_1UVy-qJeX5VUsAD0edjsRgB&id=lidar2&mcvt=1029&p=1110,436,1200,1164&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3817416296&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705064368737&rpt=400&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 619C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAOebsJOyZzOwUO-UcrJUJz8v8UHgtEklX8MHBhT1F7yU7S2W3WPyPndP_XX5mp7r5ZN7vojZZ71-5m3jS6kWzs3LHHksHccYc4jUyJf0jlptb7hKHTJZO2-yRG95gWvRsidsPAXWWTovAKbUiVg4ATYpI&sai=AMfl-YSbpvlUluvj-5Qo6Q3Ywcrj_-kGohiVKf7jX6N6RbGcbW4jBhP70jGQweC6IEeCy1l5hqR2OcCtJc0MkxPV6vay5Nsijbp_3PY2tqhvH1OCPggMBy9Pyn4QtDSm&sig=Cg0ArKJSzLD84RMZbcT0EAE&cid=CAQSPAAvHhf_vLx-OvY2AnyNu-WUZL4QoMFRYJcOa83xe-SAvGhNCfvCQrfjDVxW_1UVy-qJeX5VUsAD0edjsRgB&id=lidar2&mcvt=1000&p=217,315,467,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=794144146&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705064368721&rpt=554&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame CBC5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=rA2H6clBJe0fNkAW5IOMSnPxQPiECkAM-GAlSYMjrkA-PZSHdl8bVZbPmo2cMFwFRB1wPmMMEfdOuosed58N6fEUJd7lpqQqkwfF7i47SSzdqYmfTV30nCOFTZXHb2E6zCbJU8vNxzvGeHjkCgUGsIHHBzIDhR4Rd-Gqz2Hx_Np40WAQKzL_IONQgw_V1e4KfDOAEVP_VZgnto_GgmMHXhPsp-NuK9BYRGeUKN4Gg77c2X2offjT6ZH8qdCuHlLvPrM2vA&sds=2&rev=90134&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 12 Jan 2024 12:59:30 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
getuid
rtb.avantisvideo.com/api/v1/usersync/ 		58 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.67.132 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-67-132.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
f61bad45bd5c6ddda0a59f543597e072bf8049d6e0534d595413fbe3f5f134fb
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 12:59:31 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
58
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notisul.com.br
x-download-options
noopen
access-control-allow-credentials
true
ads
pubads.g.doubleclick.net/gampad/ Frame 4B24 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1824175421687993&iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&cust_params=avpp%3D2%26avtest%3D645b490f-24f2-429d-a04c-d266868eea7c_3&vpa=auto&sdkv=h.3.612.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=3356658098&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.612.0&sid=5D6B2038-9B90-4A5F-8252-22FA40BC62C5&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44804291%2C44809548&url=https%3A%2F%2Fnotisul.com.br%2F&top=https%3A%2F%2Fnotisul.com.br%2F&loc=https%3A%2F%2Fnotisul.com.br%2F&dlt=1705064365552&idt=2942&dt=1705064370682&cookie=ID%3Dbc7cc4b331b3ed60%3AT%3D1705064367%3ART%3D1705064367%3AS%3DALNI_MZGAoXRq5zowuAjQUjFVIJ-f4535A&gpic=UID%3D00000d3fd0fecc2f%3AT%3D1705064367%3ART%3D1705064367%3AS%3DALNI_MZC9iF46vxQLx1jUxyGx2borJRrmw&scor=4398838407392400&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.612.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.gif
tags.denakop.com/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fnotisul.com.br%2F&t=1705064370743&cb=0.6907521892789572&aa=first
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:30 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
844593bd29dc1d9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
tags.denakop.com/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fnotisul.com.br%2F&t=1705064370743&cb=0.5544050496631097&aa=side
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:30 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
844593bd29df1d9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
tags.denakop.com/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10432&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fnotisul.com.br%2F&t=1705064370744&cb=0.9099299711113742&aa=under
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:30 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
844593bd29e01d9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
getuid
rtb.avantisvideo.com/api/v1/usersync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.67.132 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-67-132.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://notisul.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://notisul.com.br
access-control-max-age
86400
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Fri, 12 Jan 2024 12:59:30 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.30.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-30-234.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Jan 2024 12:59:30 GMT
json
gum.criteo.com/sid/ 		2 B
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnotisul.com.br%2F&domain=notisul.com.br&cw=1&lsw=1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
239318
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnotisul.com.br%2F&domain=notisul.com.br&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://notisul.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 12 Jan 2024 12:59:30 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
241273
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 6744 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1705064367710
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4703 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
27188
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 12 Jan 2024 12:59:31 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 05 Jan 2024 05:26:09 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1803, 206351
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230133-FRA
X-Timer
S1705064371.057616,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame E9FF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
27188
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 12 Jan 2024 12:59:31 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 05 Jan 2024 05:26:09 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1803, 206364
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230131-FRA
X-Timer
S1705064371.057780,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 299D 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Jan 2024 12:59:31 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
csync.smilewanted.com/ Frame B1A8 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
996475b79e75521bdff3e7f2f111434d0d89c213ab33456ca374f52ced8eb384

Request headers

Referer
https://notisul.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
844593bf0fd69031-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 12:59:31 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 4703 		0
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:31 GMT
an-x-request-uuid
17f68bc5-9b48-4e56-95f0-03358a7409c1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E9FF 		0
