observatoriodeourofino.com.br Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://observatoriodeourofino.com.br/
Effective URL:
https://observatoriodeourofino.com.br/
Submission: On April 29 via api (April 29th 2022, 12:00:57 pm UTC) from US — Scanned from DE

Summary HTTP 348 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 71 IPs in 9 countries across 55 domains to perform 348 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is observatoriodeourofino.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 14th 2021. Valid for: a year.

This is the only time observatoriodeourofino.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 48	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:1000:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
4	195.181.174.138 195.181.174.138	60068 (CDN77 ^_^) (CDN77 ^_^)
37	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 23	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:4000:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
7	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
6	68.183.31.14 68.183.31.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2606:4700:20:... 2606:4700:20::681a:b9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.185.251.21 18.185.251.21	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.21.5 51.89.21.5	16276 (OVH) (OVH)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
3 7	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.83.69.178 185.83.69.178	55081 (24SHELLS) (24SHELLS)
3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	204.237.133.116 204.237.133.116	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
36	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
7 30	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
7 9	92.122.147.230 92.122.147.230	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.88.75.189 23.88.75.189	() ()
8	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
4	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	23.227.147.138 23.227.147.138	55081 (24SHELLS) (24SHELLS)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2 2	52.214.158.110 52.214.158.110	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2 7	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
7 9	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 4	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	104.89.42.102 104.89.42.102	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	108.128.215.255 108.128.215.255	16509 (AMAZON-02) (AMAZON-02)
3	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1 1	96.16.141.156 96.16.141.156	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.108.101.160 23.108.101.160	() ()
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	() ()
2	104.89.28.165 104.89.28.165	() ()
1 2	37.157.4.25 37.157.4.25	() ()
1	178.250.2.151 178.250.2.151	() ()
1 2	2606:4700:440... 2606:4700:4400::6812:230b	() ()
1	63.251.232.165 63.251.232.165	() ()
2 3	54.154.135.58 54.154.135.58	() ()
1	5.161.47.120 5.161.47.120	() ()
1	195.5.165.20 195.5.165.20	() ()
1	169.50.137.182 169.50.137.182	() ()
1	2a05:d018:d29... 2a05:d018:d29:3605:ff18:9e8e:6010:4f26	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	() ()
1	66.155.71.149 66.155.71.149	() ()
348	71

48 2a06:98c1:3120::7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

observatoriodeourofino.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:1000:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.181.174.138 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-195-181-174-138.datapacket.com

barra.uai.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgs2.uai.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (United States) 1 redirects

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4000:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

385782dfa26228be64ed333ea0434beb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:b9c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.251.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-251-21.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.21.5 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p38.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.90 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.50 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.83.69.178 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

pixfuture2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.116 (West Chester, United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.250.186.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 92.122.147.230 (Milan, Italy) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-147-230.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.189 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.spotim.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.245 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.147.138 (Piscataway, United States)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.158.110 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-158-110.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.64.190.78 (United Kingdom) 7 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.42.102 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.215.255 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-215-255.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.141.156 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.108.101.160 (None, ) 1 redirects

ASN- ()

b1h-apac1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (None, )

ASN- ()

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.28.165 (None, )

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (None, ) 1 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:230b (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.165 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.154.135.58 (None, ) 2 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.161.47.120 (None, )

ASN- ()

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (None, )

ASN- ()

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:ff18:9e8e:6010:4f26 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (None, )

ASN- ()

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 385782dfa26228be64ed333ea0434beb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 123	761 KB
60	doubleclick.net 8 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 71 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 191 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 277	356 KB
48	observatoriodeourofino.com.br 1 redirects observatoriodeourofino.com.br	1 MB
16	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 61	3 KB
14	pubmatic.com 7 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 432 ads.pubmatic.com — Cisco Umbrella Rank: 427 image6.pubmatic.com — Cisco Umbrella Rank: 556 simage2.pubmatic.com Failed image2.pubmatic.com Failed image4.pubmatic.com Failed	42 KB
11	openx.net 2 redirects pixfuture2-d.openx.net — Cisco Umbrella Rank: 39452 u.openx.net — Cisco Umbrella Rank: 691 rtb.openx.net — Cisco Umbrella Rank: 1377 us-u.openx.net — Cisco Umbrella Rank: 350	1 KB
10	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 377 ib.adnxs.com — Cisco Umbrella Rank: 217 acdn.adnxs.com — Cisco Umbrella Rank: 557	25 KB
9	rubiconproject.com 5 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 935 eus.rubiconproject.com — Cisco Umbrella Rank: 518 token.rubiconproject.com — Cisco Umbrella Rank: 621	13 KB
9	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 503 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 504	8 KB
9	pixfuture.com served-by.pixfuture.com — Cisco Umbrella Rank: 34015 cdn.pixfuture.com — Cisco Umbrella Rank: 42172	496 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	144 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 247	416 KB
7	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 4940 sync.adtelligent.com — Cisco Umbrella Rank: 3539 s.adtelligent.com — Cisco Umbrella Rank: 6162	4 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 158	247 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6408 adservice.google.de — Cisco Umbrella Rank: 8897	2 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	40 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 370 mug.criteo.com — Cisco Umbrella Rank: 2985 dis.criteo.com	2 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	196 KB
4	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 962	2 KB
4	uai.com.br barra.uai.com.br — Cisco Umbrella Rank: 962176 imgs2.uai.com.br	7 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	4 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	spotim.market sync.spotim.market	1 KB
3	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 839	478 B
3	rlcdn.com api.rlcdn.com Failed id.rlcdn.com — Cisco Umbrella Rank: 543	634 B
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 105 partner.googleadservices.com — Cisco Umbrella Rank: 749	16 KB
3	taboola.com 1 redirects c2.taboola.com — Cisco Umbrella Rank: 7458 trc.taboola.com match.taboola.com	17 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	adform.net 1 redirects c1.adform.net	950 B
2	teads.tv sync.teads.tv	344 B
2	everesttech.net 2 redirects pixel.everesttech.net — Cisco Umbrella Rank: 2963 sync-tm.everesttech.net Failed	751 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1661	1 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 619	689 B
2	e-planning.net 1 redirects ads.us.e-planning.net — Cisco Umbrella Rank: 5262	399 B
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 545	810 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1015 contextual.media.net — Cisco Umbrella Rank: 486	9 KB
2	jsuol.com.br tm.jsuol.com.br — Cisco Umbrella Rank: 55697	16 KB
1	sitescout.com pixel-sync.sitescout.com	191 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	yahoo.com pr-bh.ybp.yahoo.com	987 B
1	simpli.fi um.simpli.fi	610 B
1	iprom.net core.iprom.net	280 B
1	truffle.bid matching.truffle.bid
1	adgrx.com cm.adgrx.com	408 B
1	zemanta.com 1 redirects b1h-apac1.zemanta.com	326 B
1	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 7062
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 746	814 B
1	tynt.com ic.tynt.com — Cisco Umbrella Rank: 4294
1	loopme.me 1 redirects csync.loopme.me	208 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 325	552 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 635	635 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 405	185 B
1	uol.com.br tm.uol.com.br — Cisco Umbrella Rank: 73311	687 B
0	onaudience.com Failed pixel.onaudience.com Failed
0	adpartner.pro Failed a4p.adpartner.pro Failed
348	55

	Domain	Requested by
48	observatoriodeourofino.com.br	1 redirects observatoriodeourofino.com.br
37	pagead2.googlesyndication.com	observatoriodeourofino.com.br pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com cdn.pixfuture.com www.googletagservices.com googleads.g.doubleclick.net s0.2mdn.net
36	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net observatoriodeourofino.com.br pagead2.googlesyndication.com s0.2mdn.net
30	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
19	googleads.g.doubleclick.net	1 redirects www.googleadservices.com pagead2.googlesyndication.com googleads.g.doubleclick.net observatoriodeourofino.com.br
11	www.google.com	2 redirects observatoriodeourofino.com.br tpc.googlesyndication.com googleads.g.doubleclick.net
9	image6.pubmatic.com	7 redirects ads.pubmatic.com
8	s0.2mdn.net	observatoriodeourofino.com.br s0.2mdn.net googleads.g.doubleclick.net
7	rtb.openx.net	2 redirects googleads.g.doubleclick.net
7	ib.adnxs.com	3 redirects cdn.pixfuture.com googleads.g.doubleclick.net acdn.adnxs.com
7	www.googletagservices.com	barra.uai.com.br securepubads.g.doubleclick.net googleads.g.doubleclick.net observatoriodeourofino.com.br
6	served-by.pixfuture.com	securepubads.g.doubleclick.net cdn.pixfuture.com pagead2.googlesyndication.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com observatoriodeourofino.com.br barra.uai.com.br
5	ssum-sec.casalemedia.com	5 redirects
5	pixel.rubiconproject.com	4 redirects eus.rubiconproject.com
5	sync.adtelligent.com	cdn.pixfuture.com s.adtelligent.com
5	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net observatoriodeourofino.com.br
5	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagmanager.com	observatoriodeourofino.com.br www.googletagmanager.com
4	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	observatoriodeourofino.com.br
4	ads.pubmatic.com	cdn.pixfuture.com s.adtelligent.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	observatoriodeourofino.com.br googleads.g.doubleclick.net
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	sync.spotim.market	s.adtelligent.com
3	odr.mookie1.com	googleads.g.doubleclick.net
3	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
3	cdn.pixfuture.com	served-by.pixfuture.com cdn.pixfuture.com observatoriodeourofino.com.br
3	barra.uai.com.br	observatoriodeourofino.com.br
2	c1.adform.net	1 redirects ads.pubmatic.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	eus.rubiconproject.com	s.adtelligent.com eus.rubiconproject.com
2	pixel.everesttech.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	ad.360yield.com	2 redirects
2	ads.us.e-planning.net	1 redirects cdn.pixfuture.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	ap.lijit.com	cdn.pixfuture.com
2	secure.adnxs.com	1 redirects observatoriodeourofino.com.br
2	mug.criteo.com	observatoriodeourofino.com.br
2	gum.criteo.com	1 redirects
2	www.google.de	observatoriodeourofino.com.br
2	stats.g.doubleclick.net	www.google-analytics.com
2	tm.jsuol.com.br	observatoriodeourofino.com.br tm.uol.com.br
1	pixel-sync.sitescout.com
1	pubmatic-match.dotomi.com
1	pr-bh.ybp.yahoo.com
1	um.simpli.fi
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	matching.truffle.bid	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	b1h-apac1.zemanta.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	vid.vidoomy.com
1	acdn.adnxs.com	cdn.pixfuture.com
1	s.adtelligent.com	cdn.pixfuture.com
1	u.openx.net	cdn.pixfuture.com
1	onetag-sys.com	cdn.pixfuture.com
1	ic.tynt.com	cdn.pixfuture.com
1	contextual.media.net	cdn.pixfuture.com
1	csync.loopme.me	1 redirects
1	hbopenbid.pubmatic.com	cdn.pixfuture.com
1	pixfuture2-d.openx.net	cdn.pixfuture.com
1	ghb.adtelligent.com	cdn.pixfuture.com
1	prebid.media.net	cdn.pixfuture.com
1	match.adsrvr.org	cdn.pixfuture.com
1	id5-sync.com	cdn.pixfuture.com
1	aa.agkn.com	cdn.pixfuture.com
1	385782dfa26228be64ed333ea0434beb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	imgs2.uai.com.br	observatoriodeourofino.com.br
1	tm.uol.com.br	tm.jsuol.com.br
1	www.googleadservices.com	www.googletagmanager.com
1	c2.taboola.com	observatoriodeourofino.com.br
0	pixel.onaudience.com Failed
0	image4.pubmatic.com Failed
0	sync-tm.everesttech.net Failed	ads.pubmatic.com
0	image2.pubmatic.com Failed	ads.pubmatic.com
0	simage2.pubmatic.com Failed	ads.pubmatic.com
0	a4p.adpartner.pro Failed
0	api.rlcdn.com Failed	cdn.pixfuture.com
348	91

This site contains links to these domains. Also see Links.

Domain
www.em.com.br
www.mg.superesportes.com.br
www.uai.com.br
estadodeminas.vrum.com.br
estadodeminas.lugarcerto.com.br
www.alterosa.com.br
parceiros.uai.com.br
soubh.uai.com.br
aqui.uai.com.br
www.facebook.com
instagram.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-14` - `2022-07-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.jsuol.com.br Amazon	`2021-10-02` - `2022-10-31`	a year	crt.sh
*.uai.com.br AlphaSSL CA - SHA256 - G2	`2021-10-07` - `2022-11-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.uol.com.br Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-30` - `2022-12-03`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-07` - `2022-07-06`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-03-30` - `2022-06-28`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
ads.us.e-planning.net R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-02` - `2022-07-01`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
sync.spotim.market R3	`2022-03-30` - `2022-06-28`	3 months	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
truffle.bid R3	`2022-04-16` - `2022-07-15`	3 months	crt.sh
*.iprom.net R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh

This page contains 66 frames:

Primary Page: https://observatoriodeourofino.com.br/
Frame ID: F225BB9971280BE6AFA3543EF458A0CB
Requests: 101 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: FE673456D9F1ABFE3FBB8AB8F289DC2E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html
Frame ID: B208A01C84DDDCCC4439F843ED2522C3
Requests: 1 HTTP requests in this frame

Frame: https://barra.uai.com.br/centralizador.html?origem=https://observatoriodeourofino.com.br/
Frame ID: A8D46A1612A5A5C725601BB5A60ACD25
Requests: 2 HTTP requests in this frame

Frame: https://385782dfa26228be64ed333ea0434beb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FDD569E472C826C76498C4FE90E9A453
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoKpzROrUQkXQeiYPB1HI6Xb0sRbSNtaig9-NGZdaX1WbW-2Mz1DQFmAd-wEJuDdR7FYZhj-MAArGerE3nv-5ihRxAGL2yb09y4psEKCar5GNOAhDI9_9bU_Xu8HVXFqyBJrD8dmStKUPJMiU-lviFbUQ4t1x_ivdRfeN41NNXy_D8nDtvmmIJSn74mRinPhRxw2VD01Yen-p9JLt4c2uQQCHsmT9gzdGe0m38cnogboqgDykZZyqDf46e1RqLlsXFwveQE441fzW7WDbVLaEZ78L3ftq4SUdg_buc5kd6jlRGV4tb7dnvITAjRLtXiJdT_18&sig=Cg0ArKJSzDrbAjyKGhkUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CFED6C604B8385F78BB041BCCC96C151
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=3171307609&adk=3267273293&adf=1916475581&pi=t.ma~as.3171307609&w=300&lmt=1651229169&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233651890&bpp=5&bdt=2366&idt=144&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea%3AT%3D1651233651%3AS%3DALNI_MYM7RRYYRJ3z19V-ARzPwje0yRphg&correlator=6221419617674&frm=20&pv=2&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=bdeuoqw8R1&p=https%3A//observatoriodeourofino.com.br&dtd=165
Frame ID: 58B5443E306549B7EF500484A46D2CAA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&adk=1812271804&adf=3025194257&lmt=1651229169&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233651895&bpp=1&bdt=2371&idt=172&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea%3AT%3D1651233651%3AS%3DALNI_MYM7RRYYRJ3z19V-ARzPwje0yRphg&prev_fmts=300x250&nras=1&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=181
Frame ID: 368F68716BE30C7184E0CCBCE748ADC9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1C7EEC43613DDD34C8B0281D07B9E38C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0650841D11154ECEAB42344BD6D308E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 7741B4BF18AF2252F89E6753AD92D98A
Requests: 7 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/afr.php
Frame ID: 4EE6BA3CF8387DC61D9EE84C51B97159
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/index.html
Frame ID: 801FB58E0A07D9D6B01A0A48019CAF35
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=3343718287&adf=404394235&pi=t.aa~a.1623855144~rp.4&w=356&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=356x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=3&bdt=3319&idt=-M&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0&nras=2&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1026&ady=2526&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mZuRuokJc9&p=https%3A//observatoriodeourofino.com.br&dtd=26
Frame ID: 405AA8F3A3C9E08FA597EEE8D21CC03D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=2867021843&adf=588939631&pi=t.aa~a.1175667247~rp.4&w=1164&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=1164x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=1&bdt=3318&idt=1&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0%2C356x280&nras=3&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=3351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iJEABk0Ifd&p=https%3A//observatoriodeourofino.com.br&dtd=143
Frame ID: CC6B2F3CC88F0FD88915A430BE5753C7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 681E3A207622D13D284F9D4F2C7C3064
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Frame ID: BFA957D0CDF19DC6BD7042722514C538
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Frame ID: A990EEC8E89E49EF4361F7ADD4296CF4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARibvbzGATAB&v=APEucNWkhj9xIvcWE0FJcBeAwtkebjGs1ZIHj-zBoSbL2LrsVCsF69gLVFjhh2WE4boby2_oKXwU4Or6g8ZajiRcuDOVbw2Dt107c3Y1HYlmrtblYGRNobAP5rpN7NW6_u6ywaw7vRa0PXthBl19uybFsMHdAVsliu2xboLdBS5jBXBS7nxQ6Sk
Frame ID: 8E2D9CCA76201B79010F8CB725A43904
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1mCMhb-qEX1IRO0MK6bHV9MpAMwPkJeWx9WLcjCvCsBDw8A9iQ3_v_AzpBEPR4BxGOdA5woyKQLS3z5hr8suU7vFDCn34vQ7ZYYjdgqa6AU7rfjFGLuk2--bXl5SFKALP2P_lHl8o2joK0467QKom5crlgw&dbm_d=AKAmf-BPQvTXTLUfcRhM3fXwpyiVV6XsrYZF1bv-Ozc0Lx17cyDTInTeibBW1ba6x022a09ov5Bj6-GkMOPa2VPJUoBmUkWUASIvQ02QTPTQ-8sdjXGDMYLDHDOjNxwwVtNr-_K2dEKMEozYp1XzHSfYp3RQ1cww7cCzxXVwk7KZS6gFZZAtRpiNLxl3tTntY-iKj3ie6Z3FFGOxAq-jxTZKdrbxWb0-fK95yg0sjdHmRw5zQuWTBzDiNXXEq6Q_Oj7j83MCFTTRTx7R8TwpeDHjLIwUfWKeJFf4Sp4-qz4gx7TcgkO2i9n64sZwZtDl202NhE1J6ouKx0YFuSG_cuDTkTknC4hkkYOVu2n0KbETIUBDcF5eaRk4gVRiPc8QAFKsolPyX_mF-bfnzmsXuJuRf8b_eInTKg13TPJRcTKZQ5eHo2neJ_8c2iWVkU6WXW334lgtytotn_EbILcl0cjHAYXc6hqWyRgnU3dJvuuwp0Sh88U3tKM11hsgSWl9tYcd-Mj7GU09kxq-c6gyj5-omBl_NK54IW9j5g3HnSos01xcrI33aM1VXSRiAo33lUJ9gEuzOs_L7HD8xRptUUbq2NUpNwgSdCitOd9X7wz4P1xAT6j-cBWPs6curSaAjaoMsW06wl2IHPDbupq33zWLE-T5GNPrv06or9HmddGAip2_AnzF7ARnhrhQ4CkWy7j3epObH2vqFh2uM-xKfx4c5JpgPM-69Ax4_KdQy5Xr6zJpOhesMOjfYLLPakbh9eTyWFi0iqHeb76jPAFHTABEoPoqCidlSVS7OXXOm4i_Z8aISI8wc_X8oT49hnPJ4TZ4Z9cKTkjWW0yYSmzJS3dCiUOtMBBhVEwkfhO6T5diuGfgZCP3IyJ3m_KB5xqVUYr7B1eblzjHnuuAZesA47igbK0Iy0jhwlLxKaI0O2ujnCK-cEVVgHzeY_ConBCkb2uHLT3BcwNs9OEL7ZuhvXPPbxryJGqg-q54uuzt9BEZPQTYiEfoSIwpIJ3RR21neue4obzu8e-SgFCcoC2rAd3FayXCqVgGQ5MH50_fTJWZgHIYKxRS6YtynnjUgHCJzTbkPGIqRNge__DkmhPJGTp-xAykDNhzOZR86fegAQgzn2eqPm-vBocTSYkhoZQtFIwM7TGTXSIf324Q8a-CCegoGhZEdBR7x3Mgu3ewDtLrVq0FSIedv4ncse5gqW8DOdBn-5uAHBZC6H95gFr4NOPYkaNPay0lf8gpk_lWZLJPPgqWlR4dnDuiG7LFNLwIWlYdMO1lIjz_RHDfma1nrMTdmoQZBgpdSqA-mHOQmLXeF2a9Jm9uq2fSWdrdcJB3C-5WBXIALpNNs_Kf3rGv3lOrWD_7A-_6nZG1a6jOkWwpgXKxX4ZDjI31H7QsOkBVp8msX4B9MAKeFGLdh51kNF2o6bHfpgZhQBsp5CY7Y0aF5hPMQGHtY00RHC7K07CIlOAgL-KUlhhi48yUs68MGA5ZZwdGtDhidPm_IMex7fdTxs0GLqsiuuZAgL8wRQyCUxeftlkUBrWZUDxnusTSYvl400aSpIJ97s1bZqJYr2S1f2E8MIyI36FvTYObSVm-2560kICXDW-t8VgEzFvZ9IyZuvcKZKOLe5sUYE-9HCxb4n5Tud11j0u-ASaNO4fyf9xg9hwo5rOj1TfH1NwK2RVGK64ILSb2xXQtMhzNoB7v291qlNgRUaAXgp5F9F5YI5VO5hcL0OEnbnQB1SIqGxycA0qmjvq12ZqJwj96wtaL4mlhbe6VzjXvQqwQPULxSJzR6DWniI0YD1afMNcKsoaijvtb38boaUwRLbx42lSMeCZogs0qw1gzIMW3gnO80HUvQQuC5FoNYgyKlS3iTWdtkDEq7wByOKHak7zJdQV7uDB3dhs6AIRrtXwWx4-cC1LEi0q6xgnpAbZbl36iZ_gBWS1T4bL9Dq2yy47G4ELFW7yBrSSgTaC9HDVemyXirfB9_igGIl5biuB3TPUh-0i4QDRx167AUfJWZdES7hrI1KEjYoT2now6tvlcSMqaykUMjEQV22cUizowChhqDrO_n2H5D6hhvfO8GFg2K-xI-MobjmAiqZAQ_XPDZEMtzj8uCDwR9vPBKhyu2deoLGM6ZmieYXPXghtqg48xffgVMS-Oxqe5dPur1N37ncAtCCINI8ZfVuxkuyW6-RmMaYl6XqzNd6fIiW4iyEYzpGOnDtY6WQbWCrputWlKQbZQxVlAaaQlpOUyPplr-A3_R6OW-j1l_0bYar4vC_-qcqMwlFG8na0KYcFKxI4zmzEIbwUVBv2VgeT8ed6A0iFIBuPuvkpBAeUjTwL4-IVf1kfItpiyOx5CjHOZb1viiEoLlUWkk8jLbqWIbnzmPbZq-gdOwKsK-m4X1dIfx0ytpGngwp3bJbZbxRM8ZNhEuUAlP5fg-6eNcQFx-aEzfGAqazZgfDuDLcoLQarqag2J3sCvVtjIEqG1WLZ8OgeXApKPZaAy496fdmjmZKJP1B60n0nQlOJK4QUJd5FoEGZ2YD0BM5l3RAJBOMqzMiYmjdDyNMn335hIZyj_-0MLOO9p-_DkFD6GS6z2--1qCKniwM0FjEHfyO8Vq5eZHas3qfT264OBqpD3fpb42P4Q-rOauz82ASFR5hEyqy8RMRXY8MblWKkElaLbtnMTJDtm7dpVn2ZGyCJrjpHmLLE_AlddHorLmJWLEvL8riNDJOTSTHgpGBNWPwLqQXp8wzFfCOg_CWGakDZgRGMPSHRbpD62ZGA9nevNrcwl4hTV5CO5Jf1NXwx7DSg93wEGXKn6XvmWm40t52Ve762cgb1NAU7hwT5FT2Z_nL2TcbfqiNTt4LMardnXGXKYKVs1JNOHjDszZSbnXsbPDM_5XQA4vkTIUmnq5m-MBoopniRrxOHtTH_CkHttMxvvKzuNg9728FIW7om6XHrSTMZyJrVrCbK9n4PCCSiSg3nUe-YBub0VLSa0YmSYSy5tclusvH6CnO6FVlZsaR91ChaEnhsDdBsJVm_SFn16TDxxWsprKRP6HMJMA4AuUgiFcc6SQkUyZiZ22Tzdqz0VB9msj3AaKOR6DKvhHovR7pB9KkHTGcn1w3-xKRsM9RtsYqwSty5churjJ2wuH4UFilxK0mdeAS7TNsDxNT2NabDMab4mq7ukK_6EOA_O4u66SBR3KECQrBq9cxiWGiWnkJoCu-jNCDmGKMtO-Z1MKiMH9Zjn9sdV5v524NUnU3Gx9sDUTXIX3JmCokH5q7dS8_LeVW3yCaaoJ_Pw_13_N7fsSk9J66SjVotG3erfzdf1Jk1L74jrH3VjyW-emeGxpJBafgzqcrsI3ebjetJm1nMs56eQzSOtEP7pJjMMWTmFBXUF8mX4qKbhwjdOVyWf4fNyCL-zVXfAY8JiAW0wJHvFkje9VlReEUygLi_wBYAQpl-_Egi5MRHYcLdYGHY4soWeK0XgVOfk7-dpj7PQ2M6kXhMFx0PZOJKZLJUYJ8b9xFVYBrjRPXAbcG40iMnXcM732F58Mmp8xMCnyGRzK182sbgN9YUb-AajLs8wSWXlXfw&cid=CAASJORoc6LfoLyyq1jnhP-EWJACIIaAhCBE0jBZD21m1nOR8ZHu5w&rfl=2%2Chttps%253A%252F%252Fobservatoriodeourofino.com.br%252F%240
Frame ID: 7E92B6F29CE7C04E29FA621D0B016479
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C35F863615C80F2C1855B39CD496548
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4483C7902AB22DAF3FACDDDFCA8BDD9
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=43ca8d35-6b57-4129-8729-1ee75fbadf11
Frame ID: E4FBE7E208C4971919B4B73ABF8BFA19
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C3012%2C2043%2C3010%2C2040%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C3014%2C337%2C338%2C70%2C77%2C38%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 26009CA93FF8B423F3F7DF8E938FB730
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: FE304A9256D74F4144CCD121389B51F7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 06B235EBCFA20EFDCCC0A49CE28A378F
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 479478FEB327AF93259B06A7A564F722
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: D1E54467E2608C8ED3DE7ABD33797672
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: EBF5078DB11ACC63B2EFD58BDCBF8C9B
Requests: 20 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 787B36A755CE517C5C3D005BCAB81E72
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 4417925D06395310CFBD71F0CC45E20E
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F11DCC452F4EE2606F4D14F450AD1018
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 42B992AB5C21C1110D6A335A46C0FD0A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5BC6B10028BFAEB80D992CB52BD15E6F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 533103AB218053339328B7B8584F2C21
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D466CE55A955F69D724375AE7CB8348
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7102753987165683712/728x090.html?e=69&leftOffset=0&topOffset=0&c=OcTbnyLD9B&t=1&renderingType=2
Frame ID: 159B6661E2377EB57A5020796A1FC49F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 09E7AB4012926F02E483F3C29BBA9EEE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Frame ID: 1D529C310F3F7E276597F7CDF41AEA8B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 46AAF5D957905DBDCBE24B4858C101D2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Frame ID: FDDC62A0280D5F124A19BDB549FAB9ED
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 555C8CDB684FC44D3AEB6021B1479BCA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 88B1567EC9B5D0B85CDE7C928B0C1562
Requests: 4 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=4373938494804321799
Frame ID: AF589DA9F414379EC5DA5BA922C8D0EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6y0QEQpvfjARiu7LbIATAB&v=APEucNXSb23FsAhJBlSJ5Q0DjtmRKYhnBH9iZDf6ekUm1hLh6_2NqMbL8WOfTwT7-7_RvIIypmPxSmnZchhoW0WA7YB6T9F5IQUUD0F1r1iTA_Z46HwnoO3xTpoEx9xaQnAfA64BoBDUShG0WNbFrgwmhyIxMDMSRuzOliHL54yk0Fk8jmKxKvE
Frame ID: 5C5D735D5FBE8AB7783C8E4760B8CEA3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Frame ID: E1C420865CAF65DCAA3A2FF96A7CF225
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Frame ID: 378C784A6D84653BF3ECF416DBFA462A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/banners/728x90.png
Frame ID: 31A080CAD9CB0DA7B3A038CC58D5392D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C938547F4E172ABFB25258FC4E21D48A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E25D7E5104323708AC54C83409DC4160
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF
Frame ID: B5C264C42895A18CD70BE6EE35EF4A16
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:05aa626b-d379-4d00-95d5-8a2187bff6e5&gdpr=0&gdpr_consent=
Frame ID: E75E6ED7983038BACA16D40FFE6BA108
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=358051964782846796
Frame ID: 629F9F6B60503F5EEF19A385A1F4FE6A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 990CCD345F64D9A0347BAC02B47C3415
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7091994554878982299
Frame ID: 1D5A5282B67519BCC66C10E3C427D373
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 2530C64502EBBEAEADED3D095E7D4CB6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=90OEW--uROR8Wylt7ZhbvrKi0Yk
Frame ID: 41500B7E6DFFBD6CB2811DE2D4610C11
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 841D142833D5FA44C73AAB5C233EB6BA
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 08062F73E20C3C44C5D64C51DFC5035B
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 2462E63D399C4C25E89A5BE50EDD14EB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 301CFD81B77835B37C3FC513805CEBC0
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: C6750CC45899F89372BA9D43941CDE27
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 8EBE6929C5F831DB50F2C6639356FB12
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaQWUSXMYgUaQaRVb
Frame ID: D12AB08AA29F8CEADAACDD70C8D4EA15
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 4970DCD32642B3D550E65D2B64B65A43
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8ee07d84-5649-4ca2-b0e7-7c8cb55d7a2d-tuct96558f9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 53A27AD90E8463BB59E5168BC793B959
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Observatório de Ouro Fino

Page URL History Show full URLs

http://observatoriodeourofino.com.br/ HTTP 301
https://observatoriodeourofino.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

348
Requests

84 %
HTTPS

34 %
IPv6

55
Domains

91
Subdomains

71
IPs

9
Countries

3971 kB
Transfer

8295 kB
Size

48
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.em.com.br/
Title: Notícias

Search URL Search Domain Scan URL

URL: https://www.mg.superesportes.com.br/
Title: Esporte

Search URL Search Domain Scan URL

URL: https://www.uai.com.br/entretenimento/
Title: Entretenimento

Search URL Search Domain Scan URL

URL: https://estadodeminas.vrum.com.br/
Title: Veículos

Search URL Search Domain Scan URL

URL: https://estadodeminas.lugarcerto.com.br/
Title: Imóveis

Search URL Search Domain Scan URL

URL: https://www.uai.com.br/

Search URL Search Domain Scan URL

URL: https://www.uai.com.br/saude/
Title: Saúde Plena

Search URL Search Domain Scan URL

URL: https://www.alterosa.com.br/
Title: TV Alterosa

Search URL Search Domain Scan URL

URL: https://parceiros.uai.com.br/
Title: Parceiros

Search URL Search Domain Scan URL

URL: https://soubh.uai.com.br/
Title: Sou BH

Search URL Search Domain Scan URL

URL: https://aqui.uai.com.br/
Title: AQUI

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ObservatorioDeOuroFino
Title: Like

Search URL Search Domain Scan URL

URL: https://instagram.com/observatoriodeourofino
Title: Seguir

Search URL Search Domain Scan URL

URL: https://twitter.com/observatorioof
Title: Seguir

Search URL Search Domain Scan URL

URL: https://instagram.com/observatoriodeourofino

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://observatoriodeourofino.com.br/ HTTP 301
https://observatoriodeourofino.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&domain=observatoriodeourofino.com.br&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=_IuqNXxOMUoxcm9HdEU3YzkzN1NTSVlUYk04czJLakZacEE2RUVySlNKK2p3c0JRMkJoei9LSytYVVBOc1RlazJMc1NsdUhoenY3NjNsT3BxK0ludGJ4RjVUT29CQXR6LzZRVUFGUitRdUFVN201d1dSMkg3Rm5ULytsZ2NpM2FqVjJSK3ZJNmVsYmdSMjBBMEhPOFhtUWdWQWUzZjgvYWVzZkRsWXBpZlJCTy9mK1FSdmRBOTZDQ2dGNExPR2J6RGZGQWcrT0xoTCszUENHWWJRTFI5bFprRnY1eXpHU2dwNHFCeE9mV0VweWR5SDdwL3dIVjBwdXcza2FPQ0JJbWpZNmZPfA&cppv=2

Request Chain 80

https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1

Request Chain 133

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=2485278622&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1651233652&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652368&bpp=14&bdt=84&idt=119&shv=r20220427&mjsv=m202204200101&ptt=5&saldr=sa&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&correlator=6221419617674&frm=21&ife=4&pv=2&ga_vid=1318378751.1651233650&ga_sid=1651233653&ga_hid=281306282&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=654&ady=64&biw=1600&bih=1200&isw=728&ish=90&ifk=1878704983&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760912%2C31067068%2C31065659&oid=2&pvsid=2392281034191656&pem=213&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e0mm1rus05j&fsb=1&xpc=BYVDSnZygN&p=https%3A//observatoriodeourofino.com.br&dtd=140 HTTP 302
https://served-by.pixfuture.com/www/delivery/afr.php

Request Chain 172

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAhLvw77rkHHihPj7dsgVg&google_cver=1

Request Chain 180

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmvTdvSfbd1F.N-bFoYLuQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAhLvw77rkHHihPj7dsgVg&google_cver=1&google_hm=2

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ5bKykNX6WUrHD_TAz_jyA&google_cver=1

Request Chain 182

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM3MzkzODQ5NDgwNDMyMTc5OQ%3D%3D

Request Chain 185

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=43ca8d35-6b57-4129-8729-1ee75fbadf11

Request Chain 189

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Request Chain 195

https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=%7Bgdpr%7D&gdpr_consent=%7Bgdpr_consent%7D&us_privacy=%7Bus_privacy%7D&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ac61c826-805a-4715-afce-62ea685a396d

Request Chain 199

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4373938494804321799

Request Chain 235

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJK34SLPuXuSENIIo1kfLy18OJiOiQ3k7TbpaNiVNpoW40OS4k_Qgf9J1z83Z-MJlmrHJfu73jqXD5o1Twmgncndwo3VRgq&google_gid=CAESENp9DM8Uhr9ZDaQTntVHFqc&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPamr5MGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKSzM0U0xQdVh1U0VOSUlvMWtmTHkxOE9KaU9pUTNrN1RicGFOaVZOcG9XNDBPUzRrX1FnZjlKMXo4M1otTUpsbXJISmZ1NzNqcVhENW8xVHdtZ25jbmR3bzNWUmdx HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcnp1eWlXX2IzNW9xWHVUT1NGcDc3YzhtX2wwZE0xU196RXhiaVJzZEsyaw==&google_push

Request Chain 236

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLQYT5_sKmBEW8bSrYUGmwY4ZYVNBdaLcWzsMYjLW_wX6_NGn_2oM7tlhwPJUW98lr1PQxKnV-yTUxPQ6aLBZuPfJ-3N7F2&google_gid=CAESEAWMVOq7qKdJXK6ytpiLpm4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLQYT5_sKmBEW8bSrYUGmwY4ZYVNBdaLcWzsMYjLW_wX6_NGn_2oM7tlhwPJUW98lr1PQxKnV-yTUxPQ6aLBZuPfJ-3N7F2&google_gid=CAESEAWMVOq7qKdJXK6ytpiLpm4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjkxMjAwNTQwMDAxNjQ3ODYxMTI0MA%3D%3D&google_push=AYg5qPLQYT5_sKmBEW8bSrYUGmwY4ZYVNBdaLcWzsMYjLW_wX6_NGn_2oM7tlhwPJUW98lr1PQxKnV-yTUxPQ6aLBZuPfJ-3N7F2

Request Chain 238

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGYg3MnstXZTgwIwr66RHNA&google_cver=1&google_push=AYg5qPIxM6rGmcu3H1WCIPkj2-QoGOno4Ek7IfSBcsYddDQIyMaH4ac5ldQKZAmBrlbe_YCCarvE0UMsbEYVJMBBM3xk2kT3TCnD HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGYg3MnstXZTgwIwr66RHNA&google_cver=1&google_push=AYg5qPIxM6rGmcu3H1WCIPkj2-QoGOno4Ek7IfSBcsYddDQIyMaH4ac5ldQKZAmBrlbe_YCCarvE0UMsbEYVJMBBM3xk2kT3TCnD&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5bJQ-PCS2mpwV5jKnvQ3w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIxM6rGmcu3H1WCIPkj2-QoGOno4Ek7IfSBcsYddDQIyMaH4ac5ldQKZAmBrlbe_YCCarvE0UMsbEYVJMBBM3xk2kT3TCnD

Request Chain 239

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFVglMi7hmWKDssNIBiE6dQ&google_cver=1&google_push=AYg5qPJcrqilaN0N3SUQBSWyWgZ5rb8XmoMTV4JZGgfcOFbVHQQYVkOgNVLZtUc0kKlEhBcIc_9k5x3Z-DAX0QVeOV1vUM5j6qKJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVMFAtRy05Q1Y3&google_push=AYg5qPJcrqilaN0N3SUQBSWyWgZ5rb8XmoMTV4JZGgfcOFbVHQQYVkOgNVLZtUc0kKlEhBcIc_9k5x3Z-DAX0QVeOV1vUM5j6qKJ

Request Chain 240

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_cver=1&google_push=AYg5qPJca8Av2h1RpYwmd9fxDB1YskPuG-ppH1T1Cs-EDcwm93BbSIfiFHzeQfzsh7OvkbuhmkwmFdpvA3ihsiCF6rSJK4gyQro6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_push=AYg5qPJca8Av2h1RpYwmd9fxDB1YskPuG-ppH1T1Cs-EDcwm93BbSIfiFHzeQfzsh7OvkbuhmkwmFdpvA3ihsiCF6rSJK4gyQro6

Request Chain 243

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIsGDgQ3C3p-eZshrobEm-rEYg3mlWsxYInxra494wQ8xUXU3oYwswGJu2FB4U4vcZLENfWf4h2UbPD8DDRIFD2ukweMmTd&google_gid=CAESEK-g_-Z2nCFrVtLOaavXhRs&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW12VGRnQUFCTmVPekFQNw&google_push=AYg5qPIsGDgQ3C3p-eZshrobEm-rEYg3mlWsxYInxra494wQ8xUXU3oYwswGJu2FB4U4vcZLENfWf4h2UbPD8DDRIFD2ukweMmTd

Request Chain 246

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGYg3MnstXZTgwIwr66RHNA&google_cver=1&google_push=AYg5qPLtrzwukZRVLx0TlojV41nCBmppUTv8ARSlCQwPAmemo_yLOoGuQYvbHz03iFTPGNvHIMDSOVDh8m7dqSvqNDlY7TO-YO5g HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGYg3MnstXZTgwIwr66RHNA&google_cver=1&google_push=AYg5qPLtrzwukZRVLx0TlojV41nCBmppUTv8ARSlCQwPAmemo_yLOoGuQYvbHz03iFTPGNvHIMDSOVDh8m7dqSvqNDlY7TO-YO5g&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dj4TYnf0RP6rHRktW3vB4Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLtrzwukZRVLx0TlojV41nCBmppUTv8ARSlCQwPAmemo_yLOoGuQYvbHz03iFTPGNvHIMDSOVDh8m7dqSvqNDlY7TO-YO5g

Request Chain 247

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFVglMi7hmWKDssNIBiE6dQ&google_cver=1&google_push=AYg5qPI_Oj_o0ufrwSN3GCtXnJl4pEWOWNB8sacfKb1_J0PdHq-olZfQjAjdyxUM3JizSHLUFE10fo4MrRq1R8hgcwy_kWQ8mVm7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVMFctUi1ENU5I&google_push=AYg5qPI_Oj_o0ufrwSN3GCtXnJl4pEWOWNB8sacfKb1_J0PdHq-olZfQjAjdyxUM3JizSHLUFE10fo4MrRq1R8hgcwy_kWQ8mVm7

Request Chain 248

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_cver=1&google_push=AYg5qPJSQs3qj-WihkD943irJYnL8mOA1mnv16BDfm-pnV_CB_DjD71dB70L8Vr8PVWpzy82_OgWeOKzjqsRHUghTMdLpWNXX9M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_push=AYg5qPJSQs3qj-WihkD943irJYnL8mOA1mnv16BDfm-pnV_CB_DjD71dB70L8Vr8PVWpzy82_OgWeOKzjqsRHUghTMdLpWNXX9M&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA

Request Chain 250

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 261

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELBlEhDFycbt9wXjd5kQu5w&google_cver=1&google_push=AYg5qPL3d9j17SubLJ0k9713Dj4yU7zoUP-EUpEtjXP0AM89N7c_ilx4vzwnr5WvaPnn8YjWnt_V0Bzs7ae_GTCnWR0tVcM7a-8 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPL3d9j17SubLJ0k9713Dj4yU7zoUP-EUpEtjXP0AM89N7c_ilx4vzwnr5WvaPnn8YjWnt_V0Bzs7ae_GTCnWR0tVcM7a-8&google_hm=NZT49hUcZfbegZcjD2eVrw

Request Chain 265

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGYg3MnstXZTgwIwr66RHNA&google_cver=1&google_push=AYg5qPK0h3iMnNJDs5AlfmcttUwhiO9kQwy3Bm1IhHcx5XHqfb2aCqWAtr_Y1mrQ3ijOeSuOjyL71FrEJAdHPYpaAKLBPtpZ8as HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGYg3MnstXZTgwIwr66RHNA&google_cver=1&google_push=AYg5qPK0h3iMnNJDs5AlfmcttUwhiO9kQwy3Bm1IhHcx5XHqfb2aCqWAtr_Y1mrQ3ijOeSuOjyL71FrEJAdHPYpaAKLBPtpZ8as&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Daq7_84TUW_2y2OvTcuZQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK0h3iMnNJDs5AlfmcttUwhiO9kQwy3Bm1IhHcx5XHqfb2aCqWAtr_Y1mrQ3ijOeSuOjyL71FrEJAdHPYpaAKLBPtpZ8as