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:31 GMT
an-x-request-uuid
f2133c02-6499-44fc-bd92-4458f92f302d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 299D 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0959086c1458b1a0a9c99630cc49197a7b11f3f741dd87a07c6063f6302d890a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 12:59:31 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Jan 2024 12:02:37 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82938
Connection
keep-alive
Content-Length
10964
Expires
Sat, 13 Jan 2024 12:01:49 GMT
getbid
rtb.avantisvideo.com/api/v1/auction/ 		11 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.67.132 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-67-132.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 12:59:31 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
11
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notisul.com.br
x-download-options
noopen
access-control-allow-credentials
true
getbid
rtb.avantisvideo.com/api/v1/auction/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.67.132 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-67-132.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://notisul.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://notisul.com.br
access-control-max-age
86400
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Fri, 12 Jan 2024 12:59:31 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame 299D 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
Expires
0
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame B1A8 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
811880
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
844593bfd8779031-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame E878 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
844593c008a29031-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 12:59:31 GMT
server
cloudflare
vary
Accept-Encoding
getuid
sync.smartadserver.com/ Frame 1D03
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.116 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 12 Jan 2024 12:59:30 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Fri, 12 Jan 2024 12:59:30 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
7719760622808119083
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame 7A40
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7719760622808119083
0
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7719760622808119083
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
844593c0690c9031-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 12:59:31 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
4ab1ebca-557a-41d9-8554-29d3e2cdd50f
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 12:59:31 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7719760622808119083
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
universal.min.js
tag.navdmp.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1674a5a2-6f3d-4f40-823c-22fcf4f6d6ac
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
147
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
844593c0dac31e56-FRA
expires
Fri, 12 Jan 2024 13:57:04 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 708F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A2BD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=138315
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 12 Jan 2024 12:59:31 GMT
expires
Sun, 14 Jan 2024 03:24:46 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
46575
tag.navdmp.com/u/ 		497 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/46575
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 06 Apr 2023 18:41:30 GMT
server
cloudflare
etag
W/"642f125a-1f1"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
844593c0faf41e56-FRA
expires
Fri, 12 Jan 2024 13:59:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 619C 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3764928338111&version=m202309260101&ct=76&x=1&cor=2973605578481860000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A2BD 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65417543&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:31 GMT
content-length
0
server_match
ice.360yield.com/ Frame 3F7C 		43 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.215.137.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-137-102.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-length
43
content-type
image/gif
date
Fri, 12 Jan 2024 12:59:31 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
3a1d6d7b-1a74-4835-a27a-adcdcc4beaff
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 824B
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/3a1d6d7b-1a74-4835-a27a-adcdcc4beaff
0
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/3a1d6d7b-1a74-4835-a27a-adcdcc4beaff
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
844593c22a689031-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 12:59:31 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Fri, 12 Jan 2024 12:59:31 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/3a1d6d7b-1a74-4835-a27a-adcdcc4beaff
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usr
usr.navdmp.com/ 		359 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f9f9b71be540b0a8a37fbddb3f7875efe8c3a497f177a983f569096f0083d43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
public
date
Fri, 12 Jan 2024 12:59:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
844593c1fc241e56-FRA
expires
Fri, 12 Jan 2024 13:59:31 GMT
pixel
ap.lijit.com/ Frame A079 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.88.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-88-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Fri, 12 Jan 2024 12:59:31 GMT
6088250643528957305
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 96FB
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6088250643528957305
0
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/6088250643528957305
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
844593c2dafa9031-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 12:59:31 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Fri, 12 Jan 2024 12:59:31 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/6088250643528957305
server
nginx
37913bda-afef-4dc0-8ea9-01e6e8ab5c3d
csync.smilewanted.com/set_partner_userid_get/adwmg/ Frame 17F4
Redirect Chain
  • https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CON...
  • https://csync.smilewanted.com/set_partner_userid_get/adwmg/37913bda-afef-4dc0-8ea9-01e6e8ab5c3d
0
697 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adwmg/37913bda-afef-4dc0-8ea9-01e6e8ab5c3d
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