Request Chain 266

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFVglMi7hmWKDssNIBiE6dQ&google_cver=1&google_push=AYg5qPIzM_NloP1wdFwnW7NBwlmCsV-7W08BoGfJRzaR5mo-mZSc5p7KPOvWYOOBsJeuv-kgZ7XhQwKEzr-2ZdOUjHC_0eCzmA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVNk0tQS01SFVF&google_push=AYg5qPIzM_NloP1wdFwnW7NBwlmCsV-7W08BoGfJRzaR5mo-mZSc5p7KPOvWYOOBsJeuv-kgZ7XhQwKEzr-2ZdOUjHC_0eCzmA

Request Chain 267

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_cver=1&google_push=AYg5qPJSIyZ-s-BwVO2WBVuOKI7OAUfyYdIwBXfvcJ8zG6AwucpcU1gW4JB2b2jj73JIx9_ePF5OcXQPfZajL9SVtHMYORDgd14 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_push=AYg5qPJSIyZ-s-BwVO2WBVuOKI7OAUfyYdIwBXfvcJ8zG6AwucpcU1gW4JB2b2jj73JIx9_ePF5OcXQPfZajL9SVtHMYORDgd14&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA

Request Chain 276

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
https://eus.rubiconproject.com/usync.html?p=17184-d

Request Chain 277

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID HTTP 302
https://sync.spotim.market/csync?t=a&ep=323548&extuid=4373938494804321799

Request Chain 278

https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YmvTdvSfbd1F.N-bFoYLuQAA%261143

Request Chain 279

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D&ox_sc=1 HTTP 302
https://sync.spotim.market/csync?t=a&ep=482928&extuid=

Request Chain 280

https://b1h-apac1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D__ZUID__%20 HTTP 302
https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0

Request Chain 302

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMH2L10LXBMGrNmt42Kvja8&google_cver=1

Request Chain 304

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEINAJAGGVjMcNOlF6fq7dBY&google_cver=1

Request Chain 309

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELBlEhDFycbt9wXjd5kQu5w&google_cver=1&google_push=AYg5qPIe01B-xMBzbq6c06if0M8hLcDcrS1wD39VATtHmU9PQYiWRYOazMKQi0DQ74XdJ93BXNiQ87pU6dO426ltVSDxVGvd860 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIe01B-xMBzbq6c06if0M8hLcDcrS1wD39VATtHmU9PQYiWRYOazMKQi0DQ74XdJ93BXNiQ87pU6dO426ltVSDxVGvd860&google_hm=NZT49hUcZfbegZcjD2eVrw

Request Chain 310

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLf3zTLKnm-0A0zrBmxp7UB7dv4jZkeCiDJCe6nvAppHw4-J2fndH9j4FJqJYf_VEUHuPVNFyTimzmcrGz4JQ4K94KVqa8&google_gid=CAESEK-g_-Z2nCFrVtLOaavXhRs&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW12VGR3QUFBUTVtRFY3YQ&google_push=AYg5qPLf3zTLKnm-0A0zrBmxp7UB7dv4jZkeCiDJCe6nvAppHw4-J2fndH9j4FJqJYf_VEUHuPVNFyTimzmcrGz4JQ4K94KVqa8

Request Chain 313

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGYg3MnstXZTgwIwr66RHNA&google_cver=1&google_push=AYg5qPJ6PBgmcE2P0me0N2Y5xOuRIBjg6gVFppgpnXHFAhaiwY5Uh0bf8NONyUx8qE2JIUm5Q6hBAsMc9DygrQADHrJbmXbmyxgy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5bJQ-PCS2mpwV5jKnvQ3w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ6PBgmcE2P0me0N2Y5xOuRIBjg6gVFppgpnXHFAhaiwY5Uh0bf8NONyUx8qE2JIUm5Q6hBAsMc9DygrQADHrJbmXbmyxgy

Request Chain 314

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFVglMi7hmWKDssNIBiE6dQ&google_cver=1&google_push=AYg5qPID_6iq0Gd1cLz3TWToGgQNV0UBMnQt3IyEpLvOFLYVRCPY11Clp_iYga8rqXYjbgAC_u_kC9Z4EJZtAYrvZibtm5wFOn01 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVTEEtOS1CVjFG&google_push=AYg5qPID_6iq0Gd1cLz3TWToGgQNV0UBMnQt3IyEpLvOFLYVRCPY11Clp_iYga8rqXYjbgAC_u_kC9Z4EJZtAYrvZibtm5wFOn01

Request Chain 315

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_cver=1&google_push=AYg5qPLRmpIwHRTT-x3HBf4xfmLpxuv6ihCMCxuMh8cUfCzGsWIr-Si2dzCGCaFDyg03uFkiOw_L3DhL4sGkeYsYfEfyKeYOd_E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_push=AYg5qPLRmpIwHRTT-x3HBf4xfmLpxuv6ihCMCxuMh8cUfCzGsWIr-Si2dzCGCaFDyg03uFkiOw_L3DhL4sGkeYsYfEfyKeYOd_E

Request Chain 323

https://c1.adform.net/serving/cookie/match?party=14&cid=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF

Request Chain 324

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:05aa626b-d379-4d00-95d5-8a2187bff6e5&gdpr=0&gdpr_consent=

Request Chain 325

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=358051964782846796

Request Chain 327

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7091994554878982299

Request Chain 329

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=90OEW--uROR8Wylt7ZhbvrKi0Yk

Request Chain 330

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 332

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETlZFN0UxNmNBQUNRazloRnRpUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 333

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 336

https://green.erne.co/pubmatic/cm HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaQWUSXMYgUaQaRVb HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaQWUSXMYgUaQaRVb&xl8blockcheck=1 HTTP 302
https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=1a8b775a3930bfcf0846716bf18b2c74&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D39puKE4JaQWUSXMYgUaQaRVb HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaQWUSXMYgUaQaRVb

Request Chain 337

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1651233657419 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT

Request Chain 338

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8ee07d84-5649-4ca2-b0e7-7c8cb55d7a2d-tuct96558f9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 339

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5bJQ-PCS2mpwV5jKnvQ3w%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 340

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2a9f626b-d37a-4700-8783-068509d2294d

Request Chain 341

https://pixel.onaudience.com/?partner=214&mapped=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0d4682f3a60d0951/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=0d4682f3a60d0951/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1 HTTP 302
https://pixel.onaudience.com/?partner=68&icm&cver&mapped=258823313433792432&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=a12e34e9-f8e9-4b6b-88d2-72877d7afea1&icm

Request Chain 342

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTM5NkM5NDMtRTNDMi00QjY5LUE5QzEtNUU2MzJBN0JEMERG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 343

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJZ6RKt9eR_ehVZIKq1we8M&google_cver=1

Request Chain 345

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=258823313433792432

Request Chain 346

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a12e34e9-f8e9-4b6b-88d2-72877d7afea1

Request Chain 347

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4373938494804321799&gdpr=0&gdpr_consent=

Request Chain 348

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LcBG03_BR4c2xBHUKcJdgiyTFII2wRSDfsB4M5se

Request Chain 350

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sVsRyGZE2uVUQwpXfyrpbdgYqKvYuCs-~A&gdpr=0&gdpr_consent=

Request Chain 351

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=43d1253e-5953-43dc-98e9-43df3043c99f HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=43d1253e-5953-43dc-98e9-43df3043c99f HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=634cc45b-b735-4879-b7ec-685e4a556630&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=43d1253e-5953-43dc-98e9-43df3043c99f&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 352

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dc8cce11-d53b-46be-9da3-3dba77d480ba&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 354

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3926002561379523907&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 356

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

348 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
observatoriodeourofino.com.br/
Redirect Chain

http://observatoriodeourofino.com.br/
https://observatoriodeourofino.com.br/

401 KB
48 KB

288ms
268ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: e341adfffd27c2724b990454a759a54a2c18b3e07622129d4e1fa24c68263b17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, public
cf-cache-status: DYNAMIC
cf-ray: 7037e1285fc99136-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 12:00:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 29 Apr 2022 12:00:50 GMT
last-modified: Fri, 29 Apr 2022 10:46:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fn1ux6ymEavpWHUsNJ7n%2BBI%2FTEXsGH08EmoCE3dbSaLHBFhkl89ihoxnhGqYuLN9VUP7EKfzTL2tuEEx8J%2BQcy2M3mUtHT%2BgIW%2BLlinZXb3ISG%2B64%2BXVgUUSnmTBqGudwMpXfR4MUq8XQggcxsf2mUs4h7iLZm4FT2Kfug%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Cookie
x-powered-by: W3 Total Cache/2.2.1

Redirect headers

CF-RAY: 7037e1281bee9225-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 29 Apr 2022 12:00:49 GMT
Expires: Fri, 29 Apr 2022 13:00:49 GMT
Location: https://observatoriodeourofino.com.br/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yghCT816UJR1qEKMjEgTdvU7%2Fmy0BHLiVjh7%2FZJ6IOlcmAoNsq4Fgzh4Fp%2BIF76iPlx9fG5vRQq3abUKZxErRdgs343oj%2FwquOl%2FemQj%2FvJtkdA%2BmzVLKm5y9SVa%2F8wywu6FhvJ51ToxyL9p3VuQLaMvrRwg11hFPwjOQA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 69ms
28ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48948937-7

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7423929ac41384d94f7f846868445ded424038c6a043ae2d3adb7e0ad1607d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38801
x-xss-protection: 0
expires: Fri, 29 Apr 2022 12:00:50 GMT

GET
H2 200 style.min.css
observatoriodeourofino.com.br/wordpress/wp-includes/css/dist/block-library/ 81 KB
12 KB 19ms
17ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35324
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 26 Apr 2022 18:38:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjLDLORUev6CjNXCUo%2FIcP6q0yeFfAb6PTMhYDfhGzX7csFNaAn1Mse9IyVeU0apV2P6Vi7ldSP7NvyY3xKRkkAX78BFiSny4JwRZEgEmgbve9DxGtn9Q0om98vtl4AxBktIRp4AzheIT2P95rfJ9V%2Fi3DydKo22P56j1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7037e12a2be59136-FRA
expires: Thu, 05 May 2022 19:10:21 GMT

GET
H2 200 style.css
observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
5 KB 20ms
18ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-composer/td-multi-purpose/style.css
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70695
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Fri, 11 Feb 2022 18:18:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bt6BN6JqJkAT7sPpOd%2BMaJIQ0hhPCT0kbrtOG02dvBq8hZp62G5q8dcElBOivuOhM5nAZLVX6lA04eQElXsVTcF%2F9rIryhjh%2BpYsoNU%2BgWdHFUcbfxvtP4%2FzB9cb9ozOok0%2B6yhv7LitYPIMGPW7Mck5uUvCZWbXBHfQog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7037e12a2bea9136-FRA
expires: Thu, 05 May 2022 08:29:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 63ms
23ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700&display=swap&ver=11.4.1

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b3e1d3b60e8c87df17d53bfb684102153aa9675f2ed34a60dd94d36540eb810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 10:31:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Apr 2022 12:00:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Apr 2022 12:00:50 GMT

GET
H2 200 style.css
observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/ 146 KB
26 KB 33ms
31ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/style.css
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 48db2bd4f6be481a3541ba1a839ecbf2a639baeabeaab6236fcd3288f11d3dc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 223102
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Fri, 11 Feb 2022 18:01:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02yItfWoSsETTkqMVRDKJDaAqxPZiu6q0FqtfwLQ7iAV3dR7A%2F%2BpTc60fpgcq895iIa%2F4h9lv9QdHIluBwl0pYW%2BB8MM1fNW7S87zJ5YumgJCUZxTkdy7jvgqrYmalQCgtwVrXizgkMNS6fYVUxnbYl9wgR5rzKQYmIrvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7037e12a2beb9136-FRA
expires: Thu, 28 Apr 2022 18:58:21 GMT

GET
H2 200 style.css
observatoriodeourofino.com.br/wordpress/wp-content/themes/newspaper-child/ 486 B
644 B 20ms
19ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/newspaper-child/style.css
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 25b588f7a82dacda5a429eafc52b59872dc668ea6d51eab2ddf9c36804676184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35324
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Thu, 06 May 2021 15:00:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NB7UGGPcWMsqg8cHrzRqhfTenUCkUt%2BTgImHSQta8PUldiXrv0HWEGYw%2BoY4QiMJRxOJa2RnOpaxJ%2FRCrhxi0OYnariQUnrb2qYrmD5JdyENM80itJJ80%2Bq47tyPiVe4%2FFQZjbT7tuMxMCU2lHdYITzEEvjbj5RcPWqG%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7037e12a2bec9136-FRA
expires: Fri, 29 Apr 2022 13:46:19 GMT

GET
H2 200 td_legacy_main.css
observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 155 KB
24 KB 21ms
20ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: f2331563867ab257b27bcf2add845a4482d1c8fb6143e5c950640b2f7e1c78a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246193
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Fri, 11 Feb 2022 18:18:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuZe%2BmW7LKHQifsAZaDL96CjypHBuULjh%2BhFI2pLOUq0HzJle%2FZnAsuUHwp5UzUwaMdprxDGq2VjBae40iu3Bjfgq9uetHF0I5EiHmCUP71asAIaCp50ZMd%2BZmL7F0E36wdMJIJOblCGcOPwjkVBGjMGqNDeHyzBYwwQSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7037e12a2bed9136-FRA
expires: Thu, 28 Apr 2022 18:58:21 GMT

GET
H2 200 frontend-gtag.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 11 KB
4 KB 19ms
18ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 41c544a9957cf448f9dd048520a74d87bc4ffcfeff1456b406109d90d9fb859f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21917
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 08 Mar 2022 15:48:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYUNBo6wssUmv3Ud5byRczAGR79u4snUwcOsut%2BjZ5vFFWI2szXH734Je%2BPt8aokTONpoSQW1CmlHxfMnC4itaFWd5MMluW%2BlgUxnfQBwjFFjF7epAvGBjzcX0kXUoWdLMF9ijN4UltiHbnCL0YaAcpCanKsmTEQeLKuBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7037e12a2bf09136-FRA
expires: Mon, 02 May 2022 20:30:00 GMT

GET
H2 200 jquery.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-includes/js/jquery/ 87 KB
32 KB 33ms
33ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/js/jquery/jquery.min.js
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21917
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Wed, 29 Sep 2021 16:37:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8ARLIxKTfF2bjHWLjUdP0qE%2BVyIhJxNk1N6lPMVHcd9%2BC3rhsHFohhXrvoAoYSwUqfFd4rRu9%2F13lhIRL9rqRG3uQimK2zkJRWuKux5DGD%2FfhSspscpqCyDoGu3NpmeO0RW6SPapQjgHoVWPjTjigsb7VnnUcWaNWderQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7037e12a2bf19136-FRA
expires: Thu, 05 May 2022 18:58:42 GMT

GET
H2 200 jquery-migrate.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-includes/js/jquery/ 11 KB
5 KB 144ms
144ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Mon, 17 May 2021 16:29:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ISekCkjJlEG4%2BNmV78%2Bdx5SUq9l1g%2BX%2F3REYDBi%2FtbnGgblUn6WvXDtZ9Z%2BF23LfPQvKXGAY1OkMMM4XTdob00HMLCEpsaYRtLBunIbI%2Fp%2FvgtJYyiEoGvy8pT6mH6Q4wYKsWZ14cCfDwvuT1CtfrABysQr3Raxat%2BuKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7037e12a2bf49136-FRA
expires: Wed, 04 May 2022 18:44:07 GMT

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 63 KB
14 KB 485ms
247ms Script
application/javascript 2600:9000:20eb:1000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=o4q8lu
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 83056cb62961fd9c47117752a89d173665d3ac485d75731388016cd40e60c71b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 00:43:30 GMT
server: marrakesh 1.16.6
x-amz-cf-pop: FRA2-C1
etag: 67d1398dc3fe21ba270855ee2ff5f543
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length: 14245
x-amz-cf-id: b4EBeTa1RRMOYSGY46hwTH71rhBczMAliF1TZAWt-dNBdjqdrGIelA==
expires: Fri, 29 Apr 2022 13:00:50 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 wp-emoji-release.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-includes/js/ 18 KB
5 KB 17ms
16ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21916
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Wed, 29 Sep 2021 16:37:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvrtxCUcg6XFbtJcGMiXxJhUiox%2FCf22sErQOyIXLA4bUq8JOgZKd0Ho7lNfkJOFG6MPJ7Z4q8y7apcGppL68zeT5vIYZ5hHEDwofwB3zONuSTXpXfXNH0%2FYlqrBP5gbrHxgy%2BEaeOXepHmwFAqlPqkic2Damz4xFBqDMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7037e12b2ec09bbe-FRA
expires: Tue, 03 May 2022 18:39:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 60ms
24ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48948937-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1560
date: Fri, 29 Apr 2022 11:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 29 Apr 2022 13:34:50 GMT

GET
H2 200 parceirouai.js Show response
barra.uai.com.br/ 4 KB
2 KB 526ms
14ms Script
application/javascript 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.uai.com.br/parceirouai.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-195-181-174-138.datapacket.com

Software

nginx /

Resource Hash

0117082955c19dd930456ec30c3c35a54e3f1eec129a82ce6721d8735b916731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2016 17:47:06 GMT
server: nginx
etag: W/"58a88bd0-112d-5357cf1699a80"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
strict-transport-security: max-age=31536000
expires: Fri, 06 May 2022 12:00:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
56 KB 86ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ebea5c4fcf414150a9a6250689b15695fd85988becb315d8ff9fb43db506fd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56365
x-xss-protection: 0
server: cafe
etag: 360517264518522099
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:00:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 61ms
31ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-36182607-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48948937-7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a890942c6eeae2e17903ceb867ac1f063570b01518d9621899f3ec58de26400b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38817
x-xss-protection: 0
expires: Fri, 29 Apr 2022 12:00:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 62ms
32ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3637695-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48948937-7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67d2fa341b47cfe1abcfe08a1ca0c2180b861e87b3f06598e939d701fff40324

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38782
x-xss-protection: 0
expires: Fri, 29 Apr 2022 12:00:50 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
41 KB 73ms
44ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-58MFNT

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50f730ba6f339a72c156241c3a4fc5147c2d1e4ac83c5ef7ebd4a68f6d40d4dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41715
x-xss-protection: 0
expires: Fri, 29 Apr 2022 12:00:50 GMT

GET
H3 200 newspaper.woff
observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/images/icons/ 28 KB
20 KB 17ms
17ms Font
application/font-woff 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: f9105ad89b0652997872724722eb0747fbabefd60ac84c4d47c374bc27529821

Request headers

Referer: https://observatoriodeourofino.com.br/wordpress/wp-content/themes/Newspaper/style.css
Origin: https://observatoriodeourofino.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21916
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Fri, 11 Feb 2022 18:01:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAku6%2F9ZIfC%2BCamYpISfb43cYAOvA252Q5s1H8vzX3hjlMJS6jmYVANivrP6xtm2359qC4%2BWDyp9CrsBCDxn9kERgimR0extexgfVKKM98O3sqnMIZzUl%2BfebRktkGseEF%2FV34QUkv%2B2LMu3sXBEMnZHSe5t6FazYCyB9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=31536000
cf-ray: 7037e12b2edc9bbe-FRA
expires: Fri, 07 Apr 2023 18:55:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 65ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700&display=swap&ver=11.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://observatoriodeourofino.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 151471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Apr 2023 17:56:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 58ms
17ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700&display=swap&ver=11.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://observatoriodeourofino.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 36869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Apr 2023 01:46:21 GMT

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2f3d1fc7befa734b5b562540a321ac92156abce03cdeb0a6eda122b9714be4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 96 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2e1de6d64f1f4555dc9c0acd0cc228419f76f569bc122a37c8c851e337f2c0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 jquery.modal.min.css
observatoriodeourofino.com.br/wordpress/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/ 3 KB
2 KB 20ms
19ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/jquery.modal.min.css
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35324
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Fri, 07 Jan 2022 19:17:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3%2Blk5dhNUMMP3ewWc%2BXTtfJZUAHW%2FR%2BOsG%2BKt2f951Xw3mHM5BU2T2AUaYiF7w93Sh%2FUxFjfU4VgcDy1yAMLFEt0QecZpiDt5KklVo%2BN%2B8gXfkFmXsRIb7IPIcXuIAJDzgsRNBJNXYgBcqumIGR8t0jcDYtZtd%2BgD%2BSZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7037e12b8fc59bbe-FRA
expires: Thu, 05 May 2022 19:10:21 GMT

GET
H3 200 email-decode.min.js Show response
observatoriodeourofino.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 15ms
12ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://observatoriodeourofino.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Apr 2022 12:16:11 GMT
server: cloudflare
etag: W/"6267e28b-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUVJndDf65KRqhE9jE6K07haoYeFgUb4%2BDmWnUuw453WNvMj78THA%2BOWQq6oan9YwbAqpcE6RvtwyjdwuHxTF0O3ZXp3kA%2FmAXUIO6txSQjYANLGeLKKfig6nCTpBWrao4PySUtMQ1zchtHl5nO1ZgkJGA8dufA6nsIlAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7037e12b9fcb9bbe-FRA
vary: Accept-Encoding
expires: Sun, 01 May 2022 12:00:50 GMT

GET
H3 200 lazysizes.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-content/plugins/ewww-image-optimizer/includes/ 11 KB
5 KB 18ms
15ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: f98ae5d0def0dd4458227a6c9a58799de2aafdbf4dc14e09af26b627cd68b6f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 223101
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Thu, 17 Mar 2022 15:16:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0dY3RtPd1dl15zq6cji%2B7l%2B2XqecYb91kiYCsBYYDkfR0FY2vED4Iy3UzPCWsOCmRceA5H%2FZAS7fYZZhR8i%2FCo%2Brbb%2Btm7p3bnLpHIBXfKlPIEZF9YEZp0l7HsSmGYKFjm83QwP9HDZFhtrJ9K6XiJj9eZpD5YffkZoZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7037e12b9fcd9bbe-FRA
expires: Thu, 28 Apr 2022 19:07:07 GMT

GET
H3 200 underscore.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-includes/js/ 19 KB
8 KB 161ms
158ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/js/underscore.min.js
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Fri, 11 Feb 2022 19:33:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbkNXEs%2F6%2BIqEefxLuXesS1N0k5UIQ0PnGA%2Fkd1IT1H1LP3fAS509ps31g6MIvMCkHQ6w950iqaqvQ1ecCBFe7oO%2BYsRZ0Z%2F%2FEgHLis%2BFFr1kRHEdW87WXr65dafw41owNf5F5NAibkNaOshuXyNnKWiXe2pVAjZTFuwCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7037e12b9fd29bbe-FRA
expires: Thu, 05 May 2022 19:10:21 GMT

GET
H3 200 js_posts_autoload.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
3 KB 23ms
20ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70693
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Fri, 11 Feb 2022 19:21:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2Flk7Ot50C9Grepi5t7W6T0Bph%2FQHJxHBNeDGkCo7T7B6M62bp0RJV76RIVCmtOVmGUYYqo36ADL1Av8lRXwHPv3OKsDvNJhaKp7RvbIgVJf9VYidF%2F5tquv9gtH5u%2B3BP9U2DG1pM1SMkUgX5gtYw66FqD76NUPo65tlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7037e12b9fd49bbe-FRA
expires: Thu, 28 Apr 2022 18:59:51 GMT

GET
H3 200 tagdiv_theme.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/js/ 267 KB
62 KB 26ms
23ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 08c19272c2f4f2e9182304fa928374ca3ae0bc94b9a34e8c2dff93d6bc8882f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21916
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Fri, 11 Feb 2022 18:18:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgPwduFMtMd9dZdftrLiWaQZl3R2WX03L3MRcGx6OdCEjrGncyv4%2FnxTPU2DVJJHmQ5wLCb9WkY8fHbSQWzttnAre5Hm2Sz%2FLBzB%2BJq09KjSb32QcJRKMe44lAAamn3bPe7MLvpNG1TTDbN9QWfqOXRJzJyFNm9c%2FWwDew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7037e12b9fd89bbe-FRA
expires: Thu, 05 May 2022 18:58:43 GMT

GET
H3 200 comment-reply.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-includes/js/ 3 KB
2 KB 156ms
153ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/js/comment-reply.min.js
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Fri, 11 Feb 2022 19:33:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ir5iHqrqWyATPLID%2FYemXQ%2BlOwDuAfF1ZFzE9CrvvbEW1iMgEjLA2Ltm2wh6%2BKjjDqS8nEPoujYa4vOs4zjKyIdCoGZXiAKZOg9h6FRbK9CD6kSAY2vxnUh4aDtoxNkyX9RtDLdXdMDjB89VsxF2GlN%2BGCtFo1tamjOVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7037e12b9fda9bbe-FRA
expires: Thu, 05 May 2022 19:10:21 GMT

GET
H3 200 js_files_for_front.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-cloud-library/assets/js/ 37 KB
9 KB 21ms
18ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 3c31f194616ed5157c41e5e3ae46976fbf82a885584917b82fcfbeee0f10bf7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21916
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Fri, 11 Feb 2022 19:21:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhut0O%2F24bzimsl0VJVtVaNFnrWZObqyQX34FcAno6BSMiwYtqk4YWl%2BPUjplarLT1FcRP8Rh9dWVH48DpHe5hNfoFqmLwjdDM5dREl4PfxjYf5AEJKVIgqgONuRdbvrn2yhT3vdplZqXhxjcilATKbiHY4f8FqzneZOnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7037e12b9fdb9bbe-FRA
expires: Wed, 04 May 2022 18:44:18 GMT

GET
H3 200 jquery.modal.min.js Show response
observatoriodeourofino.com.br/wordpress/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/ 5 KB
2 KB 164ms
160ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/jquery.modal.min.js
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Fri, 07 Jan 2022 19:17:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zW4A5ZrHLa%2Be2NENDi5uNCXNUbMEl0agm6XP6jrzxJs2U2nsywxkWX%2BqFqxiBC4ecxCPJRGsqahNaXLQ4S3bSDty%2BUpUpjVDGB8LabpaGEm0r8YDMH3B1tStxJ3yEuYcl5bQZ0C3fLOjOYrRWqkH8R3faGENs4GaKrzgTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7037e12b9fde9bbe-FRA
expires: Thu, 05 May 2022 19:10:21 GMT

GET
H2 200 barrauai2012.js Show response
barra.uai.com.br/2012/ 6 KB
2 KB 449ms
15ms Script
application/javascript 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.uai.com.br/2012/barrauai2012.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-195-181-174-138.datapacket.com

Software

nginx /

Resource Hash

cf9d0058827fbd662121996a74779a4beb95d301fb5620e1313bc790da4e68ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 16:46:21 GMT
server: nginx
etag: W/"89454cc7-17f0-5da80e2f0f69b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
strict-transport-security: max-age=31536000
expires: Fri, 06 May 2022 12:00:50 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 51ms
22ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1075350720&t=pageview&_s=1&dl=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&ul=en-us&de=UTF-8&dt=Observat%C3%B3rio%20de%20Ouro%20Fino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=667176967&gjid=1140956743&cid=1318378751.1651233650&tid=UA-48948937-7&_gid=1859926508.1651233650&_r=1&gtm=2ou4r0&did=dNDMyYj&gdid=dNDMyYj&z=499931263

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
13ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1075350720&t=pageview&_s=2&dl=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&ul=en-us&de=UTF-8&dt=Observat%C3%B3rio%20de%20Ouro%20Fino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1318378751.1651233650&tid=UA-48948937-7&_gid=1859926508.1651233650&gtm=2ou4r0&did=dNDMyYj&gdid=dNDMyYj&z=350011079

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 12:04:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 86180
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
23ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1075350720&t=pageview&_s=1&dl=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&ul=en-us&de=UTF-8&dt=Observat%C3%B3rio%20de%20Ouro%20Fino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1363855002&gjid=2141892596&cid=1318378751.1651233650&tid=UA-36182607-1&_gid=1859926508.1651233650&_r=1&gtm=2ou4r0&did=dNDMyYj&gdid=dNDMyYj&z=877826927

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 21ms
21ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1075350720&t=pageview&_s=1&dl=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&ul=en-us&de=UTF-8&dt=Observat%C3%B3rio%20de%20Ouro%20Fino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1753448240&gjid=936418711&cid=1318378751.1651233650&tid=UA-3637695-1&_gid=1859926508.1651233650&_r=1&gtm=2ou4r0&did=dNDMyYj&gdid=dNDMyYj&z=323428552

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/diariosassociados-uaicombr/ 62 KB
17 KB 30ms
9ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/diariosassociados-uaicombr/newsroom.js
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 854e7efb5f09924dbf8543ab9e7ad276e8d3034ee675e1cb571d574384437102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "64a57109277a46215cecdc66211ba0be"
age: 137
x-cache: HIT
content-length: 16871
x-amz-id-2: PpG4T0MhryOrELZU2bMOlAh2UGGYu0z29nkyj+lB1HF7tRWiionMKIqoHJ7e48yTjUVv/Y1mbf0=
x-served-by: cache-fra19127-FRA
last-modified: Fri, 04 Sep 2020 23:39:50 GMT
server: AmazonS3
x-timer: S1651233651.630673,VS0,VE1
date: Fri, 29 Apr 2022 12:00:50 GMT
vary: Accept-Encoding
x-amz-request-id: 70SGV9411TE4W0MP
via: 1.1 varnish
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10797981451

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58MFNT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a24d6e7e491926b900ad13f501d64fa3367f3b83148206af7a39101d6263c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42213
x-xss-protection: 0
expires: Fri, 29 Apr 2022 12:00:50 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
448 B 65ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-48948937-7&cid=1318378751.1651233650&jid=667176967&gjid=1140956743&_gid=1859926508.1651233650&_u=YEBAAUAAAAAAAC~&z=1149958990

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Apr 2022 12:00:50 GMT
content-type: text/plain
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 62ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3637695-1&cid=1318378751.1651233650&jid=1753448240&gjid=936418711&_gid=1859926508.1651233650&_u=aEDAAUABAAAAAC~&z=1598152703

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Apr 2022 12:00:50 GMT
content-type: text/plain
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 72ms
36ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10797981451

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:00:50 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10797981451/ 2 KB
2 KB 61ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10797981451/?random=1651233650024&cv=9&fst=1651233650024&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&tiba=Observat%C3%B3rio%20de%20Ouro%20Fino&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d60f1f9e78c804c13e5447cceef69a3ef8d3ec5b35533807e7f67671bace3fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10797981451/ 2 KB
1 KB 62ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10797981451/?random=1651233650031&cv=9&fst=1651233650031&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&tiba=Observat%C3%B3rio%20de%20Ouro%20Fino&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92b3334a22c2fcc04a5550446048aa51fcea3db4051d6c0d894f78dd7fb625f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1046
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10797981451/ 42 B
548 B 61ms
24ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10797981451/?random=1651233650024&cv=9&fst=1651233600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&tiba=Observat%C3%B3rio%20de%20Ouro%20Fino&async=1&fmt=3&is_vtc=1&random=1035507476&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10797981451/ 42 B
108 B 64ms
27ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10797981451/?random=1651233650024&cv=9&fst=1651233600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&tiba=Observat%C3%B3rio%20de%20Ouro%20Fino&async=1&fmt=3&is_vtc=1&random=1035507476&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10797981451/ 42 B
108 B 67ms
32ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10797981451/?random=1651233650031&cv=9&fst=1651233600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&tiba=Observat%C3%B3rio%20de%20Ouro%20Fino&async=1&fmt=3&is_vtc=1&random=2578525655&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10797981451/ 42 B
548 B 61ms
26ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10797981451/?random=1651233650031&cv=9&fst=1651233600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&tiba=Observat%C3%B3rio%20de%20Ouro%20Fino&async=1&fmt=3&is_vtc=1&random=2578525655&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame FE67 197 B
687 B 551ms
488ms Document
text/html 2600:9000:206f:4000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=o4q8lu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 173
content-type: text/html;charset=UTF-8
date: Fri, 29 Apr 2022 12:00:51 GMT
etag: ba5203ce522cc70a434e9a70452ca145
expires: Fri, 29 Apr 2022 12:10:51 GMT
last-modified: Mon, 04 Jan 2021 18:03:21 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.16.6
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-cf-id: T04yRHxlnY5wRzsxJd8C9gd6Zac6JYAajhaOalq8h6N4RX_5Z1etEA==
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 84 KB
29 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: barra.uai.com.br
URL: https://barra.uai.com.br/parceirouai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90c0199e14954113d5e7cffb0c06c99d7d5e4a953ce88483c15bac7e9a8c29d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28724
x-xss-protection: 0
server: sffe
etag: "1199 / 936 of 1000 / last-modified: 1651230418"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Apr 2022 12:00:51 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 42ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700&display=swap&ver=11.4.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://observatoriodeourofino.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 220543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:45:07 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700&display=swap&ver=11.4.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://observatoriodeourofino.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 251930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 14:02:01 GMT

GET
H3 200 elements.png
observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
5 KB 164ms
164ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4149
pragma: public
referrer-policy
last-modified: Fri, 11 Feb 2022 18:18:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLIg2n8eWzK4IskzRTqDhrNHPGjjg5mT9blS%2FW8g3Pup%2Bxg8Nw7ExZfLvU6P1TDAh87%2BJDf6Y%2BUw%2BwnpAxZ2dS3XUYaw5Enp2kwWPl%2BrY7v4WMOgR5yTwTVkuqfeYLkuR9pH0nkeIl437oxZiY5JwGeeYRMFqm83fFqfWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e12f98719bbe-FRA
expires: Fri, 07 Apr 2023 18:55:57 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/ Frame B208 10 KB
4 KB 81ms
16ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 22:58:53 GMT
etag: 3347421328414474149
expires: Thu, 12 May 2022 22:58:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_2022042501.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 58ms
13ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

8cb22f26870c311e1d6970f8f0ac4d264e19016d39627a957f0184d16ad4bdd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:49:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 665
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126856
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 08:44:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Apr 2023 11:49:46 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 98 B
717 B 77ms
31ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=observatoriodeourofino.com.br

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

6d77712774b24cbc957f638eb754e7082ee151c12c1a9b995526b970e16e9ca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81
x-xss-protection: 0
expires: Fri, 29 Apr 2022 12:00:51 GMT

GET
H2 200 logo-uai-mobile.svg
imgs2.uai.com.br/UAI_2018/ 7 KB
3 KB 1306ms
102ms Image
image/svg+xml 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs2.uai.com.br/UAI_2018/logo-uai-mobile.svg

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-195-181-174-138.datapacket.com

Software

nginx /

Resource Hash

c3ecf31e703f59a268f18b82ef3d290ae24f91bda18a770a42798ad1ea0fa0a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
content-encoding: gzip
last-modified: Fri, 04 Dec 2020 13:30:00 GMT
server: nginx
etag: W/"a2b7c26-1ce0-5b5a3792dc87a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
strict-transport-security: max-age=31536000
expires: Fri, 06 May 2022 12:00:52 GMT

GET
H3 200 logotipo.png
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/02/ 9 KB
10 KB 165ms
164ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/02/logotipo.png
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 007c769662c3b7cab77265360474a4da16594e37cbe62a81cd7381f20b85a7ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9554
pragma: public
referrer-policy
last-modified: Sat, 12 Feb 2022 16:00:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtmytYkl2AnrSXy6riDB%2FC368I9Vo51jJPqhNcbEkbM6G%2BZ5pw29SO5uFxOOJZgfCBbfVfnXD1%2Bq5ftztIv77S0uLAvKYt%2Fwb%2FLqTltDBBNHtDuUOhyZkme%2F%2FfS%2F%2FjJR913qT7SF8w%2F%2BRG9xBrTz%2BvLlY8ygj3IZNTnAFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e1310ba49bbe-FRA
expires: Thu, 13 Apr 2023 16:59:04 GMT

GET
H2 200 centralizador.html Show response
barra.uai.com.br/ Frame A8D4 739 B
752 B 418ms
418ms Document
text/html 195.181.174.138
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.uai.com.br/centralizador.html?origem=https://observatoriodeourofino.com.br/

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-195-181-174-138.datapacket.com

Software

nginx /

Resource Hash

926cfdbcb7e64be5b911524c61c376f4d33faa2535486a2cebadb34153ed7529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=2592000, s-maxage=1296000, proxy-revalidate, stale-while-revalidate=19
content-encoding: gzip
content-type: text/html
date: Fri, 29 Apr 2022 12:00:51 GMT
etag: W/"58a88be0-2e3-54fe3383940c0"
last-modified: Fri, 19 May 2017 16:43:23 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 60ms
22ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 68ms
22ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 191ms
158ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2903018302951535&correlator=2738246605460981&eid=31067294&output=ldjh&gdfp_req=1&vrg=2022042501&ptt=17&impl=fif&iu_parts=6887%2Cuai%2Cparceiros&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=2636216665&didk=3112464240&sfv=1-0-38&ecs=20220429&fsapi=false&prev_scp=pos%3D1&cust_params=resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cobservatoriodeourofino%252Ccom%252Cbr%252C%26titleofpage%3DObservat%25C3%25B3rio%2520de%2520Ouro%2520Fino&sc=1&cookie_enabled=1&abxe=1&dt=1651233650719&lmt=1651229169&dlt=1651233649525&idt=1164&biw=1600&bih=1200&adxs=567&adys=108&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=814x0&msz=814x0&fws=4&ohw=1600&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

5a74a5a5210a8dd5594658adf3b88c6f023bdecef7621f18e38a885f655fc461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9058
x-xss-protection: 0
google-lineitem-id: 5714646640
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352299489
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
385782dfa26228be64ed333ea0434beb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FDD5 6 KB
4 KB 100ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://385782dfa26228be64ed333ea0434beb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 12:00:51 GMT
expires: Sat, 29 Apr 2023 12:00:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame FE67 4 KB
2 KB 9ms
9ms Script
application/javascript 2600:9000:20eb:1000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:05:12 GMT
content-encoding: gzip
age: 3339
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 1065
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 18:00:13 GMT
server: marrakesh 1.16.6
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: VWv8vx6npyM9GAfx240bltLIF7rXHO1irQXMc8-yIym0FCyXZPjdNg==
expires: Fri, 29 Apr 2022 12:05:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CFED 0
0 57ms
50ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoKpzROrUQkXQeiYPB1HI6Xb0sRbSNtaig9-NGZdaX1WbW-2Mz1DQFmAd-wEJuDdR7FYZhj-MAArGerE3nv-5ihRxAGL2yb09y4psEKCar5GNOAhDI9_9bU_Xu8HVXFqyBJrD8dmStKUPJMiU-lviFbUQ4t1x_ivdRfeN41NNXy_D8nDtvmmIJSn74mRinPhRxw2VD01Yen-p9JLt4c2uQQCHsmT9gzdGe0m38cnogboqgDykZZyqDf46e1RqLlsXFwveQE441fzW7WDbVLaEZ78L3ftq4SUdg_buc5kd6jlRGV4tb7dnvITAjRLtXiJdT_18&sig=Cg0ArKJSzDrbAjyKGhkUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 headerbid.js Show response
served-by.pixfuture.com/www/delivery/ Frame CFED 973 B
1 KB 289ms
91ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:51 GMT
last-modified: Tue, 02 Mar 2021 20:36:48 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "603ea1e0-3cd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=172800, public, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 973
expires: Sun, 01 May 2022 12:00:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CFED 120 KB
36 KB 61ms
28ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 12:00:51 GMT

GET
DATA 200
OK truncated
/ Frame CFED 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5023b54d4df84252b78c9e1038eb52e4ade7182b8569634f432dcb6666ac77c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame A8D4 49 KB
20 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: barra.uai.com.br
URL: https://barra.uai.com.br/centralizador.html?origem=https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://barra.uai.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1561
date: Fri, 29 Apr 2022 11:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 29 Apr 2022 13:34:50 GMT

GET
H2 200 hb_v2.js Show response
cdn.pixfuture.com/ Frame CFED 33 KB
34 KB 61ms
26ms Script
application/javascript 2606:4700:20::681a:b9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/hb_v2.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45df10c585e01c07a3602ed16c1c6842d2572d6b15bceff9cb1f58256d330e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:51 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 15:09:43 GMT
server: cloudflare
age: 7704
etag: W/"61533037-84f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAIOViU6VQJQBljiVGWY%2Bk%2Bwd%2B6AMKZssgKX9rl0sLfnBzd86zOPmm8aRqTsw%2BCbAqNt%2F1VYAQkoVFHVIL89ik2L3jQpvVglBr6ev7K8eysaoGqSfUWmWZ62yHK2uGd17%2BK3pKm1v49RwhVZz16V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Sat, 30 Apr 2022 14:56:45 GMT
cache-control: public, max-age=2678400, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7037e134dd878fe8-FRA
cf-bgj: minify

GET
H2 200 pbix.js Show response
cdn.pixfuture.com/ Frame CFED 423 KB
424 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:b9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/pbix.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 536386f4e5a08dcde004ad0d24c4ea816a2054ba53f5da25ebb12fa4493f693f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7688
cf-polished: origSize=433266
cf-bgj: minify
last-modified: Mon, 23 Aug 2021 13:19:22 GMT
server: cloudflare
etag: W/"6123a05a-69c72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkLhgity4X5cWsxuqGHKSQVgde0lNQvV0299p5aoZ1Pu6sJ3Bi2ozMkJWBljHcufpoxFGWp4cs%2FiwMTttSgYhZg%2BXjkbTGaqbUtZ77KjOanZc2PaOOdYgLapV2%2FazufcZjZWegrXDCco87tyLtE1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400, no-transform
cf-ray: 7037e1350dcd8fe8-FRA
expires: Sat, 30 Apr 2022 14:56:51 GMT

GET
H2 200 r.js Show response
aa.agkn.com/adscores/ Frame CFED 0
185 B 38ms
8ms Script
application/javascript 18.185.251.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.251.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-251-21.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:52 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript
content-length: 0
expires: 0

GET
H2 200 hb_v2.php Show response
served-by.pixfuture.com/www/delivery/ Frame CFED 9 KB
10 KB 289ms
106ms XHR
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=7781x728x90x1439x_ADSLOT1&keywords=&refUrl=&refresh=false&innerWidth=1600
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5f95bfde693fdf0a38e75ce5c73199b240263191d301c12d32d4387cf2f26826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:52 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800, public, no-transform
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 01 May 2022 12:00:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CFED 0
0 76ms
48ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjdM4nzy88YrjyXkdotwYLdobb1qu5EBAezFiujYXXPrby9DPq-WSY7uE5Gap5ZESBNj2oN3Y_6fYiOyDY9CtN-678wMWbC9j6IlPty4oCtDr333Bglqpy17XETtB3qQHD24jTMM6cfxxE0pdERbqya75fwJqt1puT3q0-SwXmKbOwfENNHEhRifA8TzeoY4hJ5y6jSN2IJ1jNyxkgHC7sV1n9ijpROqJRIjC9XtJoyrNwlYtdHCLHc4U4m0jH2WM_OnITWn35Y497xrHu3VrW8IqO43LORrEcPFvzjN1RFg7opFhMrwuxUoNmVgBN7axWd9Rp8A&sig=Cg0ArKJSzFry72yHot1XEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 29 Apr 2022 12:00:52 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 48ms
15ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&domain=observatoriodeourofino.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://observatoriodeourofino.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 29 Apr 2022 12:00:51 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1046
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame CFED
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&domain=observatoriodeourofino.com.br&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=_IuqNXxOMUoxcm9HdEU3YzkzN1NTSVlUYk04czJLakZacEE2RUVySlNKK2p3c0JRMkJoei9LSytYVVBOc1RlazJMc1NsdUhoenY3NjNsT3BxK0ludGJ4RjVUT29CQXR6LzZRVUFGUitRdUFVN201d1dSMkg3Rm5ULytsZ2...