844593c4cca69031-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 12:59:31 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 12 Jan 2024 12:59:31 GMT
Expires
0
Keep-Alive
timeout=5
Location
https://csync.smilewanted.com/set_partner_userid_get/adwmg/37913bda-afef-4dc0-8ea9-01e6e8ab5c3d
Pragma
no-cache
/
s.ad.smaato.net/c/ Frame C80F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
no-cache, must-revalidate
date
Fri, 12 Jan 2024 12:59:31 GMT
server
CloudFront
via
1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
x-amz-cf-id
lyuYoD2cwBRABIZ09oUwanPwW4fVRu71COXDHSu2obZAUvtOltELlQ==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
dt
dt.adsafeprotected.com/ Frame 619C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=924068&asId=425795c2-c37c-da1d-79c5-d748c5f03df2&tv=%7Bc:15J8qw,pingTime:1,time:2138,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:28%7D,%7Bpiv:100,vs:i,r:,t:1137%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1137,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1130~0,0~100%5D,as:%5B1130~970.250%5D%7D%7D,%7Bsl:i,t:1137,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:326,fm:u19ykye+11%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e*.924068-65485209%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f31%7C1f4%7C1g1%7C1g2%7C1g31%7C1g4,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:30,sis:207%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:531c:b18f:f16f:baba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:31 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 619C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=924068&asId=425795c2-c37c-da1d-79c5-d748c5f03df2&tv=%7Bc:15J8qw,pingTime:1,time:2138,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:28%7D,%7Bpiv:100,vs:i,r:,t:1137%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1137,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1130~0,0~100%5D,as:%5B1130~970.250%5D%7D%7D,%7Bsl:i,t:1137,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:326,fm:u19ykye+11%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e*.924068-65485209%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f31%7C1f4%7C1g1%7C1g2%7C1g31%7C1g4,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:30,sis:207%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:531c:b18f:f16f:baba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:31 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&id=13f58798ebb2654070192f41cc10%7C0&acc=46575&tit=P%25E1gina%2520inicial%2520-%2520Notisul&url=https%253A%2F%2Fnotisul.com.br%2F&upd=1&new=1&h1=
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
844593c30d4e1e56-FRA
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85723683051
  • https://sync2.navdmp.com/sync?prtid=2&id=85723683051&google_gid=CAESEHfb25H_VfcCnmTCIhT7XYo&google_cver=1
6 B
80 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=85723683051&google_gid=CAESEHfb25H_VfcCnmTCIhT7XYo&google_cver=1
Protocol
H2
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
844593c34d891e56-FRA
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=85723683051&google_gid=CAESEHfb25H_VfcCnmTCIhT7XYo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=320b65a1-37b4-4c00-845a-4de160f09704
43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&mdia=320b65a1-37b4-4c00-845a-4de160f09704
Protocol
H2
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:31 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
844593c40e411e56-FRA
content-length
43
content-type
image/gif

Redirect headers

Date
Fri, 12 Jan 2024 12:59:31 GMT
Server
MT3 1237 600843f master iad iad-pixel-x3 config_version:"9"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://sync.navdmp.com/sync?img=1&mdia=320b65a1-37b4-4c00-845a-4de160f09704
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Fri, 12 Jan 2024 12:59:30 GMT
cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
0
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notisul.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:59:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date
Fri, 12 Jan 2024 12:59:31 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.94
content-length
344
content-language
en
/
events.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.83.30.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-30-234.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Jan 2024 12:59:31 GMT
async_usersync
ib.adnxs.com/ Frame 4703 		0
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:32 GMT
an-x-request-uuid
5191fe34-f1a0-4a87-9fd0-572e034dbd93
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E9FF 		0
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:32 GMT
an-x-request-uuid
f70eedaf-e000-41f5-92b6-3ee253f7c710
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.131; 178.162.209.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RJQG17ZHDN&gtm=45je41a0v9119071226&_p=1705064365576&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZGIzZG.dZTNiMT&cid=1963775716.1705064366&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1705064366&sct=1&seg=0&dl=https%3A%2F%2Fnotisul.com.br%2F&dt=P%C3%A1gina%20inicial%20-%20Notisul&_s=2&tfd=8563
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RJQG17ZHDN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notisul.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notisul.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 619C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=924068&asId=425795c2-c37c-da1d-79c5-d748c5f03df2&tv=%7Bc:15J9t2,pingTime:5,time:6138,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:28%7D,%7Bpiv:100,vs:i,r:,t:1137%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1137,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1130~0,0~100%5D,as:%5B1130~970.250%5D%7D%7D,%7Bsl:i,t:1137,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:u19ykye+11%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e*.924068-65485209%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f31%7C1f4%7C1g1%7C1g2%7C1g31%7C1g4,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:30,sis:207%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:531c:b18f:f16f:baba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:35 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 619C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=924068&asId=425795c2-c37c-da1d-79c5-d748c5f03df2&tv=%7Bc:15J9t2,pingTime:5,time:6138,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:28%7D,%7Bpiv:100,vs:i,r:,t:1137%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1137,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1130~0,0~100%5D,as:%5B1130~970.250%5D%7D%7D,%7Bsl:i,t:1137,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:u19ykye+11%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1e*.924068-65485209%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f31%7C1f4%7C1g1%7C1g2%7C1g31%7C1g4,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:30,sis:207%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:531c:b18f:f16f:baba Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 12:59:35 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
all
csm.eu.criteo.net/ Frame CBC5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=rA2H6clBJe0fNkAW5IOMSnPxQPiECkAM-GAlSYMjrkA-PZSHdl8bVZbPmo2cMFwFRB1wPmMMEfdOuosed58N6fEUJd7lpqQqkwfF7i47SSzdqYmfTV30nCOFTZXHb2E6zCbJU8vNxzvGeHjkCgUGsIHHBzIDhR4Rd-Gqz2Hx_Np40WAQKzL_IONQgw_V1e4KfDOAEVP_VZgnto_GgmMHXhPsp-NuK9BYRGeUKN4Gg77c2X2offjT6ZH8qdCuHlLvPrM2vA&sds=2&rev=90134&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaE3rwAH0a8F_eUFAAHlZ275-6pLhdR_EZ7kkQ&u=%7CgHEjr351kvH2sVLIWs8AgjQlWiVA4XdE2hcJOXEQTsI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSn9Xj2qwNpfPIpCgteGALHNjtngRTyPMJnSPC1kdHim4pyVdR7ZrGjF7rIvyDtmxyY3UVyXHEcrFzxxT2DJlIcfc92S664tv5hR9OXDLQ9znqW9dvQITX1IKiB89XTJjskf4S2PJFC5-Cw9fEkbQsxyqVXutba3uvMgI2u7JXoFOV2WrixngtMPuWkFEmz8DcKCDOKXR07Rw5QRQFHIf049lf7eTXqEWY3ftWItdYKLrehzjIdvTTyuuRGsrm3Prz9MGS3dCzWpZK5pJ_D-sEBcJg4udEkKS2tZNR8mLhJ2bQo6s4y3FyaHIvBRrDw5sP03ZqcaQ2AjEOa-v5rC5L_48_d9LHp-tCBSeEgGBS8B2TvJiMQ2sNHr1bnHZBL4LZNCwyUMG0TEyuuiS4vjFfEVlbX1_EMSCb5Kj-nv1lKAV3sIaeLcGT-K6O9I2I3rFIkl_zCs5mS6D1G6EJLsZ2uxCQ5XDa-jvblsP5uFRo9w72ilNnpHQz8vyRLnviRXkoFSdKq1rjAjXZ0qjCDw1COZd2d52XS23cbBFKrKTuV-l81eqBgbOiQIMCBiyzM-MWPWCz3A8oBWJg3J9G10xNBcQkEzuT3U9NdSD7Iob3immldTv1lst0TWyEAhn9UxTyM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvb8vrzehZa-jH4XK998P58qH8AnJntKxXKX8k_dwwI23ARABIABglYKggrAHggEXY2EtcHViLTY4MjkwNzYwNzkwNDY4OTTIAQmpAh9uiy0rZrI-qAMByAMCqgT7AU_QkIxFuhTaHMG4BD0JEH7Ha173WatrBk6yKNkFs2KHMdDY1fhNlr8CAyKS-pfjv8nYWcXhuv2Ce92JIXQMPqbtiLPq4CezKaTHO4tpX1Tbp1Gukoba6PaTpENi6K7_vXspiHPh8q_V3kuE4tEEzwKFU_UIe7TOSbYSJG-OrSwOruRzq5T6hH-9kD9s5qxTG4FvN2VjTZzEs_vuLwdSnesNEAVBDsqwbeT7nDs5DK18J3UEcIQjMNwsisE4Pou4NRsiqnJtVhyrrz3M1JgZDaIHpO9yNFKlBcvuxzPHdFu-dDvLGdXn4qnj2Tw2oaKz9UnsQHdHQpUChPBogAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYib_C3_PXgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BzBL0dyVeEDuIaJ02JV25CZn0CA%26client%3Dca-pub-6829076079046894%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 12 Jan 2024 12:59:35 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Verdicts & Comments Add Verdict or Comment

284 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| documentPictureInPicture string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings function| advanced_ads_ready object| google_tag_manager object| google_tag_data object| gaGlobal function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend undefined| $ function| jQuery object| advads object| tdwGlobal function| documentInitOneSignal function| OneSignal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| denakop object| div object| img undefined| _paq function| ym object| block_td_uid_1_65a13793a9f1a object| block_td_uid_33_65a13793ad86f object| block_td_uid_36_65a13793b0e61 object| block_td_uid_39_65a13793b44dc object| block_td_uid_40_65a13793b6cde object| block_td_uid_41_65a13793b9c53 object| block_td_uid_42_65a13793bc5fb object| block_td_uid_44_65a13793bf62c object| block_td_uid_45_65a13793c2363 object| block_td_uid_48_65a13793c53e7 object| block_td_uid_51_65a13793c7875 object| block_td_uid_52_65a13793c9ba7 object| block_td_uid_54_65a13793cbd8f object| block_td_uid_55_65a13793ce55c object| block_td_uid_58_65a13793d1971 object| block_td_uid_67_65a13793d5118 object| block_td_uid_68_65a13793d7b06 object| block_td_uid_70_65a13793daed3 object| block_td_uid_71_65a13793dcff7 object| block_td_uid_74_65a13793df4a1 object| block_td_uid_77_65a13793e3f05 object| block_td_uid_79_65a13793e6363 object| block_td_uid_80_65a13793e92ab object| wpcf7 string| GoogleAnalyticsObject function| ga object| conte object| elem object| _ppads object| _pbjs object| googletag object| adsbygoogle object| apstag object| _taboola object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage function| $f object| CleverCore boolean| CleverCoreLoaded object| gaplugins object| gaData object| addComment object| _aps boolean| apstagLOADED object| apscustom object| Ya object| yaCounter95390266 object| _pbjsChunk object| _pbjsGlobals object| mnet number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| dkpbjsChunk object| dkpbjs function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| twemoji object| wp object| TTTagManager function| TTTagManagerError object| _ttq_tteurekaads object| avntsWebpackJsonp function| setImmediate function| clearImmediate object| avnts object| brw object| brwQ string| n object| cmds object| _tteurekaads object| ttcNamespace object| google_llp object| google_image_requests object| GoogleGcLKhOms string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder number| brw_video_player object| _ttprofilescache object| avnts_pbChunk object| avnts_pb object| ADAGIO function| _typeof function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent object| iiq_object_array object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_51120 object| closure_lm_890478 function| Navegg object| naveggReady object| nvg46575 function| nvgGetSegment function| ltgc

100 Cookies

Domain/Path Name / Value
.notisul.com.br/ Name: _ga_HHNSGE8GHN
Value: GS1.1.1705064365.1.0.1705064365.60.0.0
.onesignal.com/ Name: __cf_bm
Value: GwJ0M06tSsR53TXPTcleDkwDpSbTRVUfwBYd9oEqaRg-1705064366-1-AQih6QApgg/c3WWWbZlFTPBkD1DqZnZjSYjT6rR8/CxpZgBD1upii3vfJPmn2VJrq5P6Tms/5uRbPMdvSi8R/5c=
mc.yandex.ru/ Name: yabs-sid
Value: 556095331705064366
.notisul.com.br/ Name: _gid
Value: GA1.3.180935877.1705064366
.notisul.com.br/ Name: _gat_gtag_UA_111263603_1
Value: 1
.notisul.com.br/ Name: _gat_gtag_UA_90417898_1
Value: 1
.notisul.com.br/ Name: _ga_VFZE9G1QNG
Value: GS1.1.1705064366.1.0.1705064366.60.0.0
.notisul.com.br/ Name: _ym_uid
Value: 1705064367846793312
.notisul.com.br/ Name: _ym_d
Value: 1705064367
notisul.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.notisul.com.br/ Name: _ga
Value: GA1.3.1963775716.1705064366
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3816564703fake
.yandex.com/ Name: i
Value: Mspux5OUbhf9YZJWWa+oaKmNtJFovfTdGLwWLR4AS7mFUu3a1BIA3ByGDyVjY1SDdf2mX/Zl41nG5L+e2J2WA91SETE=
.yandex.com/ Name: yandexuid
Value: 5985624261705064366
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2836849857fake
.notisul.com.br/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 5985624261705064366
.yandex.ru/ Name: yuidss
Value: 5985624261705064366
.yandex.ru/ Name: i
Value: Mspux5OUbhf9YZJWWa+oaKmNtJFovfTdGLwWLR4AS7mFUu3a1BIA3ByGDyVjY1SDdf2mX/Zl41nG5L+e2J2WA91SETE=
.yandex.ru/ Name: yp