411 B
667 B

50ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_IuqNXxOMUoxcm9HdEU3YzkzN1NTSVlUYk04czJLakZacEE2RUVySlNKK2p3c0JRMkJoei9LSytYVVBOc1RlazJMc1NsdUhoenY3NjNsT3BxK0ludGJ4RjVUT29CQXR6LzZRVUFGUitRdUFVN201d1dSMkg3Rm5ULytsZ2NpM2FqVjJSK3ZJNmVsYmdSMjBBMEhPOFhtUWdWQWUzZjgvYWVzZkRsWXBpZlJCTy9mK1FSdmRBOTZDQ2dGNExPR2J6RGZGQWcrT0xoTCszUENHWWJRTFI5bFprRnY1eXpHU2dwNHFCeE9mV0VweWR5SDdwL3dIVjBwdXcza2FPQ0JJbWpZNmZPfA&cppv=2

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

679b33246b4b4e9cab1895def827c097ba2a329892a18e77ccceedfcfb29959c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:52 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4014
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:51 GMT
location: https://mug.criteo.com/sid?cpp=_IuqNXxOMUoxcm9HdEU3YzkzN1NTSVlUYk04czJLakZacEE2RUVySlNKK2p3c0JRMkJoei9LSytYVVBOc1RlazJMc1NsdUhoenY3NjNsT3BxK0ludGJ4RjVUT29CQXR6LzZRVUFGUitRdUFVN201d1dSMkg3Rm5ULytsZ2NpM2FqVjJSK3ZJNmVsYmdSMjBBMEhPOFhtUWdWQWUzZjgvYWVzZkRsWXBpZlJCTy9mK1FSdmRBOTZDQ2dGNExPR2J6RGZGQWcrT0xoTCszUENHWWJRTFI5bFprRnY1eXpHU2dwNHFCeE9mV0VweWR5SDdwL3dIVjBwdXcza2FPQ0JJbWpZNmZPfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1407
content-length: 509
expires: 0

POST
H/1.1 200 529.json Show response
id5-sync.com/g/v2/ Frame CFED 212 B
635 B 87ms
20ms XHR
application/json 51.89.21.5
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/529.json

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.5 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p38.id5-sync.com

Software

Resource Hash

ef57c028ca3d4f36d659c489bbf587650b329f265fd27ad429bdb4c827f8f5a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://observatoriodeourofino.com.br
Date: Fri, 29 Apr 2022 12:00:52 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ Frame CFED 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame CFED 109 B
552 B 114ms
32ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=yoni5uv&fmt=json
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 03c2b481a3d6ae510fc516779446e43755d51ef0134b48f9cf72eb3dd4cd93f4

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 29 May 2022 12:00:52 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame CFED
Redirect Chain

https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1

0
1021 B

31ms
31ms

Script
application/javascript

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:52 GMT
X-Proxy-Origin: 178.162.209.137; 178.162.209.137; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f2d1cdce-9410-4339-b625-d2bcb804bc2a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:52 GMT
X-Proxy-Origin: 178.162.209.137; 178.162.209.137; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1bf77696-711f-45fe-9860-bc887b87479a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 78ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 29 Apr 2022 12:00:52 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1170
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame CFED 1 KB
951 B 199ms
163ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5386d0e7b814a03addb73f5e2535ace587fb8ef721a4c801eae0a9a07198681e

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:52 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CFED 144 B
1 KB 229ms
198ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

05fd46abce1d557c25b81420abf17eb501cb6c4ac6460fcf07261209660da9cc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:52 GMT
X-Proxy-Origin: 178.162.209.137; 178.162.209.137; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e8569d22-a704-40e2-bd0a-2bbfca864b3c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://observatoriodeourofino.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ Frame CFED 2 KB
968 B 92ms
21ms XHR
application/json 185.83.69.178
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.69.178 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2fd69d938741264f71ba861709e38d6a8b3860d0fc3829ef5478464bed35fb19

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 29 Apr 2022 12:00:52 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://observatoriodeourofino.com.br
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 667

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ Frame CFED 73 B
387 B 64ms
26ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=dcfa9aaf-19ff-4253-b215-df9e09951bd6&nocache=1651233651777&id5id=0&pubcid=52be4081-8bad-44ce-bf17-ba8cf08e89af&schain=1.0%2C1!pixfuture.com%2C1439%2C1%2C%2C%2C&aus=728x90&divids=7781x728x90x1439x_ADSLOT1&aucs=&auid=540580842&tps=bXlrZXl3b3JkPSZteW90aGVya2V5d29yZD0%3D
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 5a3a57721c542c75d1ada59a8b088e5fc03957a83a9da86c0f8a47c52006732b

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:52 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://observatoriodeourofino.com.br
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame CFED 23 B
533 B 58ms
19ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.9.0-pre
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: a5c5c27cfddc38965ab8436a08e4a3fb2c820b037869d87e1edb5e499ebbc121

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 29 Apr 2022 12:00:52 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://observatoriodeourofino.com.br
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame CFED 0
125 B 490ms
159ms XHR
text/plain 204.237.133.116
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://observatoriodeourofino.com.br
date: Fri, 29 Apr 2022 12:00:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/ 308 KB
110 KB 73ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6915609541681026&plah=observatoriodeourofino.com.br&bust=31067267

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

317b461d0bd86c4b065aa35ce25d53c57ac4b80649e7bc5bd7e310b653455cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112825
x-xss-protection: 0
server: cafe
etag: 9932149670956657995
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:00:52 GMT

GET
H3 200 Policia-Militar-de-MG-2-696x392.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/01/ 41 KB
42 KB 15ms
15ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/01/Policia-Militar-de-MG-2-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: abb5e6cd351a63e85e134d678fa2d6c4d21015554692008ce174e11cbd69777f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54930
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42098
pragma: public
referrer-policy
last-modified: Tue, 04 Jan 2022 14:21:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1d8ec7ck7KMaUvR5OxZ1sOBY%2B6WLQ76eOT1gQa877KlQUinamkEZSVPalhp5JYXfIX%2FqwmPwdqcdSW4D10H6mJRnr95uz1gYZoxSnH74mC5LHL9qi22oMzmdxBpNe1HxcdzzwtLKgNB%2B4vaTbUI9h1uUxhITVNEsQnQP8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e1392cd69bbe-FRA
expires: Fri, 28 Apr 2023 09:42:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 60ms
30ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9db567eae6e6a3c4c4fba754606ed7b66d231bdfd11fd72ea6dbd56d4a850e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10526
x-xss-protection: 0

GET
H3 200 Cafe-da-Manha-Colonial-01-1-696x392.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 60 KB
60 KB 30ms
30ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/Cafe-da-Manha-Colonial-01-1-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: bad9c4efc3ec0a8005d3a1b4899f48efc4e0bfa0f57520d89632916e745de72c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58316
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60950
pragma: public
referrer-policy
last-modified: Thu, 28 Apr 2022 19:27:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGgE5fZh8RNyca1ascWkdgfAVS43d3g6Evnb2yy7YjJ9j8BJmNy7rhPzZvV5Vg1pQTPmKYHcW5mvG58oMN8IJdY0wlnJ2hOewYKIij6nhxSfXXFOpK2d1xkGKC8nkkdHLcxe1jcZ9gCRFkh1zkMNnYlD8q8Ou8g9YPUG0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e1394d1e9bbe-FRA
expires: Fri, 28 Apr 2023 19:36:52 GMT

GET
H3 200 6a-Festa-da-Polenta-1-324x400.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 41 KB
42 KB 181ms
180ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/6a-Festa-da-Polenta-1-324x400.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 3a9d7ece219eadbf759da68e497af11cc391f179f627bde9050237a80321accc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41911
pragma: public
referrer-policy
last-modified: Thu, 28 Apr 2022 14:35:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VMbncDkkYWg3fRMJ5gS273KHkR%2B1hMQf54GbZC6rXML7u6p1RHv0KlWikPiB1Mi41C6mtoJBXeSxl6NRpm4Eu5AnsXN5Mg62eI1o8PMpcf9RaANZXZeeR7UyzTSKnI048ihZ%2FCUttoK8RgQcDs7ZPIQ6ytX2S3urShrjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e1395d929bbe-FRA
expires: Fri, 28 Apr 2023 20:22:47 GMT

GET
H3 200 Carro-da-Policia-Militar-1-324x400.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/12/ 11 KB
12 KB 157ms
156ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/12/Carro-da-Policia-Militar-1-324x400.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: b149de19dca14151c9dd1a728698910d92db444886efad87920d76564bc03907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11423
pragma: public
referrer-policy
last-modified: Thu, 30 Dec 2021 17:38:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VD%2BEtOyfEp2uyVpyiGzspBWoFijIvEVrQmg%2BGcTS4YH0%2FOtCD3S23HMZLQh5Aom49vg2tOSaGPojWqLhfTysm5c5XhPOCEy0E3Ix47QxxH9NgswWSQMjMoL%2FA7B4tA5XapqMNoeO8cstVITfYN2uRqRspzIWhN0kgBQ2Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e1397dee9bbe-FRA
expires: Tue, 18 Apr 2023 19:17:20 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 87ms
37ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 12:00:52 GMT

GET
H3 200 PM-PA-Observatorio-G-Uol-324x400.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/11/ 17 KB
17 KB 168ms
167ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/11/PM-PA-Observatorio-G-Uol-324x400.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: f0b6d7fdd5a6fc178a82d37500d867866cfe94543b3c91da3974c3dbe2d73115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17234
pragma: public
referrer-policy
last-modified: Tue, 23 Nov 2021 18:49:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEZOJTr14hwnFSz6fQHbF8ZN2twJ8ga3sPQCku%2FN1tvc8q%2FrhoyLeDBrfE6NflVKY8VYTPePYH9lG70KIq6gTZY6Z7vaD6NK%2FdbNayMZBDbBwlNpJS5Sf7XXW%2BRfbmwd8nmMTDS1BzDxBzX7uCRuwvvSuMkB140mvEQqqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e1399e289bbe-FRA
expires: Fri, 28 Apr 2023 14:43:40 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 233 B
433 B 24ms
23ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=observatoriodeourofino.com.br&callback=_gfp_s_&client=ca-pub-6915609541681026&cookie=ID%3D4fb37a4d499968ea%3AT%3D1651233651%3AS%3DALNI_MYM7RRYYRJ3z19V-ARzPwje0yRphg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6915609541681026&plah=observatoriodeourofino.com.br&bust=31067267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

ade14baa9fc8510e1785cefbd9649bc920c92801beddf794ce63a6bcee7d0278

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 218
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 52ms
24ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 52ms
23ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 58B5 112 KB
41 KB 690ms
690ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=3171307609&adk=3267273293&adf=1916475581&pi=t.ma~as.3171307609&w=300&lmt=1651229169&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233651890&bpp=5&bdt=2366&idt=144&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea%3AT%3D1651233651%3AS%3DALNI_MYM7RRYYRJ3z19V-ARzPwje0yRphg&correlator=6221419617674&frm=20&pv=2&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=bdeuoqw8R1&p=https%3A//observatoriodeourofino.com.br&dtd=165

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8046d0949013eda592002293561965b0edb1e92bf779033eee1d1acddb99b666

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLaNxNqcufcCFVb57Qodt14G5g&gqi=dNNrYuW7MIiptgfgga_gAg&layout=/sadbundle/%24csp%253Der3%24/13150679774491910741/DAH_336x280_Hamburg/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 42246
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLaNxNqcufcCFVb57Qodt14G5g&gqi=dNNrYuW7MIiptgfgga_gAg&layout=/sadbundle/%24csp%253Der3%24/13150679774491910741/DAH_336x280_Hamburg/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 12:00:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Fabrica-da-Heineken-em-Minas-Gerais-1-324x400.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 15 KB
15 KB 151ms
150ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/Fabrica-da-Heineken-em-Minas-Gerais-1-324x400.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 9720ac5c3c75ed17b5bde0e073ab68be91aa4b2ba7efcd56f867aaa24c262175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15076
pragma: public
referrer-policy
last-modified: Wed, 27 Apr 2022 18:19:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJgAzwyldjcfhaudQUf4MfV8oSInz2c6IvASeZBA0Vl3wOcMLbZGLWDmqyH3d%2Bp8%2FXNfrv%2Bur9hkFuD%2FFkisoZ174UYrZGWuhexS%2B3RaG0IRCSX3XMrlZHB3z%2F%2BkmfRcNsz5%2Faf8SepqbHYzlREy6%2Fm3dymbl598VXoOiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e139ef029bbe-FRA
expires: Fri, 28 Apr 2023 00:51:02 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 368F 193 KB
54 KB 685ms
685ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&adk=1812271804&adf=3025194257&lmt=1651229169&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233651895&bpp=1&bdt=2371&idt=172&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea%3AT%3D1651233651%3AS%3DALNI_MYM7RRYYRJ3z19V-ARzPwje0yRphg&prev_fmts=300x250&nras=1&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=181

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

481fc6de8cd1aac51ee428e017c092a525911fafbc36e962ebb283e00e1a0a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 55027
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 12:00:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Policia-Militar-de-MG-2-696x392.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/01/ 41 KB
42 KB 22ms
22ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/01/Policia-Militar-de-MG-2-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: abb5e6cd351a63e85e134d678fa2d6c4d21015554692008ce174e11cbd69777f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54930
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42098
pragma: public
referrer-policy
last-modified: Tue, 04 Jan 2022 14:21:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fe7AfNPD77vpsPPSwmnKt39oJODzniDklNzszcd55WHNKInTpOTUikz%2FsRfVrPM%2BeJLYgDlnRXsyNsP3mW%2FYs%2B3mgTFuKrQO%2B%2FfTDmAquPV2AuGJ7y1LENt2SbFNwdhVmUNaYKwasJtHBDEIjOBTT5CxcF9ZxhcdFRuZcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e139ff2d9bbe-FRA
expires: Fri, 28 Apr 2023 09:42:25 GMT

GET
H3 200 Cafe-da-Manha-Colonial-01-1-696x392.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 60 KB
60 KB 15ms
14ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/Cafe-da-Manha-Colonial-01-1-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: bad9c4efc3ec0a8005d3a1b4899f48efc4e0bfa0f57520d89632916e745de72c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58316
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60950
pragma: public
referrer-policy
last-modified: Thu, 28 Apr 2022 19:27:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQA0UiPSRl7RBWp9YjS%2BGKHICVilaH47PxnMIWXZ4NBhCO2dr6h5oLdka9clOfiD0%2FaoZJ2DRPVP%2Bdd6lQarzSzpBE4jFlN0I79byPSV0QDP8PW9U%2FzwtusmU8I%2BQYe1YeJpUGyeIFUrWfjuBTiDrzyB%2FZu7mX9d8bNfZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e139ff2e9bbe-FRA
expires: Fri, 28 Apr 2023 19:36:52 GMT

GET
H3 200 Heliponto-em-Jacutinga-Sul-de-Minas-2-324x400.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 25 KB
26 KB 155ms
154ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/Heliponto-em-Jacutinga-Sul-de-Minas-2-324x400.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 4c02f0c3809ab5ade178dacffa5852828f29def13dc66d2eb406f2996b9a23c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25875
pragma: public
referrer-policy
last-modified: Wed, 27 Apr 2022 14:52:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y64uAcC11qBudgJWRXEMkn6eN5QWhZLtvgU%2BcPZKwsw8oxl0i6D09zrd0tpfZiCsQRSLgXvdjPHyRIsyHaD%2BZLGhDqz7q5P7hztYq6FhD%2B3X%2BJqcnv8QY3V5RG5ky7%2FXzVQdhv6pATBTxb4laIhh9svdoGiHhC%2Fk4Xqlaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13a0f3b9bbe-FRA
expires: Fri, 28 Apr 2023 00:51:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1C7E 13 KB
5 KB 44ms
13ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 11:57:50 GMT
expires: Sat, 29 Apr 2023 11:57:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E065 783 B
535 B 97ms
42ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7791fc59ac754d9fd67ef26a2497e802ebfcb0db4468ba92f0fb744d0b6fe91c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8q71dZ6pNRltwevKy+3uEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-8q71dZ6pNRltwevKy+3uEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 12:00:52 GMT
expires: Fri, 29 Apr 2022 12:00:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Cafe-da-Manha-Colonial-01-1-696x392.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 60 KB
60 KB 21ms
21ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/Cafe-da-Manha-Colonial-01-1-696x392.jpg
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/js/jquery/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: bad9c4efc3ec0a8005d3a1b4899f48efc4e0bfa0f57520d89632916e745de72c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58316
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60950
pragma: public
referrer-policy
last-modified: Thu, 28 Apr 2022 19:27:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=851fsUlm57tpM2jLdN%2BsD78LlrCV4LOH%2FUKiTfALHMuB1byCvUNKj5fWCxsfrd2jdZLRQaUhSLdH8xKjoS%2F4zTg3VJfEJO1%2BCJYbdfxjALeH3%2BPQsHiANB4%2FH341E6m4ALdkU1CnJ0sa7uBXVGgELF81wT4PfmyDtwzMtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13a3fcd9bbe-FRA
expires: Fri, 28 Apr 2023 19:36:52 GMT

GET
H3 200 277168314_4971623816226366_3683057111498910449_n-696x394.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 56 KB
57 KB 182ms
181ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/277168314_4971623816226366_3683057111498910449_n-696x394.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 7c2e249d6591e7aa8115463c525c82d6a11f57176338e062abe2c669c9708098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57849
pragma: public
referrer-policy
last-modified: Mon, 04 Apr 2022 21:11:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnjbMx12znzL4qSfIk17kFxYqPLECJNPvuhN2tp0dJGEU5yLTsFcUk0uIMrBmyiHENjP9WI0jJH1eewdvd%2FWqaMjccxAFxHvWJUZCKYPHNp%2B2%2FJG5bC%2Bmcg1aBp7KkmI9BXt6cSy8Whe9TIOCY3Eu%2BbpR4OAlz70tMVDOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13a580d9bbe-FRA
expires: Fri, 07 Apr 2023 18:55:58 GMT

GET
H3 200 6a-Festa-da-Polenta-1-218x150.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 13 KB
14 KB 165ms
164ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/6a-Festa-da-Polenta-1-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 394ddd1c963497b0de4039e64855da10426362ae90510d675337b390bb213327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13386
pragma: public
referrer-policy
last-modified: Thu, 28 Apr 2022 14:35:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8z33muvHaheejvSwnCcoMCMKOUaCAjkt48p3Sjy7TWcASFLNiFswblsPo6zGMeUhb00uswFzTFED8hwhUSM8mFBzU0RKYa55MX9uXF3KI%2BF%2FlrR2nv4g7NdU9eYw2uOU6tkrCR21IcdKtLYvJRvVYbqBXAm9w6df%2FS9hyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13a987d9bbe-FRA
expires: Fri, 28 Apr 2023 21:01:54 GMT

GET
H3 200 nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C7E 35 KB
13 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 10:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 10:04:27 GMT