Value: 1705150766.yu.8126725691705064366
.yandex.ru/ Name: ymex
Value: 1707656366.oyu.8126725691705064366#1736600366.yrts.1705064366#1736600366.yrtsi.1705064366
.denakop.com/ Name: uxid
Value: NEFIWLYQRjizruNSJb5cTQ%2F0
mc.yandex.com/ Name: yabs-sid
Value: 169995771705064366
.yandex.com/ Name: yuidss
Value: 5985624261705064366
.yandex.com/ Name: ymex
Value: 1736600366.yrts.1705064366
.yandex.com/ Name: bh
Value: KgI/MA==
notisul.com.br/ Name: denakop_freq
Value: {}
.notisul.com.br/ Name: _ym_visorc
Value: b
notisul.com.br/ Name: nvggid
Value: null
notisul.com.br/ Name: tt_c_vmt
Value: 1705064367
notisul.com.br/ Name: tt_c_c
Value: direct
notisul.com.br/ Name: tt_c_s
Value: direct
notisul.com.br/ Name: tt_c_m
Value: direct
notisul.com.br/ Name: _ttuu.s
Value: 1705064367491
.t.tailtarget.com/ Name: u
Value: fwAAAWWhN692XwbzEbM1AgB=
.t.tailtarget.com/ Name: _ssc
Value: y
notisul.com.br/ Name: tt.u
Value: 0100007FAF37A165F3065F760235B311
.rubiconproject.com/ Name: khaos
Value: LRANAU8H-O-JAUI
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0wil2Goec8ci+IXqvPVzt4X6LBWwGzep2k2NKlEueGiN9uxhe1OWjYNsgPYj02MQ9GBLsuh3fnviYbB5SW5XQ3Rk/4rLqL7noijy0RC4Zd8Ri5j99IjSR+
.t.tailtarget.com/ Name: ttbprf
Value: _volkach_bavaria_de_1705064367790_2997014915
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
notisul.com.br/ Name: tt.nprf
Value:
.notisul.com.br/ Name: __gads
Value: ID=bc7cc4b331b3ed60:T=1705064367:RT=1705064367:S=ALNI_MZGAoXRq5zowuAjQUjFVIJ-f4535A
.notisul.com.br/ Name: __gpi
Value: UID=00000d3fd0fecc2f:T=1705064367:RT=1705064367:S=ALNI_MZC9iF46vxQLx1jUxyGx2borJRrmw
.doubleclick.net/ Name: IDE
Value: AHWqTUn6JpsEBcHoUQKGX5auguefi79-9G6zXOUNhWDIAjwPnL04FuyigCB6ljv8Rkc
.quantserve.com/ Name: d
Value: EEMBCQHxKoEA
.quantserve.com/ Name: mc
Value: 65a137b0-0cdbb-940ee-48cc1
.w55c.net/ Name: wfivefivec
Value: 6pVvcd4W1Roh8c5
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2235ABA1E7-0D43-46BC-012C-AC1A669A1C47%22%7D
.simpli.fi/ Name: suid
Value: F85D6F5E267046DCB3FC8462E3718080
.ctnsnet.com/ Name: gid_CAESEDbgwmSWa0Pw1zCG3QXGx7c
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.tt-11382-4.seg.t.tailtarget.com/ Name: ttca
Value: _1705064368
.notisul.com.br/ Name: _ttdmp
Value: |LS:
.yahoo.com/ Name: A3
Value: d=AQABBLA3oWUCEPWP3QWTqFy-wrMnSkF26JoFEgEBAQGJomWrZQAAAAAA_eMAAA&S=AQAAAt2kEWJCidPteHjAf5DSvyA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZaE3sAAN1DkuPQAM
.t.tailtarget.com/ Name: n
Value: 1705064368
.turn.com/ Name: uid
Value: 3847719959526233796
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6088250643528957305
.googleadservices.com/ Name: ar_debug
Value: 1
.adnxs.com/ Name: uuid2
Value: 7719760622808119083
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In9CO[rb!@wnfH8K6pQK`!5=E<*L5?%Lze't>h77q=jdYG=s/l1h'e%`Av@JJpfUJ4RE%nugO%v4VB%nne5*)xxD
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3b032c35-dab2-46ca-b3ba-c571f93d9289-003%22%7D
.casalemedia.com/ Name: CMPS
Value: 2225
.doubleclick.net/ Name: APC
Value: AfxxVi5-QC2ZynEa9ujeXlW6SVnZdQrtdANEuV7HojrM0GAQo2j7WA
.ctnsnet.com/ Name: gid_CAESEKdLWmb-WAe0A1AmzGBIzZw
Value: 1
.ctnsnet.com/ Name: cid
Value: 5440f8ca73fe4e9a9585096ab628ce58
.casalemedia.com/ Name: CMID
Value: ZaE3sfGF4DgZrID8JkRfYAAA
.casalemedia.com/ Name: CMPRO
Value: 2225
.media.net/ Name: visitor-id
Value: 3480659691491528000V10
.linkedin.com/ Name: bcookie
Value: "v=2&4f7ccad5-5823-43a3-8e4e-8711bbc75789"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDUwNjQzNjk7MjswMjHXitixrdFpiC81vD0ZC5rs9S6h44lWUa4gHTFvCLWzIA==
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2838:u=1:x=1:i=1705064369:t=1705150769:v=2:sig=AQEY8vUnIi6UALNp5wxKnEjVUD8dAp8o"
.tribalfusion.com/ Name: ANON_ID
Value: a1nwfUMwTkE6XlypqmMS0FNN3weH7i47t4sMZbXMSMb0sjC10g4Qs1ZcMFbFZcOJESFkAk37rZcVRuLUrCGplmV0IOFR7B0jZaKWhp9Za1BN3knmU5231SrJRlJFdG7h81wsCP
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3b032c35-dab2-46ca-b3ba-c571f93d9289-003%22%7D
rtb.avantisvideo.com/ Name: uid
Value: 3d3f422c-5ad7-4b03-bed7-ca0dff21fa49
rtb.avantisvideo.com/ Name: uid.sig
Value: mISbq4CRZfXmK59JDUy5L7Z1VXY
.3lift.com/ Name: tluid
Value: 389568302180519276154
.acuityplatform.com/ Name: auid
Value: 876041865416
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRj84GGmamGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUY/OBhpmo90aGlyZFBhcnR5VXNlcklkWkNBRVNFRG5JTzdKTUdoVlpJVkpyanBQbURFVfv7hnZlcnNpb27C+w=="
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6a11a358-fc40-51ad-645a-cd933d3d6171.pd%2FOeZKnQFVzO5ZKk%2BTLxA5xvKePDGY%2FG5ZVxv1N7to
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6a11a358-fc40-51ad-645a-cd933d3d6171.pd%2FOeZKnQFVzO5ZKk%2BTLxA5xvKePDGY%2FG5ZVxv1N7to
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AahGjWPxAUa1kWs2TPT1hcbKi0YM.iI38hNuHGlQxin1hL7RWLPTkEbbw%2F9a1hSSQt3UeUms
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AahGjWPxAUa1kWs2TPT1hcbKi0YM.iI38hNuHGlQxin1hL7RWLPTkEbbw%2F9a1hSSQt3UeUms
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICyQnS2vGiJJDRScFn0sQPajppp8V2tJo8mtHnWDBAysEHwYBCCx74StBjABOgRvD7diQgSYD3yQ.JmNqZcG2cUkv4nstodiIpW9hdVQc%2FAjbFiTzEuedses
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICyQnS2vGiJJDRScFn0sQPajppp8V2tJo8mtHnWDBAysEHwYBCCx74StBjABOgRvD7diQgSYD3yQ.JmNqZcG2cUkv4nstodiIpW9hdVQc%2FAjbFiTzEuedses
.notisul.com.br/ Name: _ga_RJQG17ZHDN
Value: GS1.1.1705064366.1.0.1705064370.0.0.0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.navdmp.com/ Name: ac3
Value: 1
.openx.net/ Name: i
Value: 4cfb90b4-8396-495c-bed9-a2c9d6d07170|1705064371
.navdmp.com/ Name: nid
Value: 13f58798eb0ed54549058a9e2510|1|42
.notisul.com.br/ Name: nvg46575
Value: 13f58798ebb2654070192f41cc10|0_13
.mathtag.com/ Name: uuid
Value: 320b65a1-37b4-4c00-845a-4de160f09704
.shb-sync.com/ Name: smart_usr
Value: 37913bda-afef-4dc0-8ea9-01e6e8ab5c3d
.shb-sync.com/ Name: smart_r
Value: 33333
.smilewanted.com/ Name: sw_user_params_infos
Value: cGviBjYPYUDAyYvQuBkl%2BdHbqhELamjTC8pK%2FS7z8nWcUXHne1wu92ENdxjY95fA45FRW0ZU7ErTuCbCZZHDuId6eCwA8zr70%2B2JvJtQsBj12DmMyMXRhq4IdzhAtx0veZOvUNvn27%2FI1c1cpf6RqLpcXCbJqAjmkDUCIF3hzaJUT0fWbbkkrSVajDnPGqLUH3JZjLFk%2BCvxZ3T%2Ft2%2B5WbzsMsbJv5KEbLd1gZjz5W7LMg5x2XDBJcjyJ7UUrgyYnhLgbkaqUkTtDrvHUmBKtf1rwdcpcJMWGKu8IdcR82mSMxUY3htIzzoAiBMzjP9g768QuT6%2FRKE7QL6Rr1KRwhja0USzloW5jEy3bZOA17Q%3D
.adnxs.com/ Name: XANDR_PANID
Value: p4yv45V8yNJ7XatQH0n3sindHPrAx_ymMQhQR1KVtv971Aofoe7_mSmxs4zn-rV8zm8An7Qifk41GbYM6WlHN9XNj2XK2I9biTNsiSrDdcE.

5 Console Messages

Source Level URL
Text
network error URL: https://notisul.com.br/afiliado-banner-300x250.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
deprecation warning URL: https://notisul.com.br/
Message:
The keyword 'push-button' specified to an 'appearance' property is not standardized. It will be removed in the future.