GET
H3 200 6a-Festa-da-Polenta-1-324x400.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 41 KB
42 KB 14ms
14ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/6a-Festa-da-Polenta-1-324x400.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 3a9d7ece219eadbf759da68e497af11cc391f179f627bde9050237a80321accc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41911
pragma: public
referrer-policy
last-modified: Thu, 28 Apr 2022 14:35:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msnE9todFwWQ1pHLoTuDy9yZ6%2FjUsCV1tKyY3JmgbtOeMA%2BEyLxk5CpwlL7i3wgbhL1qGkJnC7DTCcdT1V2uffy2g0S0%2FiGcrvbFmo7qOx97sJgM9XjPT0qDoW4DoRrkpv6S9zipuS1OKSksPlGKn9YTWJwFbKksqdDSvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13ad9239bbe-FRA
expires: Fri, 28 Apr 2023 20:22:47 GMT

GET
H3 200 Carro-da-Policia-Militar-1-324x400.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/12/ 11 KB
12 KB 17ms
16ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/12/Carro-da-Policia-Militar-1-324x400.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: b149de19dca14151c9dd1a728698910d92db444886efad87920d76564bc03907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11423
pragma: public
referrer-policy
last-modified: Thu, 30 Dec 2021 17:38:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyzImnUlrjmT5k2UrzykRsLnStPz5eWe4Z%2FiZfpFNB6joQIM3xE6EbulWiaHQ5sBO1CD7OewIs6DlVEMhax2n0HcXKfIFCBQmyt0HMvGIJrRR9jNQ9Cn2Hw19Y2KuJkUYos5QNYoGws81MUwE6atHLvs9LmdWUdQRHsbIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13ad9269bbe-FRA
expires: Tue, 18 Apr 2023 19:17:20 GMT

GET
H3 200 Carro-da-Policia-Militar-1-218x150.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/12/ 4 KB
5 KB 155ms
154ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/12/Carro-da-Policia-Militar-1-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 34c9f73e113ccb2ce50e439aa36b1cf642613fbc81c9b3ac0a6e8d4061e9265e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4545
pragma: public
referrer-policy
last-modified: Thu, 30 Dec 2021 17:38:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyBs83HleFHCNG9eOd0uqRxsB1%2FEW4q%2BKgInkJA81dbQN6PEExmMCf5tj4Xt%2BIdL9Pmo07BJzPuM987r34cfQErBzhCA1WAIIegIt6%2F%2FloDilQ%2BjKT%2FHPEC56Uc4UsjO6MOkTdNFCIG9Q0M4mHzWF1yzeFOpSMLxcL70Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13ae9459bbe-FRA
expires: Tue, 18 Apr 2023 19:46:59 GMT

GET
H3 200 PM-PA-Observatorio-G-Uol-324x400.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/11/ 17 KB
17 KB 17ms
16ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/11/PM-PA-Observatorio-G-Uol-324x400.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: f0b6d7fdd5a6fc178a82d37500d867866cfe94543b3c91da3974c3dbe2d73115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17234
pragma: public
referrer-policy
last-modified: Tue, 23 Nov 2021 18:49:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UosRVicGNzI7ANld6e7qBNEX35t994dy3M9ctDyXusqYuroQa4rN61j0xItnUghSqpTtyXt0IORyWUQ4J55jdMvNyDIUhVSoLmdQXESblQzbFtWFJYmz%2BrTLXt%2FJQZPXhQptRwPBm4%2F2XFflMb6WHmogQqCxKLVljCKmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13b097c9bbe-FRA
expires: Fri, 28 Apr 2023 14:43:40 GMT

GET
H3 200 Policia-Militar-de-MG-2-696x392.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/01/ 41 KB
42 KB 15ms
14ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/01/Policia-Militar-de-MG-2-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: abb5e6cd351a63e85e134d678fa2d6c4d21015554692008ce174e11cbd69777f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54930
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42098
pragma: public
referrer-policy
last-modified: Tue, 04 Jan 2022 14:21:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJsXAli1ebCmk9MSOHYCV66xNlAuAJoOEcxpgTbK1Q5rF0%2BtBVfilZhRAf0krFcINSHazb1MBB7T65xgkgmLINDT8xIPSrY0rs6OpbJNGoMxuqllnL0I2o6H%2B%2BjcGn48BhVs%2F1%2B74iwmGpkHyUDvdKFN%2BERCm1GtuzKvAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13b097f9bbe-FRA
expires: Fri, 28 Apr 2023 09:42:25 GMT

GET
H3 200 Cafe-da-Manha-Colonial-01-1-696x392.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 60 KB
60 KB 24ms
23ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/Cafe-da-Manha-Colonial-01-1-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: bad9c4efc3ec0a8005d3a1b4899f48efc4e0bfa0f57520d89632916e745de72c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58316
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60950
pragma: public
referrer-policy
last-modified: Thu, 28 Apr 2022 19:27:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kJ2Qx3UmgZgB2G1lywA0Hw6M4bkr0%2B5dNabawwyODBbz3ikpA2NGY7esP8d1bnLehhJEsuRgJLHizxNUqUIWkfC%2BxKkbBgEBPmYREwvdXvI%2BfdIDuAy6k74at1wESest%2F7yxoJHVj4hBYigV%2BXgn2H7hRwrdgf1yDLOtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13b09829bbe-FRA
expires: Fri, 28 Apr 2023 19:36:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E065 0
0 61ms
61ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042501&jk=2903018302951535&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 Fabrica-da-Heineken-em-Minas-Gerais-1-324x400.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 15 KB
15 KB 20ms
20ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/Fabrica-da-Heineken-em-Minas-Gerais-1-324x400.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 9720ac5c3c75ed17b5bde0e073ab68be91aa4b2ba7efcd56f867aaa24c262175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15076
pragma: public
referrer-policy
last-modified: Wed, 27 Apr 2022 18:19:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmTgiy2acFKZ%2Bsur6mbEQLCmO1M4Rlpq%2B8dsYM6S2%2BQscAqaCB13NXgdnLLteMobLMnVqJ%2FduZHOrYbrNbUO1yPbsHpRb0Pa7R%2FEOC7HZoMiibHH0LJf8U22s97pPkqq9505Gm4xzYx0wm6TM%2B2AY98whXAuS41wZKM7Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13b4a379bbe-FRA
expires: Fri, 28 Apr 2023 00:51:02 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7741 117 KB
39 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3446347312012117afa6fda23ded94cf916e271d6773e571fb537792e170c924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40193
x-xss-protection: 0
server: cafe
etag: 11311768297772875286
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:00:53 GMT

POST
H2 204 tracking.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame CFED 0
309 B 93ms
93ms XHR
text/plain 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:53 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 01 May 2022 12:00:53 GMT

GET
H3 200 Cafe-da-Manha-Colonial-01-1-696x392.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 60 KB
60 KB 18ms
18ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/Cafe-da-Manha-Colonial-01-1-696x392.jpg
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/wordpress/wp-includes/js/jquery/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: bad9c4efc3ec0a8005d3a1b4899f48efc4e0bfa0f57520d89632916e745de72c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58317
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60950
pragma: public
referrer-policy
last-modified: Thu, 28 Apr 2022 19:27:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tw%2F4CpHGjTeDkKp9yaUN8i%2Frj7oOIXnHpbOW%2F5hQRYG6y4owWd6edt2zJ2g5zY5ePYY4Bc1P1KU824zIcs7HPuu8RHdj2azhdr5o0TirtLKvgDb4vJAda0dST70Lc%2FbHT%2FiChMAvkKXb6To7td5MX3oAD9l8LHVzbc%2FvFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13b5a509bbe-FRA
expires: Fri, 28 Apr 2023 19:36:52 GMT

GET
H3 200 Heliponto-em-Jacutinga-Sul-de-Minas-2-324x400.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 25 KB
26 KB 25ms
23ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/Heliponto-em-Jacutinga-Sul-de-Minas-2-324x400.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 4c02f0c3809ab5ade178dacffa5852828f29def13dc66d2eb406f2996b9a23c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25875
pragma: public
referrer-policy
last-modified: Wed, 27 Apr 2022 14:52:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4MVuhflLBpdQykqW1zpW1Yb1LKpwjxQRp2vugBJxhdg9h0%2BJvbWn1pBw1Cs0739AUg8Rn46qC3ok3ts8WC6zaERqkX5FUx4CRPbvAGk7tAu9IRL0hwj1Un6kPAKKWg9yPtRfR3pawnApGgWODVEiqAhfFRLazDPHCHJjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13b7a9e9bbe-FRA
expires: Fri, 28 Apr 2023 00:51:02 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1C7E 0
9 B 16ms
15ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hlmjAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/ Frame 7741 305 KB
109 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=observatoriodeourofino.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8c9373c3e76d1db35f3ae004bd30194ecd9cb038fe2ec7e27acbda4d18f5b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111276
x-xss-protection: 0
server: cafe
etag: 4699993232570329518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:00:53 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CFED 42 B
64 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqwAkCfz2qAfoHik3Fhp3GYQTf89ctDSfokl9kj7TYBK7dIElVeYXSs7EgFCCFJdcZeQ3ZdXzga5NM-WhBAY-VCgl4Od7ZvPbWxCEnSdlryxzMIFPu&sig=Cg0ArKJSzNzqLQGZaou7EAE&id=lidar2&mcvt=1014&p=64,654,154,1382&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20220427&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2636216665&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651233650925&rpt=439&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6a-Festa-da-Polenta-1-218x150.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 13 KB
14 KB 13ms
12ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/6a-Festa-da-Polenta-1-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 394ddd1c963497b0de4039e64855da10426362ae90510d675337b390bb213327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13386
pragma: public
referrer-policy
last-modified: Thu, 28 Apr 2022 14:35:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvdcJ4owxsrBvHLwcPgbL2EXYZCVj%2Bgma0G8Qd46Uha0WJpT1LlwWQOdUjAmbHSB48yOlpxy10laQs%2Fn5DTFveinLsvMclQ0pjw7gkmmtTB0wfvDr279HF1ZHxH9XlW80Z1OzzMHkKeih4gdc0ZoXZatIhTmxKmBiJjdbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13c3c349bbe-FRA
expires: Fri, 28 Apr 2023 21:01:54 GMT

GET
H3 200 Carro-da-Policia-Militar-1-218x150.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/12/ 4 KB
5 KB 14ms
13ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2021/12/Carro-da-Policia-Militar-1-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 34c9f73e113ccb2ce50e439aa36b1cf642613fbc81c9b3ac0a6e8d4061e9265e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4545
pragma: public
referrer-policy
last-modified: Thu, 30 Dec 2021 17:38:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEGo7f2KumRcXWjV%2FZw%2BCV4XVpf9znQ8cbiv8AB3e1nXICNNulSB0mZ7TxbWw%2F%2B266DCUV7Rd%2FTLWMPv%2FFJ6QHDhaCf%2FHnKoy5g2NBYh6tSLeYqwP%2ByPggHXMvPGRgdFatIN0ZCDtKdQDoa9CPoSma%2BqoGmy%2Fr%2BjsiouVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13c3c3b9bbe-FRA
expires: Tue, 18 Apr 2023 19:46:59 GMT

GET
H3 200 Cafe-da-Manha-Colonial-01-1-696x392.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 60 KB
60 KB 16ms
15ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/Cafe-da-Manha-Colonial-01-1-696x392.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: bad9c4efc3ec0a8005d3a1b4899f48efc4e0bfa0f57520d89632916e745de72c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58317
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60950
pragma: public
referrer-policy
last-modified: Thu, 28 Apr 2022 19:27:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiaVbm4m5DIUhVeRbAXv%2BZ44wbhM3cBoEcgcZWQXsp3nFwABC7VP7xUdk48fcpy5MmPyvsbdE6IOerDtGGXfvd8R6wdN0iQmilg59OEasqeT9oIP6EngaDcLbsOFq3hQIUuZ51ixv8HVinO7N%2BwDUPDddkOi0%2FrAEA%2BLJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13c3c3c9bbe-FRA
expires: Fri, 28 Apr 2023 19:36:52 GMT

GET
H3 200 277168314_4971623816226366_3683057111498910449_n-696x394.jpg
observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/ 56 KB
57 KB 16ms
15ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://observatoriodeourofino.com.br/wordpress/wp-content/uploads/2022/04/277168314_4971623816226366_3683057111498910449_n-696x394.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/2.2.1
Resource Hash: 7c2e249d6591e7aa8115463c525c82d6a11f57176338e062abe2c669c9708098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: W3 Total Cache/2.2.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57849
pragma: public
referrer-policy
last-modified: Mon, 04 Apr 2022 21:11:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmjb0L8X%2F0I8h71Fvfte04NlldozF2yjRN5%2BmjB%2BGglsYBToJTZuYcvQu%2Fu7B6k1Ft2lXrGJYqw8VQfEdBjLIRq1RYF6e6rRir0nU9B2uQy%2F5V333wRZSTpXp2g2undGrZoImrueVdqBoB%2BwwXH6Rz3TJ0K55NVcbSqL6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7037e13c4c609bbe-FRA
expires: Fri, 07 Apr 2023 18:55:58 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7741 12 B
53 B 22ms
22ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=observatoriodeourofino.com.br&callback=_gfp_s_&client=ca-pub-1575911585432548&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=observatoriodeourofino.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7741 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7741 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

afr.php Show response
served-by.pixfuture.com/www/delivery/ Frame 4EE6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=2485278622&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=...
https://served-by.pixfuture.com/www/delivery/afr.php

1 KB
1 KB

92ms
92ms

Document
text/html

68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/afr.php
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=observatoriodeourofino.com.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 64c41a6752147d6209ab9377bd28d1970be83a0a8d8617dfa4ea8dddf0516194

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=172800 public, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 12:00:53 GMT
expires: Sun, 01 May 2022 12:00:53 GMT
pragma: no-cache
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 12:00:53 GMT
location: https://served-by.pixfuture.com/www/delivery/afr.php
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/ Frame 801F 55 KB
15 KB 14ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=3171307609&adk=3267273293&adf=1916475581&pi=t.ma~as.3171307609&w=300&lmt=1651229169&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233651890&bpp=5&bdt=2366&idt=144&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea%3AT%3D1651233651%3AS%3DALNI_MYM7RRYYRJ3z19V-ARzPwje0yRphg&correlator=6221419617674&frm=20&pv=2&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=bdeuoqw8R1&p=https%3A//observatoriodeourofino.com.br&dtd=165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce54f7339b5809848aba419825988f335f5a83eca7ef3ee4a151b0494530db95

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 15475
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 11:10:57 GMT
expires: Sat, 29 Apr 2023 11:10:57 GMT
last-modified: Fri, 14 May 2021 13:30:04 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 58B5 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjX_6dNNrYraDMdbytwe3vZmwDubg0JZpteOZ5eYNwuaHiq0lEAEg18j1C2CVypmCrAegAZzC8bMByAEJqQIHHZwZ4KuxPqgDAcgDSKoEmwJP0NCTTPA2Qrfvt1t03o2hOnK8-Dxn3oC-q_3Q3sPW3G-4y7ylMJjWYotfk6to0bQZuXV_V2CCWvAWfkpFNEbMjiUR7jF5EofVBhACiWEiI6JsWIEPi4XrsuVPlLLX0hNgyGEanXCCB8mNdwxphzV4nN9CZ-cdkQQXr1Mzh7FvJVBJAsBF6GlNKhgW3rP5OdgYYEBd2Z7oy1FzRSMReQYMEzVMfUa_13UnVnr6H1oOtOTeDl4JPSeQrl8lZgv-UMJP3R34F1HSMCyNybO8IPROKORd64NfRdR4muAHURWFjVgKskLfLJeqWpb1use9sWP3Pm7A_rerVPudAaCchSFJVlfbHBE4jxyXgYNlTAasgE9iMXZdPVPfzp5zwATzzrur0gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzL2OzAKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCX4xbSCAkIgOGAEBABGB-ACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItNjkxNTYwOTU0MTY4MTAyNhgA&sigh=ccwp9v5XunE&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=3171307609&adk=3267273293&adf=1916475581&pi=t.ma~as.3171307609&w=300&lmt=1651229169&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233651890&bpp=5&bdt=2366&idt=144&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea%3AT%3D1651233651%3AS%3DALNI_MYM7RRYYRJ3z19V-ARzPwje0yRphg&correlator=6221419617674&frm=20&pv=2&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=bdeuoqw8R1&p=https%3A//observatoriodeourofino.com.br&dtd=165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 29 Apr 2022 12:00:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 58B5 19 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:57:37 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 58B5 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:45:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58B5 120 KB
36 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 12:00:53 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 58B5 15 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:36:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 58B5 0
0 21ms
21ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTDb8PCFfHOG7Ozkr_2zDL8Q9NOxgyPgHi_clJDlqoYPqf2bHaWrXRJgyj7Hp4xOFDedUHg-9y2dHJ2Bw-a974lk-XEg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=3171307609&adk=3267273293&adf=1916475581&pi=t.ma~as.3171307609&w=300&lmt=1651229169&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233651890&bpp=5&bdt=2366&idt=144&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea%3AT%3D1651233651%3AS%3DALNI_MYM7RRYYRJ3z19V-ARzPwje0yRphg&correlator=6221419617674&frm=20&pv=2&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=bdeuoqw8R1&p=https%3A//observatoriodeourofino.com.br&dtd=165
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/ 145 KB
52 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/reactive_library_fy2019.js?bust=31067267

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18b958e7324ec5fdd6b3410f9b2406945f2c59c8cf8a3927e098f0470b2cde6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52867
x-xss-protection: 0
server: cafe
etag: 10704802671682088729
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:00:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-6915609541681026&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-6915609541681026&warn=12%2C13&w=1600&h=1200&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20220425_103524&sat=1651029588566&afm=0&as_count=1&d_count=1&ng_count=0&am_count=2&atf_count=1&mdns=0.077&alldns=0.203&allp=37&fd=(0%2C18%2C8)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=4443&abl=false&rr=n&su=observatoriodeourofino.com.br&pvc=2903018302951535&r=0.1&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 24ms
23ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 405A 80 KB
36 KB 1302ms
1302ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=3343718287&adf=404394235&pi=t.aa~a.1623855144~rp.4&w=356&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=356x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=3&bdt=3319&idt=-M&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0&nras=2&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1026&ady=2526&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mZuRuokJc9&p=https%3A//observatoriodeourofino.com.br&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ece0030d780eb59e1892dbf0b5667e3a20bf11cb2fb6d6e5a8d53757c20b923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 36481
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 12:00:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC6B 100 KB
35 KB 551ms
550ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=2867021843&adf=588939631&pi=t.aa~a.1175667247~rp.4&w=1164&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=1164x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=1&bdt=3318&idt=1&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0%2C356x280&nras=3&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=3351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iJEABk0Ifd&p=https%3A//observatoriodeourofino.com.br&dtd=143