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6829076079046894&output=html&h=280&adk=3809598800&adf=3268763146&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705064367&rafmt=1&to=qs&pwprc=4254183020&format=1200x280&url=https%3A%2F%2Fnotisul.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705064367373&bpp=1&bdt=1821&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5252623613645&frm=20&pv=1&ga_vid=1963775716.1705064366&ga_sid=1705064367&ga_hid=678951444&ga_fc=1&ga_cid=180935877.1705064366&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320238%2C95320889&oid=2&pvsid=1563553113345751&tmod=541195716&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=32
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 507)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://notisul.com.br/
Message:
Mixed Content: The page at 'https://notisul.com.br/' was loaded over HTTPS, but requested an insecure element 'http://ib.adnxs.com/getuid?https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=$UID&suid=3d3f422c-5ad7-4b03-bed7-ca0dff21fa49'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options “DENY”
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.eu.criteo.com
ads.pubmatic.com
ads.travelaudience.com
analytics.pangle-ads.com
ap.lijit.com
avm.avantisvideo.com
b.t.tailtarget.com
b46ef06a4780f3751b67e3c4de346feb.safeframe.googlesyndication.com
c.amazon-adsystem.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.avantisvideo.com
cdn.jsdelivr.net
cdn.navdmp.com
cdn.onesignal.com
cdn1.avantisvideo.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
config.aps.amazon-adsystem.com
cpm.denakop.com
cs.media.net
csi.gstatic.com
csm.eu.criteo.net
csync.smilewanted.com
d.tailtarget.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
events.avantisvideo.com
events1.avantisvideo.com
fast.quickcontentnetwork.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id.navegg.com
image6.pubmatic.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
img.onesignal.com
ius.ctnsnet.com
match.360yield.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
notisul.com.br
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-us.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
pubads.g.doubleclick.net
px.ads.linkedin.com
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
rtb.avantisvideo.com
rtb.fr3.eu.criteo.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
scripts.cleverwebserver.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.avantisvideo.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.navdmp.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync2.navdmp.com
t.tailtarget.com
tag.navdmp.com
tags.denakop.com
tags.premiumads.com.br
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tt-11382-4.seg.t.tailtarget.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us.shb-sync.com
usr.navdmp.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tempo.com
x.bidswitch.net
101.99.75.146
104.18.36.155
108.138.9.235
13.248.245.213
142.250.185.134
142.250.185.226
142.250.186.66
151.101.129.108
151.101.2.49
154.59.122.79
172.217.18.2
172.67.10.198
178.250.1.6
178.250.1.9
18.195.61.190
18.66.110.17
184.30.16.195
184.30.20.207
184.30.22.30
185.184.10.30
185.86.139.95
185.89.210.122
190.89.239.13
193.108.153.6
198.47.127.19
2.16.97.41
2.18.160.23
2001:4860:4802:34::36
2001:4860:4802:36::178
2001:678:cb4:bbbb::11
2404:6800:4006:814::2003
2600:1f13:800:7782:531c:b18f:f16f:baba
2600:9000:211e:9e00:1b:5138:8a40:93a1
2600:9000:223f:2a00:8:48e:53c0:93a1
2600:9000:225e:8800:3:748e:7940:93a1
2600:9000:2644:f400:1c:38a0:8a40:93a1
2600:9000:2670:7400:8:9ed9:9c40:93a1
2602:803:c004:200::140
2606:4700:10::6814:e180
2606:4700:20::681a:e79
2606:4700:4400::ac40:919c
2606:4700::6810:5714
2606:4700::6810:ef3
2606:4700::6811:190e
2606:4700::6812:170e
2606:4700::6812:18ad
2606:4700::6812:633c
2606:4700::6812:d63b
2606:4700::6812:d73b
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:801::2001
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c0a::9a
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::c
2a02:6b8::1:119
2a02:fa8:8806:21::1690
2a05:d018:d29:3605:da2e:7cf5:bf7c:fec
3.33.220.150
3.71.149.231
3.76.149.124
34.102.185.99
34.215.67.132
34.251.209.93
34.98.64.218
35.186.193.173
35.190.0.66
35.201.123.184
35.204.74.118
35.83.30.234
37.157.2.229
37.157.5.132
46.228.174.117
51.38.120.206
52.215.137.102
54.154.88.230
54.210.237.164
69.173.144.138
77.245.57.72
8.2.110.33
81.17.55.116
89.149.192.75
99.86.4.71
00b5550e8b054376060003cb34e91ea203cde97a67b32a646bab54e273acc970
0188a737e8063e7702d97b2e0a136c1f1ffe017af4eae40eb512266e3ef7b46d
01c7e5d519cd8269f17a9152bd01663679fb02202295bb90c9ff275a290ddd81
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0348b394ae6fdd7144824779c8e0a30825fe70dbcbc09dcba49ba29ada7f0298
0425a43ecb4cc5d7b4fc37a78348a6c4f28791255b95d349e3f55b93e32898cd
053fc6fcd14cf8117c1262ce3601b7922eab00187ee6a3ad05cf77ced1e144bc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c6c27216ac390015acaf3a3240490cb13ea8e93c3ee4f46cb453b4ab1f54a6
0959086c1458b1a0a9c99630cc49197a7b11f3f741dd87a07c6063f6302d890a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a0eb1723fb6707e32a0f0bf794bebcaca9aa48b414a9569fc4fc097d0451c47
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bed32805b51f622cfceea9fccef37690edfe32a1e964e5b04fc62ac99e33fb7
0c9e660ec45245a3d2db228a20af1c9d8dd031200baa4f796ac1dec0b5f9ef95
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
0ea09ae17ec2f5394595b470aea1ec3ea351de1420bff15791ad97fe7ab4b646
0f1d90d5377699b09561e0cda143dc5f9396a382a5a6c30f1ba25f26c5b26323
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01
0f74eda5ca917f0146ec28a71e0602f7a3b9dae063acfeecfe6549bdb165d47a
0fce70f8cc151b178d49948cd6ca11ba3870aa9635cc6dcb7c7952a102934167
1078de14de13c6056ea86f4bffb141bced7db929e8d3a6d646d1310ef2d9f584
11d37d3b34be24fa29bd7c060b053845d0ec8a2b093252b243a6974b14ad1731
13bc95bee4e1c7e98adba1f117c6e6d8275906b36fbe660d950dcc04e0e5f313