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da409f16fad14bcbafffba6b65de0c36dc32f742d4080523234ee2541bed3380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 35600
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 12:00:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 801F 16 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 29 Apr 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 801F 26 KB
10 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 29 Apr 2022 16:13:39 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 681E 143 B
163 B 15ms
14ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=3171307609&adk=3267273293&adf=1916475581&pi=t.ma~as.3171307609&w=300&lmt=1651229169&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233651890&bpp=5&bdt=2366&idt=144&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea%3AT%3D1651233651%3AS%3DALNI_MYM7RRYYRJ3z19V-ARzPwje0yRphg&correlator=6221419617674&frm=20&pv=2&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=bdeuoqw8R1&p=https%3A//observatoriodeourofino.com.br&dtd=165
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 11:06:40 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 58B5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 401ff0f99b0f3bf92b662baae4cb303b9e5d5723efe1a226a32195406204519e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 58B5 0
20 B 50ms
49ms Other
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLaNxNqcufcCFVb57Qodt14G5g&gqi=dNNrYuW7MIiptgfgga_gAg&layout=/sadbundle/%24csp%253Der3%24/13150679774491910741/DAH_336x280_Hamburg/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-6915609541681026&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
23ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=observatoriodeourofino.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/ Frame BFA9 10 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 23:36:33 GMT
etag: 3347421328414474149
expires: Thu, 12 May 2022 23:36:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/ Frame A990 10 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 23:36:33 GMT
etag: 3347421328414474149
expires: Thu, 12 May 2022 23:36:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 64ms
64ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042501&jk=2903018302951535&bg=!NzSlNHDNAAZNIUvJbSE7ACkAdvg8WjtBxxHMgsaMKZcA_TIFaNeAHvsopuGayhZ0qd2Tx07ip-FpZwIAAACeUgAAAAJoAQcKAJLOB80oxEqDaZn0gr_AEV9whWhjuJ9cV_HlGBfypUbUuzznz734P2iagfxsex4tQ7ACFsMGdrvvrrm1RPqAOaLse0f9XIRG7LGcJPqRDYoUu50bEUXtwMF6Hz88SurMka_EVrM0rseXV-GJnZucw1x5T0EucNy9RfkDL19IAAHNIXZFarbP6KvQZ6HI2X8OtNRjtJkC6tf4X8o84a0_hBBtZdZEo5X3ewMA3mmfNWyXbnuIzeO95NupDoj2DbNR2KUlZtBWg0vof92-uqyEoqWVv5y5zle3GC_jnkjMRryh4Gsp7LdmVmqVj17ymFeJ2x8VdN2wGgpXct-BGwPMZqxADz-qzAxTxx7WZ6eLis786-7ML0NzkAOMvIVvsw_4af74sYLkQJ7T80OT8BE0qji2mflDG9kV91fvniikPmIeZGlIaPmmoFJgse1ciUkeEKC010n4zPoXLWQhIunVgGFosxVi_lQ0a2KYnSi4LDT5HDKZ6xPArjhRavj_JOJhuX87xlHpJVr-PxdJxpEMpxvQVdmITeTLyWfYnyhL63PHJI34IVsI8EezKPqdUX82slIPxWZUN9-HhV8w0raMq8nWGr7IifG8KyQW8sy5kQKankgrAwa-igcnQl7tQW2Vv2N47BfReyE5OIjRF_i4mVRhIW4-IQ-TnXY26GIFSCvKqDJEoOB0RLyFVNcyNtnBDXPFw61vZAwm8p_u1rNvSUcafg_gHP6Bucztw10gZn9WOW4bV29rCTOBB3PRhEZa0sZYpRW7cCnf3YnK2W9M_tN1efYFphrKwCIV0gv2ZRzJI1dMj4s36TQVd57TconZQDRUuoaLfRpFNHFlntQFg58Nz6yN2fZI3dYgoDjZHBJHcEPtm-d5RhSzT1bHJjcH65_zEeMrHLZqi5-_Wj3hK4GQeO_1voBzyxFcXBygntQUkd_WHCoas0jPssVrYR9c2Gd_-_CuDF_R96-30cgHDYZ3Ew8joThD9BA1m8rFE66R4ETf32klYPq_mDDfgAlOEHv73O2zWp2Ztl4sdCOv9n1nQMZm81z3yHHg_EASqzcUnfZ3_MRUQdz49TN0aMtrVa7siw5X_FQ5ZlWvMLaui4wagihY8xnzBgf9pFJ42PUwBi0tO5mioHoe9caZozueWMKC3-QCo10LlB-oUI4WEm25CXxHYPR8lFJDyS-sarjU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7741 14 KB
10 KB 29ms
29ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220427&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9ac0f3868a0d41bc2727d8c4b8fdfb132095e4433442839f912f0652be887b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10614
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame BFA9 4 KB
634 B 58ms
28ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 11:51:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Apr 2022 12:00:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Apr 2022 12:00:53 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BFA9 205 B
295 B 51ms
15ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 08:25:05 GMT
x-content-type-options: nosniff
age: 12948
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 29 Apr 2023 08:25:05 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BFA9 604 B
1 KB 51ms
14ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 08:07:16 GMT
x-content-type-options: nosniff
age: 14017
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 29 Apr 2023 08:07:16 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame BFA9 19 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:35:01 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8E2D 624 B
297 B 24ms
24ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARibvbzGATAB&v=APEucNWkhj9xIvcWE0FJcBeAwtkebjGs1ZIHj-zBoSbL2LrsVCsF69gLVFjhh2WE4boby2_oKXwU4Or6g8ZajiRcuDOVbw2Dt107c3Y1HYlmrtblYGRNobAP5rpN7NW6_u6ywaw7vRa0PXthBl19uybFsMHdAVsliu2xboLdBS5jBXBS7nxQ6Sk

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 12:00:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7E92 84 KB
34 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1mCMhb-qEX1IRO0MK6bHV9MpAMwPkJeWx9WLcjCvCsBDw8A9iQ3_v_AzpBEPR4BxGOdA5woyKQLS3z5hr8suU7vFDCn34vQ7ZYYjdgqa6AU7rfjFGLuk2--bXl5SFKALP2P_lHl8o2joK0467QKom5crlgw&dbm_d=AKAmf-BPQvTXTLUfcRhM3fXwpyiVV6XsrYZF1bv-Ozc0Lx17cyDTInTeibBW1ba6x022a09ov5Bj6-GkMOPa2VPJUoBmUkWUASIvQ02QTPTQ-8sdjXGDMYLDHDOjNxwwVtNr-_K2dEKMEozYp1XzHSfYp3RQ1cww7cCzxXVwk7KZS6gFZZAtRpiNLxl3tTntY-iKj3ie6Z3FFGOxAq-jxTZKdrbxWb0-fK95yg0sjdHmRw5zQuWTBzDiNXXEq6Q_Oj7j83MCFTTRTx7R8TwpeDHjLIwUfWKeJFf4Sp4-qz4gx7TcgkO2i9n64sZwZtDl202NhE1J6ouKx0YFuSG_cuDTkTknC4hkkYOVu2n0KbETIUBDcF5eaRk4gVRiPc8QAFKsolPyX_mF-bfnzmsXuJuRf8b_eInTKg13TPJRcTKZQ5eHo2neJ_8c2iWVkU6WXW334lgtytotn_EbILcl0cjHAYXc6hqWyRgnU3dJvuuwp0Sh88U3tKM11hsgSWl9tYcd-Mj7GU09kxq-c6gyj5-omBl_NK54IW9j5g3HnSos01xcrI33aM1VXSRiAo33lUJ9gEuzOs_L7HD8xRptUUbq2NUpNwgSdCitOd9X7wz4P1xAT6j-cBWPs6curSaAjaoMsW06wl2IHPDbupq33zWLE-T5GNPrv06or9HmddGAip2_AnzF7ARnhrhQ4CkWy7j3epObH2vqFh2uM-xKfx4c5JpgPM-69Ax4_KdQy5Xr6zJpOhesMOjfYLLPakbh9eTyWFi0iqHeb76jPAFHTABEoPoqCidlSVS7OXXOm4i_Z8aISI8wc_X8oT49hnPJ4TZ4Z9cKTkjWW0yYSmzJS3dCiUOtMBBhVEwkfhO6T5diuGfgZCP3IyJ3m_KB5xqVUYr7B1eblzjHnuuAZesA47igbK0Iy0jhwlLxKaI0O2ujnCK-cEVVgHzeY_ConBCkb2uHLT3BcwNs9OEL7ZuhvXPPbxryJGqg-q54uuzt9BEZPQTYiEfoSIwpIJ3RR21neue4obzu8e-SgFCcoC2rAd3FayXCqVgGQ5MH50_fTJWZgHIYKxRS6YtynnjUgHCJzTbkPGIqRNge__DkmhPJGTp-xAykDNhzOZR86fegAQgzn2eqPm-vBocTSYkhoZQtFIwM7TGTXSIf324Q8a-CCegoGhZEdBR7x3Mgu3ewDtLrVq0FSIedv4ncse5gqW8DOdBn-5uAHBZC6H95gFr4NOPYkaNPay0lf8gpk_lWZLJPPgqWlR4dnDuiG7LFNLwIWlYdMO1lIjz_RHDfma1nrMTdmoQZBgpdSqA-mHOQmLXeF2a9Jm9uq2fSWdrdcJB3C-5WBXIALpNNs_Kf3rGv3lOrWD_7A-_6nZG1a6jOkWwpgXKxX4ZDjI31H7QsOkBVp8msX4B9MAKeFGLdh51kNF2o6bHfpgZhQBsp5CY7Y0aF5hPMQGHtY00RHC7K07CIlOAgL-KUlhhi48yUs68MGA5ZZwdGtDhidPm_IMex7fdTxs0GLqsiuuZAgL8wRQyCUxeftlkUBrWZUDxnusTSYvl400aSpIJ97s1bZqJYr2S1f2E8MIyI36FvTYObSVm-2560kICXDW-t8VgEzFvZ9IyZuvcKZKOLe5sUYE-9HCxb4n5Tud11j0u-ASaNO4fyf9xg9hwo5rOj1TfH1NwK2RVGK64ILSb2xXQtMhzNoB7v291qlNgRUaAXgp5F9F5YI5VO5hcL0OEnbnQB1SIqGxycA0qmjvq12ZqJwj96wtaL4mlhbe6VzjXvQqwQPULxSJzR6DWniI0YD1afMNcKsoaijvtb38boaUwRLbx42lSMeCZogs0qw1gzIMW3gnO80HUvQQuC5FoNYgyKlS3iTWdtkDEq7wByOKHak7zJdQV7uDB3dhs6AIRrtXwWx4-cC1LEi0q6xgnpAbZbl36iZ_gBWS1T4bL9Dq2yy47G4ELFW7yBrSSgTaC9HDVemyXirfB9_igGIl5biuB3TPUh-0i4QDRx167AUfJWZdES7hrI1KEjYoT2now6tvlcSMqaykUMjEQV22cUizowChhqDrO_n2H5D6hhvfO8GFg2K-xI-MobjmAiqZAQ_XPDZEMtzj8uCDwR9vPBKhyu2deoLGM6ZmieYXPXghtqg48xffgVMS-Oxqe5dPur1N37ncAtCCINI8ZfVuxkuyW6-RmMaYl6XqzNd6fIiW4iyEYzpGOnDtY6WQbWCrputWlKQbZQxVlAaaQlpOUyPplr-A3_R6OW-j1l_0bYar4vC_-qcqMwlFG8na0KYcFKxI4zmzEIbwUVBv2VgeT8ed6A0iFIBuPuvkpBAeUjTwL4-IVf1kfItpiyOx5CjHOZb1viiEoLlUWkk8jLbqWIbnzmPbZq-gdOwKsK-m4X1dIfx0ytpGngwp3bJbZbxRM8ZNhEuUAlP5fg-6eNcQFx-aEzfGAqazZgfDuDLcoLQarqag2J3sCvVtjIEqG1WLZ8OgeXApKPZaAy496fdmjmZKJP1B60n0nQlOJK4QUJd5FoEGZ2YD0BM5l3RAJBOMqzMiYmjdDyNMn335hIZyj_-0MLOO9p-_DkFD6GS6z2--1qCKniwM0FjEHfyO8Vq5eZHas3qfT264OBqpD3fpb42P4Q-rOauz82ASFR5hEyqy8RMRXY8MblWKkElaLbtnMTJDtm7dpVn2ZGyCJrjpHmLLE_AlddHorLmJWLEvL8riNDJOTSTHgpGBNWPwLqQXp8wzFfCOg_CWGakDZgRGMPSHRbpD62ZGA9nevNrcwl4hTV5CO5Jf1NXwx7DSg93wEGXKn6XvmWm40t52Ve762cgb1NAU7hwT5FT2Z_nL2TcbfqiNTt4LMardnXGXKYKVs1JNOHjDszZSbnXsbPDM_5XQA4vkTIUmnq5m-MBoopniRrxOHtTH_CkHttMxvvKzuNg9728FIW7om6XHrSTMZyJrVrCbK9n4PCCSiSg3nUe-YBub0VLSa0YmSYSy5tclusvH6CnO6FVlZsaR91ChaEnhsDdBsJVm_SFn16TDxxWsprKRP6HMJMA4AuUgiFcc6SQkUyZiZ22Tzdqz0VB9msj3AaKOR6DKvhHovR7pB9KkHTGcn1w3-xKRsM9RtsYqwSty5churjJ2wuH4UFilxK0mdeAS7TNsDxNT2NabDMab4mq7ukK_6EOA_O4u66SBR3KECQrBq9cxiWGiWnkJoCu-jNCDmGKMtO-Z1MKiMH9Zjn9sdV5v524NUnU3Gx9sDUTXIX3JmCokH5q7dS8_LeVW3yCaaoJ_Pw_13_N7fsSk9J66SjVotG3erfzdf1Jk1L74jrH3VjyW-emeGxpJBafgzqcrsI3ebjetJm1nMs56eQzSOtEP7pJjMMWTmFBXUF8mX4qKbhwjdOVyWf4fNyCL-zVXfAY8JiAW0wJHvFkje9VlReEUygLi_wBYAQpl-_Egi5MRHYcLdYGHY4soWeK0XgVOfk7-dpj7PQ2M6kXhMFx0PZOJKZLJUYJ8b9xFVYBrjRPXAbcG40iMnXcM732F58Mmp8xMCnyGRzK182sbgN9YUb-AajLs8wSWXlXfw&cid=CAASJORoc6LfoLyyq1jnhP-EWJACIIaAhCBE0jBZD21m1nOR8ZHu5w&rfl=2%2Chttps%253A%252F%252Fobservatoriodeourofino.com.br%252F%240

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

624a18a7fac4f2f27169fc4103c568c2aaf283dbb14a30eabf7f1d1a3cdf77f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34548
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 7E92 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:45:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E92 120 KB
36 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 12:00:53 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 7E92 15 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:36:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7E92 0
0 21ms
21ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRl6f-lNjLGBa9c4hEnPNyxRjK4yQb9tiNS1eBiRscVlcwTpkqGg2XDvGLQtB3B6dgEU-cEtqbcJiLf_PMnSculvaYzaw
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E92 42 B
63 B 45ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DOFxyVlFYL8nArSqV-xOvQdEFu7ZKnCDR3TOlxVADx4KTymWYnNDP4QsS7hrg5CaA78aI_AUWydB_XPEcFaHYnKuoMoQVCDrmQEVokNeT-RcOPJ7w

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7741 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 12:00:53 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 681E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

115ms
113ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 12:00:54 GMT
expires: Fri, 29 Apr 2022 12:00:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 12:00:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js Show response
pagead2.googlesyndication.com/bg/ Frame 801F 35 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 10:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 10:04:27 GMT

GET
H3 200 336x280-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/ Frame 801F 3 KB
3 KB 20ms
19ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/336x280-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32bf544863583cfb1afc1228953c4e6021728ba3bbb93dfca42ad3b78b6455a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 242182
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3511
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:04 GMT
server: sffe
date: Tue, 26 Apr 2022 16:44:31 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Apr 2023 16:44:31 GMT

GET
H3 200 336x280-frame-03.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/ Frame 801F 10 KB
10 KB 21ms
19ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/336x280-frame-03.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d78e872eb5dc54d1ff5c3e5b3430dfe51634385f46f9d81c82ae587218370b2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 102004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10150
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:04 GMT
server: sffe
date: Thu, 28 Apr 2022 07:40:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Apr 2023 07:40:49 GMT

GET
H3 200 336x280-frame-02.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/ Frame 801F 10 KB
10 KB 21ms
20ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/336x280-frame-02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7398ce8a14ad03ac3aa53e44824d867c46aa4d9319f2fb014b22b1c4b6a4ff5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 101985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10505
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:04 GMT
server: sffe
date: Thu, 28 Apr 2022 07:41:08 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Apr 2023 07:41:08 GMT

GET
H3 200 336x280-frame-01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/ Frame 801F 4 KB
4 KB 22ms
21ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/336x280-frame-01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

730571ee84654b4c25e919b85df0b124a3ec03a257fc5a1bcdd49436900c82f8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 193712
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3783
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:04 GMT
server: sffe
date: Wed, 27 Apr 2022 06:12:21 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Apr 2023 06:12:21 GMT

GET
H3 200 336x280-bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/ Frame 801F 16 KB
16 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13150679774491910741/DAH_336x280_Hamburg/336x280-bg.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08e83ba5926eb7406a2b058c5b1d8b22072f8fb8a7c5ca816c693f564233efd3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 102004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16462
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:04 GMT
server: sffe
date: Thu, 28 Apr 2022 07:40:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Apr 2023 07:40:49 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8E2D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAhLvw77rkHHihPj7dsgVg&google_cver=1

43 B
1014 B

84ms
52ms

Image
image/gif

92.122.147.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAhLvw77rkHHihPj7dsgVg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARibvbzGATAB&v=APEucNWkhj9xIvcWE0FJcBeAwtkebjGs1ZIHj-zBoSbL2LrsVCsF69gLVFjhh2WE4boby2_oKXwU4Or6g8ZajiRcuDOVbw2Dt107c3Y1HYlmrtblYGRNobAP5rpN7NW6_u6ywaw7vRa0PXthBl19uybFsMHdAVsliu2xboLdBS5jBXBS7nxQ6Sk
Protocol: HTTP/1.1
Server: 92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-230.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 29 Apr 2022 12:00:54 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAhLvw77rkHHihPj7dsgVg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8E2D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmvTdvSfbd1F.N-bFoYLuQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAhLvw77rkHHihPj7dsgVg&google_cver=1&google_hm=2

43 B
894 B

35ms
35ms

Image
image/gif

92.122.147.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAhLvw77rkHHihPj7dsgVg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARibvbzGATAB&v=APEucNWkhj9xIvcWE0FJcBeAwtkebjGs1ZIHj-zBoSbL2LrsVCsF69gLVFjhh2WE4boby2_oKXwU4Or6g8ZajiRcuDOVbw2Dt107c3Y1HYlmrtblYGRNobAP5rpN7NW6_u6ywaw7vRa0PXthBl19uybFsMHdAVsliu2xboLdBS5jBXBS7nxQ6Sk
Protocol: HTTP/1.1
Server: 92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-230.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 29 Apr 2022 12:00:54 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAhLvw77rkHHihPj7dsgVg&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8E2D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ5bKykNX6WUrHD_TAz_jyA&google_cver=1

43 B
1020 B

41ms
14ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJ5bKykNX6WUrHD_TAz_jyA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARibvbzGATAB&v=APEucNWkhj9xIvcWE0FJcBeAwtkebjGs1ZIHj-zBoSbL2LrsVCsF69gLVFjhh2WE4boby2_oKXwU4Or6g8ZajiRcuDOVbw2Dt107c3Y1HYlmrtblYGRNobAP5rpN7NW6_u6ywaw7vRa0PXthBl19uybFsMHdAVsliu2xboLdBS5jBXBS7nxQ6Sk

Protocol

HTTP/1.1

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:54 GMT
X-Proxy-Origin: 178.162.209.137; 178.162.209.137; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6a61e2a2-bbb0-48b2-a02b-9341881c8055
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJ5bKykNX6WUrHD_TAz_jyA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E2D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM3MzkzODQ5NDgwNDMyMTc5OQ%3D%3D

170 B
188 B

57ms
26ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM3MzkzODQ5NDgwNDMyMTc5OQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:54 GMT
X-Proxy-Origin: 178.162.209.137; 178.162.209.137; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 914ebd3e-7034-4db0-8534-e442fb737400
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM3MzkzODQ5NDgwNDMyMTc5OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C35 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 11:57:50 GMT
expires: Sat, 29 Apr 2023 11:57:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F448 783 B
535 B 25ms
24ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0582443a11f06928cfafe5aab7cd2cbbb2d160397a038e14f7fb8c063de7cab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MhgrXEFNAK6uhosXAs4Y9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-MhgrXEFNAK6uhosXAs4Y9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 12:00:54 GMT
expires: Fri, 29 Apr 2022 12:00:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame E4FB
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=43ca8d35-6b57-4129-8729-1ee75fbadf11

0
407 B

256ms
255ms

Document
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=43ca8d35-6b57-4129-8729-1ee75fbadf11
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Date: Fri, 29 Apr 2022 12:00:56 GMT
Etag: f67962389ca321fc
Server: VertaMedia 1.0

Redirect headers

content-length: 0
date: Fri, 29 Apr 2022 12:00:56 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=43ca8d35-6b57-4129-8729-1ee75fbadf11
server: _

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 2600 23 KB
8 KB 45ms
18ms Document
text/html 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C3012%2C2043%2C3010%2C2040%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C3014%2C337%2C338%2C70%2C77%2C38%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0e3acaace5bfdd10b40e45ea6111c8d148bce299e0519ae3e00a1b38d4af9659

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8260
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 12:00:54 GMT
expires: Sun, 01 May 2022 12:00:54 GMT
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 204 d
ic.tynt.com/r/ Frame FE30 0
0 330ms
107ms Document
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date: Fri, 29 Apr 2022 12:00:54 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 06B2 15 KB
6 KB 58ms
8ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=17691
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 12:00:54 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 29 Apr 2022 16:55:45 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame 4794
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

13 B
91 B

19ms
17ms

Document
text/html

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 13
content-type: text/html
date: Fri, 29 Apr 2022 12:00:54 GMT
server: openresty
x-sid: AMS-606

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Fri, 29 Apr 2022 12:00:54 GMT
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-606

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D1E5 2 KB
814 B 64ms
14ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame EBF5 15 KB
6 KB 62ms
16ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=17691
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 12:00:54 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 29 Apr 2022 16:55:45 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 787B 0
91 B 25ms
22ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 29 Apr 2022 12:00:54 GMT
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 4417 2 KB
1 KB 615ms
88ms Document
text/html 23.227.147.138
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=651796
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.147.138 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2e09609efcc649111044cdf2f10f5b2ae370aa855573e80e7f6a4ea647b367ee

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://observatoriodeourofino.com.br
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 950
Content-Type: text/html; charset=UTF-8
Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F11D 52 KB
17 KB 51ms
7ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://observatoriodeourofino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 26069
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 29 Apr 2022 12:00:54 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Apr 2022 05:21:43 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 268482
X-Served-By: cache-lga21935-LGA, cache-fra19182-FRA
X-Timer: S1651233654.138481,VS0,VE0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame CFED
Redirect Chain

https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?gdpr=%7Bgdpr%7D&gdpr_consent=%7Bgdpr_consent%7D&us_privacy=%7Bus_privacy%7D&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D...
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ac61c826-805a-4715-afce-62ea685a396d

0
407 B

649ms
255ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ac61c826-805a-4715-afce-62ea685a396d
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: VertaMedia 1.0
Etag: 69c615bbb9cc2820
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ac61c826-805a-4715-afce-62ea685a396d
date: Fri, 29 Apr 2022 12:00:54 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
vid.vidoomy.com/ Frame CFED 0
0 649ms
18ms Image
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid.vidoomy.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame CFED 0
277 B 17ms
16ms Image
text/plain 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 29 Apr 2022 12:00:54 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET match
a4p.adpartner.pro/ssp/ Frame CFED 0
0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame CFED
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4373938494804321799