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
175d61a6ee3756b069531fe769ca3a9ec12640511740e9decc502803826b68af
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1827427890b200cf24f158ee20443f5f16b283ffd2910af26c87b2fcd4ef3e9b
185ee6c604469276f38fddfd5ec30d536bc7d1ec539289d947184abc8e6226b9
187bb2ab4bd438e4c41b5a87e0c149cc0ddd651de2229864eed3fbcf6810fbcc
1b8ee88f5499865a3848b13ef0e3e6941e910c946a7fe96f628bceb9c6f58cd1
1c32dcd5a2823280471d70ef650b973a76bf8b731602bfa30a5e292ad91c0443
1c54e0683617c8847e7616b85e4429edf98b8a2b16c294f026f1438604f5eb92
1f10615a068e10d788a707caff7691fce1b9feb8c99a360a97d86334ac997baf
206efabc5087f2c77692b82b7be8c386d62d4030e6274934b97158d2e0fc3d2f
20e11c94a46d8cc1048433774b7d06e75c38566a06bbe38806386c3f93f66aea
22fb50fb51d746c7e5a9b78b57e7286257123df1ba0ac1364c29f18ae00ce89f
2376fa7cdcd7bd2d36310978896a01b090e53c99f2c7ce45e2fa62a563b7644a
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
24ee784f7efaee9e6b398f4f20335d9cef65475d258a436bc3d4c22fc8770a58
25e96339d8d712ab7b1cd04cb49e22929bd6bfdee34044f3d28d92a9226ed7f2
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
2980625ad01cf166c6f33b6b3a19bb3b1eb97f92f0417faa6265893ade0557d1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dcaccfc57c5150856d89e4ab4ebb819b2adcd2b54e3cc9eaae007480d6e2315
2e5876f872d768d3e43d4ae76cbbb458b105d2b1e5bcdeefb9c6b113ba7d0195
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3081a7cdb46d7160ef579e9e3b97eb8a377adcb3fa58ff8c1326bfec74ddc1f7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849
3388f0b3e622718eed824757d3f5def73cfcd67735570b4f8bf258f1c6e0537c
3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
34dc415078b3215e6d0d2fa9dad66579508cd368335e0af128784b6364b21c6f
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a90725ba7b25beeb67a6ed70a1a1ad5f68a4e7dcf7194d1da51cce6797aac6f
3aba70f8bb9e5dea8a5278cd67158dbec9deca46281cd1021023d2850abe29bb
3c195f7f86114ba28d547a30f24316b33102a42d54ac5e1161aacfadf9ff8462
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42e1e6a83a3ca50f18846a5238e35624088a41bc015da1094ff5a9cf105672c7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4391c836fd60794aeb5cddc0e7a27a7d01d981cb68ccd7553b4d317fc6b171da
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446f1f06cd957012c05337854f82ccafd60de3a3662d46e573661d4764e3825d
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4537461f441a3efc94cd109d0778ec4167ab27d45ae7b3b3a16ca6bd1f8a5d3f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
472f4392c02fc9c41cae1148a4e66235ada634a71ad6f4a7526e76f68f131115
47334bda7220c36be85d33ccea08df783652eef7faac2f8b64ddbe6d8789f10a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6cad88d9c5ff55f28863d595cd709dffefc5a7db16f2302bc608737f365f38
4ca06dcc493b6b79191cb1173a9b1b93c993dadbeb5ecabd566c573d849c2fb0
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d547b24c7d93a6314605149b1d1b55626ef6124d69a65112fffd85e136389b7
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8a9f91efa071fef1ae36b2178873b6c92e16a7d4a1087468e85609c2e68d85
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9559aa325d9cd7b03b11455ab23d2c0a40cc8bcc9a587db57dc967bb90ab52
516662dd9977e229a39c361398cb3c298ae5ca241f184f898806392fc484a5f6
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53e2c5b3b675bcfb6fef614182dba90e689312b69347f59a086f73b5f4e13e4a
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade
544d408eda70d8e8e0fd9a5545da5cd334699f0dc0323df9433d2fba23abdb02
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
55a04647d256af1fd14f175529cd414d9dd863828141389f9718faed0ef82033
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59671205ce4d2ec4a037ba18847d2e02fddcce3eaed20a6a731161305b24aada
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ec836dc080e76c8041cb8525062b05a2db1dacc9d45a12f842dc542e72f847
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
675e4f36e802cfd2dfda59775e870e1f1847b0cea75c30b83187ba905280a153
67da98923e0202fdb1531f6d788ff4c85b696db4e87fbc1711769a2fdd79c071
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69b0bfc7061b97ed7930edb3b4fbc57da801322b7e62eb7f595c128d052edd46
6b64c80b04cff2dc73a2bd8e0eae63e60e4c0168cb01f431f5031edeec71a2fb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e1c4c7350feb68bef34a3bfe27712366db8ced582e51b85f934568d87848826
6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc
703aa1a34adc0fb4dd4927b41f0416cddc4fe0a838bd844e582d06ea45e209fd
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7206b90765eb10db48bbf9957d0ac0bc36b251354b5d196af83bd1a766713124
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7307ad1954bc51b3f6a032e875ba02a8f1f136a735fa6ad68cc7f71cd8f287e8
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74c0adddaf4bb96296b691b25b1ebd9931a1d23149294fe3a2152cbbfc16e287
74f5df72f53e41d8561ee8233a8e6ec8f7cb3bc9e2a657ebbe19b839f00672a4
76141ad9154b037fa4d1cd707e805f19eb92a511bcdef1e88c73344dd54b8228
793e50060002f4b748e540bf0182e9caf5c14a84ab030262ae7261ed0c319985
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7c0c4f5728ca6bd60259bdc6a6e192bd2a3ce4c9b2b17174ad10368bd77a5e96
7f6f67be713445e6488dcea2848b75732e6ebf6992ebc2a25ada7b0747eb8ab8
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
812f25039df25813974ed4311fb46998d2410a9c7e06074d44a465a8f9d2f792
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
829c8a9ecdaef92c8655fb576cb6fcde16de5ab95638d953c513e4362faf0181
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
87949009ead4d29ffc86d632a50bbc15d836c73eafd13aa0b03b5e215241f3fa
890ada2c96922f7b20f83d63909f22bd3d65ed040ca82bf61607746d05d332a1
8a5268165cc82f838963f2144781aeb8178aed2357d9f7d68810603174fe5d0a
8adf628ade75121722a99ef712647ac2f3f07a40a66a6ec204aa6e565e3e007f
8b90bfab6e722d2396b87d50cee90fdded8ab648258d6f9f966272afc912ca72
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d45a1bd8b997817612d5d1f6f97ab8183c10bb9c8a96406f0f47b209250a55b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e86f0a0524c3fb3e98d533eb9e2f80e1239344aebaa34565a2f42a47332e0b4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f26944bb0a49105870ed138904641479bf78b09126c60f19be224f02c07eb89
9625f2b4bfca25b70aaa98a9048a16e6fc6049fc19e7583fa7db3df65e80c170
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
9738c134de031797aed948f4b2036c7321bafd5c681bf772473344f00de01085
989563bfc54f552a22226d53713f85e39209d45282547bf88494483fba463a92
996475b79e75521bdff3e7f2f111434d0d89c213ab33456ca374f52ced8eb384
99b90cccd2915f69ba4e0f69009b566708fe74252b449850400fd0b368434b6f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4ef842dafaa54a42997281404c0bb3d15c799e76d3abc47fb6b3caf86c4ce7
9b9bd62d41e0475b588177bdfec39010e3305ff9e5487c76972180b5735d3c1c
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9e5e010c6d9a1e946993001e7503bbe1cb6fd54b133b4dc8e4c108952fa2ba7c
9f8337699a9d881fc34d9d9078ac68b45d9a53dfae0d2fbf2b10cc7c727dc9aa
9f9f9b71be540b0a8a37fbddb3f7875efe8c3a497f177a983f569096f0083d43
9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
a1a8208073f17df7dabf0cd9569b14d62ece084d9d90e1bd7590fee2b53fa3df
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3e1c8c0bf59721959106ea234a8097a8bbd1c373d3e3c94ed40fd732bdbefc8
a4550af373ce8e381398211c9dc032b014036ecc3188deba5b946e17b2d40d8f
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6d63d3d8b44ff702e34581e8ae337390bdf3cbe208adefdbaf366ec9d9d9a88
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abab1cf75ef646954e763c9fd3a548527d5076d782c13b0dc1a9ba3ebdb923ac
ade73d875348d5e8ce1cb2a9f5e022f195a1d6ffefd7ce9ff9234104e87b6002
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04e0722d632b1160892329bcda7ce1e7efe8bf2d453f68a650eb04f04f7a51f
b07b05e134ce6f00e199bfb754341348e6c790fc5d6aedda145e680a805a8885
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2930f1b043eb43513a572ab009bc93af14a97086bccceb715cb21cf1a6e75b4
b3013ee30174ddb9219199d7d1113df420c88962da92a051a94d96be79dbeeb9
b5b0d723bddb063bc19dce7596120bc82b9dcf0f8e36c5ebbbd29f9ec0161e1d
b66bd81ddd68c8a8d92e75565702cd63ca7d6af7a26fa44d6707859e64c7d8bf
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b8391c63bca8934d1235b7f7f6bf0d42e4b58724b1a598ae95c29840a73307de
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
b8897aaf8bcb4fda8e1ab3c189b898b336db6648567a6e40788a36495aadcd6e
b98e7160d0075568ab28be42506ed89b44c76123d5129d54d527e05d8c36a8e8
b9fd0e8576ea84ddc87bdb42eaeba3b53e1fc468bc6e3be6eaf07561846010db
ba33741f1b945cfb71d6fe3fb60628af0cb4cce7f464f84c43f5d6457b284272
bc515702575df353afefc760cdbe5b200a89fd9b4e10939142001f41b0ef0a7c
bc7269d642327a2174736fc2b0231d1626e6fff1ca2f57e19c59835e73febe85
bcb9ded6769d6f6b60ee61214bedaf54bfd34d4ed53e018581864197d18cfda8
be60fd136b8fea793e1a46d1a408058f5651778f6073b1a3321720d53271cf84
bff1f388d80b2f7dbc9b192279bf2815032558656ac3599a586d291b5d36c35e
c040139855d5ba23bef8ebcaff03801f1bfe54f439436e4ac59ec0e28e9af843
c0de85fa1624e51827f07e691c10771215e01b17b4fee418573b687e9714c3a0
c3d64171a577b37fc7b854864bb38c2579b5360a0fbe857f783e7c27fafadc14
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c7fb3a74155502c9246518b2a2bbbf6022297bf54ec895c47aeb5d20f5574f7c
c95103116d2c97168d5f48ed5621a4a35902a78403963d1c791b5470b80b61be
ca6f07ec1368dbc869318144688deac0eca76f09553a468c942c2d9a227ca4f5
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbdd1efdce001811091c3a261da3abf371fad85b54faa5d17001579921cded55
cbeafbc4f6a75778d3e9a0b1c1fce5b05a68da8e8252d8b6056fb6304b8fcd4a
cc14bcc45ee7406a2aa6a28f7158443230ec0d48d3bc6b1d6707e98ea68204a4
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
cd6589d30a0a5c61e1fe1467aa8a7e3447238d453a9c2ad40aba7f99d57cda0f
cdb1bef3e22a02a2d012f5c61779e6d8b4b01bb3785990723be0bba9b6910918
cf2e9bbdef32f1bd4e75dd8e1ecf2e7fa61697babb54f4d7e502445608b0d399
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07ff671faf8f28c8859f1bead7fd35a55c69b7bab545ed7de56b7f44c3aaaaf
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3c493846d41fc55b4db348e142c41b61761198554cbc0a4a648effda5b9e47f
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db7b65df8750bb51c57b5ed15f1eb6cbc826d805943ffac2a10f494c7a2b702b
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
ddc11222fe5230b7d4eae7e1cb10957a83b12529726e86ba712a722ea2c8cf46
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea3a6de6485e780c89b190961b4752d9d239fe8705991bbf2aa561b4843dacd
dfc55acc02d2612eb3222b89d90b08d02fda2c8e6654a5fc525e019f64762e05
e02e7de5e68811c310e7299c090355b1697b7213432639fe8abf372f1e1aae07
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e451b803dd55379c994420c1f85f6f405914d31b781f7dd7e06d92555a04ebb5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e6e3fd75e470cd50759b897eab984da9b5cafeda028be8eba2e779e41df6d818
e912234bd72a615c013733b4d25d31ff0150e83c1fb186e17cb402112a04886b
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
e9720467b788e8976050b4faf85895c09c71bf3e5b10b3ed3cec0f3dcc0b8a41
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
edc3eceaf32142a50113b7a39694114e2a51ed95b8c7998a3c62d9f69c8599dd
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
efaf4ad41f657cd1dc07408a59160cafa496db36c8ed259bff15ab87d80643d5
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
efc9fd1be32fe67eb8c42c46a4eec9773844b09c3181edb23e3b5fa38e69a2f6
f03c80196bdfbf7d4f6a6f5c1e0d5e8613b5813a187195910fe034367cd1c920
f0da5b475874c3f52d39a219f92baaa750c33c94b3030f16c28fd65d928724ac
f1e2cc26ba6f0887e92a918e38c2b8ec94f6de33468a3552fcc64f7c8aa3ea7a
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f61bad45bd5c6ddda0a59f543597e072bf8049d6e0534d595413fbe3f5f134fb
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167
f66c23ed68d90fb11bf61541677d48200cd2755fe3bb43c4783401ccb074540b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c5035e04845f6a26f9a9482717abf3ac36711b85e5b2ac87e423ba0ceaaf89
f6cc2c7a76f694544da32e4f5b65d9cffbabd6b247a70f06892086ae35b34ce2
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
facb342ce45a48e6cf3c38e35a0f6431edd75705d9e944361dbc4d26c2a54015
fcbd0076d51db2f568ad500c41b312501f0d32571ac635dcc118677097ba9eaa