0
390 B

800ms
257ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4373938494804321799
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: VertaMedia 1.0
Etag: 69c615bbb9cc2820
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:54 GMT
X-Proxy-Origin: 178.162.209.137; 178.162.209.137; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6e056732-c082-4ed1-b9b3-fab5ede5368a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4373938494804321799
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame CFED 43 B
351 B 56ms
19ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:53 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 25nnhddlnta78q7uddjsa3m4areepktj

POST
H2 204 vtr.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame CFED 0
309 B 94ms
92ms XHR
text/plain 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/vtr.php
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 01 May 2022 12:00:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 42B9 8 KB
892 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 11:59:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Apr 2022 12:00:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Apr 2022 12:00:54 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 42B9 2 KB
910 B 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:56:45 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 42B9 19 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:57:37 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 42B9 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:45:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 42B9 120 KB
36 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 12:00:54 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 42B9 15 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:36:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 42B9 0
0 24ms
23ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTmzjTc_vZGkUL2WfrVbb9N3UPc4vJnwSk0Psc3tEucJBXoBCD9B6Bo6GArCtPLolZCR1qA56PVkQslaEvCfCv1sTN6A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 3c09399fce195357915a25abcce0a496.js Show response
www.gstatic.com/mysidia/ Frame 42B9 30 KB
12 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12188
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 23:28:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Jul 2022 09:17:23 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 7E92 169 KB
59 KB 85ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69588
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Apr 2022 16:41:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame 7E92 8 KB
3 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1mCMhb-qEX1IRO0MK6bHV9MpAMwPkJeWx9WLcjCvCsBDw8A9iQ3_v_AzpBEPR4BxGOdA5woyKQLS3z5hr8suU7vFDCn34vQ7ZYYjdgqa6AU7rfjFGLuk2--bXl5SFKALP2P_lHl8o2joK0467QKom5crlgw&dbm_d=AKAmf-BPQvTXTLUfcRhM3fXwpyiVV6XsrYZF1bv-Ozc0Lx17cyDTInTeibBW1ba6x022a09ov5Bj6-GkMOPa2VPJUoBmUkWUASIvQ02QTPTQ-8sdjXGDMYLDHDOjNxwwVtNr-_K2dEKMEozYp1XzHSfYp3RQ1cww7cCzxXVwk7KZS6gFZZAtRpiNLxl3tTntY-iKj3ie6Z3FFGOxAq-jxTZKdrbxWb0-fK95yg0sjdHmRw5zQuWTBzDiNXXEq6Q_Oj7j83MCFTTRTx7R8TwpeDHjLIwUfWKeJFf4Sp4-qz4gx7TcgkO2i9n64sZwZtDl202NhE1J6ouKx0YFuSG_cuDTkTknC4hkkYOVu2n0KbETIUBDcF5eaRk4gVRiPc8QAFKsolPyX_mF-bfnzmsXuJuRf8b_eInTKg13TPJRcTKZQ5eHo2neJ_8c2iWVkU6WXW334lgtytotn_EbILcl0cjHAYXc6hqWyRgnU3dJvuuwp0Sh88U3tKM11hsgSWl9tYcd-Mj7GU09kxq-c6gyj5-omBl_NK54IW9j5g3HnSos01xcrI33aM1VXSRiAo33lUJ9gEuzOs_L7HD8xRptUUbq2NUpNwgSdCitOd9X7wz4P1xAT6j-cBWPs6curSaAjaoMsW06wl2IHPDbupq33zWLE-T5GNPrv06or9HmddGAip2_AnzF7ARnhrhQ4CkWy7j3epObH2vqFh2uM-xKfx4c5JpgPM-69Ax4_KdQy5Xr6zJpOhesMOjfYLLPakbh9eTyWFi0iqHeb76jPAFHTABEoPoqCidlSVS7OXXOm4i_Z8aISI8wc_X8oT49hnPJ4TZ4Z9cKTkjWW0yYSmzJS3dCiUOtMBBhVEwkfhO6T5diuGfgZCP3IyJ3m_KB5xqVUYr7B1eblzjHnuuAZesA47igbK0Iy0jhwlLxKaI0O2ujnCK-cEVVgHzeY_ConBCkb2uHLT3BcwNs9OEL7ZuhvXPPbxryJGqg-q54uuzt9BEZPQTYiEfoSIwpIJ3RR21neue4obzu8e-SgFCcoC2rAd3FayXCqVgGQ5MH50_fTJWZgHIYKxRS6YtynnjUgHCJzTbkPGIqRNge__DkmhPJGTp-xAykDNhzOZR86fegAQgzn2eqPm-vBocTSYkhoZQtFIwM7TGTXSIf324Q8a-CCegoGhZEdBR7x3Mgu3ewDtLrVq0FSIedv4ncse5gqW8DOdBn-5uAHBZC6H95gFr4NOPYkaNPay0lf8gpk_lWZLJPPgqWlR4dnDuiG7LFNLwIWlYdMO1lIjz_RHDfma1nrMTdmoQZBgpdSqA-mHOQmLXeF2a9Jm9uq2fSWdrdcJB3C-5WBXIALpNNs_Kf3rGv3lOrWD_7A-_6nZG1a6jOkWwpgXKxX4ZDjI31H7QsOkBVp8msX4B9MAKeFGLdh51kNF2o6bHfpgZhQBsp5CY7Y0aF5hPMQGHtY00RHC7K07CIlOAgL-KUlhhi48yUs68MGA5ZZwdGtDhidPm_IMex7fdTxs0GLqsiuuZAgL8wRQyCUxeftlkUBrWZUDxnusTSYvl400aSpIJ97s1bZqJYr2S1f2E8MIyI36FvTYObSVm-2560kICXDW-t8VgEzFvZ9IyZuvcKZKOLe5sUYE-9HCxb4n5Tud11j0u-ASaNO4fyf9xg9hwo5rOj1TfH1NwK2RVGK64ILSb2xXQtMhzNoB7v291qlNgRUaAXgp5F9F5YI5VO5hcL0OEnbnQB1SIqGxycA0qmjvq12ZqJwj96wtaL4mlhbe6VzjXvQqwQPULxSJzR6DWniI0YD1afMNcKsoaijvtb38boaUwRLbx42lSMeCZogs0qw1gzIMW3gnO80HUvQQuC5FoNYgyKlS3iTWdtkDEq7wByOKHak7zJdQV7uDB3dhs6AIRrtXwWx4-cC1LEi0q6xgnpAbZbl36iZ_gBWS1T4bL9Dq2yy47G4ELFW7yBrSSgTaC9HDVemyXirfB9_igGIl5biuB3TPUh-0i4QDRx167AUfJWZdES7hrI1KEjYoT2now6tvlcSMqaykUMjEQV22cUizowChhqDrO_n2H5D6hhvfO8GFg2K-xI-MobjmAiqZAQ_XPDZEMtzj8uCDwR9vPBKhyu2deoLGM6ZmieYXPXghtqg48xffgVMS-Oxqe5dPur1N37ncAtCCINI8ZfVuxkuyW6-RmMaYl6XqzNd6fIiW4iyEYzpGOnDtY6WQbWCrputWlKQbZQxVlAaaQlpOUyPplr-A3_R6OW-j1l_0bYar4vC_-qcqMwlFG8na0KYcFKxI4zmzEIbwUVBv2VgeT8ed6A0iFIBuPuvkpBAeUjTwL4-IVf1kfItpiyOx5CjHOZb1viiEoLlUWkk8jLbqWIbnzmPbZq-gdOwKsK-m4X1dIfx0ytpGngwp3bJbZbxRM8ZNhEuUAlP5fg-6eNcQFx-aEzfGAqazZgfDuDLcoLQarqag2J3sCvVtjIEqG1WLZ8OgeXApKPZaAy496fdmjmZKJP1B60n0nQlOJK4QUJd5FoEGZ2YD0BM5l3RAJBOMqzMiYmjdDyNMn335hIZyj_-0MLOO9p-_DkFD6GS6z2--1qCKniwM0FjEHfyO8Vq5eZHas3qfT264OBqpD3fpb42P4Q-rOauz82ASFR5hEyqy8RMRXY8MblWKkElaLbtnMTJDtm7dpVn2ZGyCJrjpHmLLE_AlddHorLmJWLEvL8riNDJOTSTHgpGBNWPwLqQXp8wzFfCOg_CWGakDZgRGMPSHRbpD62ZGA9nevNrcwl4hTV5CO5Jf1NXwx7DSg93wEGXKn6XvmWm40t52Ve762cgb1NAU7hwT5FT2Z_nL2TcbfqiNTt4LMardnXGXKYKVs1JNOHjDszZSbnXsbPDM_5XQA4vkTIUmnq5m-MBoopniRrxOHtTH_CkHttMxvvKzuNg9728FIW7om6XHrSTMZyJrVrCbK9n4PCCSiSg3nUe-YBub0VLSa0YmSYSy5tclusvH6CnO6FVlZsaR91ChaEnhsDdBsJVm_SFn16TDxxWsprKRP6HMJMA4AuUgiFcc6SQkUyZiZ22Tzdqz0VB9msj3AaKOR6DKvhHovR7pB9KkHTGcn1w3-xKRsM9RtsYqwSty5churjJ2wuH4UFilxK0mdeAS7TNsDxNT2NabDMab4mq7ukK_6EOA_O4u66SBR3KECQrBq9cxiWGiWnkJoCu-jNCDmGKMtO-Z1MKiMH9Zjn9sdV5v524NUnU3Gx9sDUTXIX3JmCokH5q7dS8_LeVW3yCaaoJ_Pw_13_N7fsSk9J66SjVotG3erfzdf1Jk1L74jrH3VjyW-emeGxpJBafgzqcrsI3ebjetJm1nMs56eQzSOtEP7pJjMMWTmFBXUF8mX4qKbhwjdOVyWf4fNyCL-zVXfAY8JiAW0wJHvFkje9VlReEUygLi_wBYAQpl-_Egi5MRHYcLdYGHY4soWeK0XgVOfk7-dpj7PQ2M6kXhMFx0PZOJKZLJUYJ8b9xFVYBrjRPXAbcG40iMnXcM732F58Mmp8xMCnyGRzK182sbgN9YUb-AajLs8wSWXlXfw&cid=CAASJORoc6LfoLyyq1jnhP-EWJACIIaAhCBE0jBZD21m1nOR8ZHu5w&rfl=2%2Chttps%253A%252F%252Fobservatoriodeourofino.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:53:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 7E92 25 KB
10 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9783
x-xss-protection: 0
server: cafe
etag: 9821519945299111448
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:58:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F448 0
0 78ms
78ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220427&jk=2392281034191656&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 06B2 0
39 B 592ms
18ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2196552&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:54 GMT
content-length: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5BC6 143 B
163 B 14ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 11:06:40 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5331 1 KB
749 B 13ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sat, 30 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F11D 0
747 B 15ms
15ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:54 GMT
X-Proxy-Origin: 178.162.209.137; 178.162.209.137; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a2a29abd-0d4d-440f-a19d-05cd45b1ac6e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7E92 41 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 16:41:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3D46 1 KB
749 B 13ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sat, 30 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7E92 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 514ddeccaea5512e4a61152a64b975af4ed5c62b5d3f1906c7cbf05d74acb668

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C35 35 KB
13 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 10:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 10:04:27 GMT

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/7102753987165683712/ Frame 159B 47 KB
11 KB 75ms
24ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7102753987165683712/728x090.html?e=69&leftOffset=0&topOffset=0&c=OcTbnyLD9B&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83304226231cfa98bca3c6138fd6567b9b7dec5cc1b561ba1e379542e25016dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 12:00:54 GMT
expires: Sat, 29 Apr 2023 12:00:54 GMT
last-modified: Mon, 14 Mar 2022 09:05:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7E92 0
622 B 116ms
59ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsso0Jbxdshg6kcIPqrjTzwZ6xmtk51qOTlRTbBDjJg408ckSvEN-NS3f2OwRvB-1eOeprd18YJvlmWmINU_4zwlrKe5pIzA50mzx8ZqR-hccpUH5d_-etBiyEO3zJz8eyHq4ZfgbY79RzA9N4gDg-ORkzb0D9eJF7d-sszQyXj7zP-blyKyoFeV1mXRrrZJwv0HuEzk9NvmdWAoHYGlky7YQ8lMEcSd1jgFKyjpgxML3TUsSEz6rAnmO2MU2j3Ht1O05tAwL0Q6_nw8b2IYC9ORs7wOORQPgY9BoUxBppFhBzLvtosuQXOlMKw3ty1rAgQLNuy6IRLc0L5Tj4jHYX_ajXOU1VLyRSPIN_n86QNbrDOuCknQFC5kbDYzbFnIZ51vC1QY2hirQFcUcUS3DmsSteG7CJO6J9ESZYAYHdpMWJuu3IXQchpe1dmOKzyuqOX6jrSslfGHtAWla3ibKtm05rJMUcbQZ7--vnwxiASgzrOmvrNZEeHDsXCcpPgIVebGaYX3iTAbOxbk4wVaPxmm444s4kebvZf06n1lIDLFL3AJH3oXfZI87h9TZ-f1ngmRI_TqnjdncdhAaEV6fB7m77mFbFYRmGEfLoaH_FuG08OWVHCyV5gmvHEyAHIPbnjSyXxZbE01h2tRmaCZYXC2CC9BOVkgOO5Jzc53Kg7Dik4999Hur7cVnGwu_l6MTMrWmYise7qbnmN50KNyEPjjX0WsWmTzJJROqv8oFdgRqzYVkTtovH-ZymVE3tWwizbI2FJIgV7Wg-My4W_oIs7NzvmH9GnEe2GnKdfVmECAcilZItLeZBoeeYcVwSai0eMsh9EZcFxQYGFhQEv1zH33m3cnG5Vz-SQdu6ipF2gzmS8wtSjLV0xzh3UKAxjJBymL92bDAYaEzDZGZSckCdtp5Tg-IbsutaVritaDuB15ziQxrBSxfHGmuPigO4GpoV9P6DkI9cCKcUDXUS9oGorX0uY0A0LhtE6crZuaFPMD2oBlKmLITK--notXBplInqkPK3ic-BZpVfjD1VXFm0DPWd4usVbNyBnoo51mg_VWDDlbJfIsq_qRgpiF29O6OxlXwrqmMYfKnBWhrno78_dubO-vJ-OH5igVgspDBIhcL5LzwADx8KhDeYNtFvJ0uuL2jh6EAuTa_pXjAAGmsjGEugRLsqfBNMgw58b3oMpMjh_ZFACvul3hMobTPhuYWsLJ1JmVWw5DinP94MplQMFQ1yvOpMNf9acJLteK5C6LPylRYmihZ3ReGKBenPM1Bt-sVX1LwfKx7CIldVioWaZ3fw0nNOf_XeksXmvtoxEI3hmm4g0D34c1pOh_ShLvRgSoslhrCA&sai=AMfl-YQOgKLpeGkRjy5Rv9p-oV5wDisoOW5NPcQRQv76DoU-BF2eEFD7qPw1CFA13HW2rwATMx7_eEB3mOJDblw3_oOMVBb7hMIRGoX5AWakTtgcfRLNgArdO_Mqn5j2MMjM3u3z3YCaCsoHK2p6TR-rZ84OfCuqw6g0vJXSp43_ZsNPx5G56tGAh_e7dUcZxIH8zVbky2objAv8CljOF_cXwg&sig=Cg0ArKJSzM6UpSfHco4-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=239&cbvp=1&cstd=232&cisv=r20220427.92826&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 29 Apr 2022 12:00:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css
fonts.googleapis.com/ Frame CC6B 8 KB
892 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=2867021843&adf=588939631&pi=t.aa~a.1175667247~rp.4&w=1164&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=1164x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=1&bdt=3318&idt=1&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0%2C356x280&nras=3&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=3351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iJEABk0Ifd&p=https%3A//observatoriodeourofino.com.br&dtd=143

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 11:53:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Apr 2022 12:00:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Apr 2022 12:00:54 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame CC6B 2 KB
910 B 13ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:56:45 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame CC6B 19 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:57:37 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame CC6B 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:45:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC6B 120 KB
36 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 12:00:54 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame CC6B 15 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:36:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CC6B 0
0 23ms
23ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSa0kZsXd1GYTnq2eP8vVrqw3uzaTpdzmrCA7TkiLCWO42XeApqZ-2RJ_-y9mR6RuRpv2xiUSN6mjIr-wrVyaRjAU1H5g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=2867021843&adf=588939631&pi=t.aa~a.1175667247~rp.4&w=1164&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=1164x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=1&bdt=3318&idt=1&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0%2C356x280&nras=3&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=3351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iJEABk0Ifd&p=https%3A//observatoriodeourofino.com.br&dtd=143
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 3c09399fce195357915a25abcce0a496.js Show response
www.gstatic.com/mysidia/ Frame CC6B 30 KB
12 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12188
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 23:28:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Jul 2022 09:17:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CC6B 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COuBlddNrYu_YLNm1twepo7GIDseQ8uxppKLf1L0Pt8uivcABEAEg18j1C2CVypmCrAegAf_9jLYDyAEJqQJK8ywF5buxPqgDAcgDy4SAAqoEmAJP0AgrOru0E6XJl8Y1rbA5yglfWsf4EgxjZ-k8cF3Mqftz_r5sLgLj9y6E5EtsiiVC8_FN67shmyUfAm1HT14w7HxYqwmBeo38jKiDX3C64RZgcxtS91L5iueU6srTMxlc71SDxG0HvgQZBlUIAVetQSGg19wLCX_GX9wrekfdWEPG5xIB27casFSVh6VEwadK3b5E-vZYLDh7JWBZBcyOAprJCw0xo_DO4dDfyyx-zgT6mXcbf6vHNtFikMAZ1Rbfihq-zmbmDieXkdnyEb_WiZ8geE2ynvOruMAB4z50aKODbUuP_FEwSABGwIOJmPmyNKK9WDufrJHWvuZQF2UNPOsr0dqqt2kKExWXy2MopY0zgQc4gh__wATn64CxxQKSBQQIBBgBkgUECAUYBKAGLoAH6YHzSagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENnDDtIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNjkxNTYwOTU0MTY4MTAyNhgA&sigh=iqa8Q5Fbkhk&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=2867021843&adf=588939631&pi=t.aa~a.1175667247~rp.4&w=1164&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=1164x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=1&bdt=3318&idt=1&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0%2C356x280&nras=3&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=3351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iJEABk0Ifd&p=https%3A//observatoriodeourofino.com.br&dtd=143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 29 Apr 2022 12:00:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 09E7 22 KB
8 KB 14ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 06:04:30 GMT
expires: Fri, 28 Apr 2023 06:04:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5331 35 B
463 B 36ms
9ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELBlEhDFycbt9wXjd5kQu5w&google_cver=1&google_push=AYg5qPKzFPAenBnGD82MT9nRi1EQePfZ3RhdQXK-zhQ_Vkid5Mp8KvFOwk8Xr0vGzCpv_8J8-MA3ghApHHWVm5sPjkJuGhsjXRA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5331
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJK34SLPuXuSENIIo1kfLy18OJiOiQ3k7TbpaNiVNpoW40OS4k_Qgf9J1z83Z-MJlmrHJfu73jqXD5o1Twmgncndwo3VRgq&google_gid=CAESENp9DM8Uhr9ZDaQTntVHFqc&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPamr5MGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKSzM0U0xQdVh1U0VOSUlvMWtmTHkxOE9KaU9pUTNrN1RicGFOaVZOcG9XNDBPUzRrX1FnZjlKMXo4M1otTUpsbXJISmZ1NzNqcVhENW8xVH...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcnp1eWlXX2IzNW9xWHVUT1NGcDc3YzhtX2wwZE0xU196RXhiaVJzZEsyaw==&google_push

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcnp1eWlXX2IzNW9xWHVUT1NGcDc3YzhtX2wwZE0xU196RXhiaVJzZEsyaw==&google_push

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 29 Apr 2022 12:00:54 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcnp1eWlXX2IzNW9xWHVUT1NGcDc3YzhtX2wwZE0xU196RXhiaVJzZEsyaw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5331
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLQYT5_...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLQYT5_...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjkxMjAwNTQwMDAxNjQ3ODYxMTI0MA%3D%3D&google_push=AYg5qPLQYT5_sKmBEW8bSrYUGmwY4ZYVNBdaLcWzsMYjLW_wX6_NGn_2oM7tlhwPJUW98l...

170 B
188 B

27ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjkxMjAwNTQwMDAxNjQ3ODYxMTI0MA%3D%3D&google_push=AYg5qPLQYT5_sKmBEW8bSrYUGmwY4ZYVNBdaLcWzsMYjLW_wX6_NGn_2oM7tlhwPJUW98lr1PQxKnV-yTUxPQ6aLBZuPfJ-3N7F2

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjkxMjAwNTQwMDAxNjQ3ODYxMTI0MA%3D%3D&google_push=AYg5qPLQYT5_sKmBEW8bSrYUGmwY4ZYVNBdaLcWzsMYjLW_wX6_NGn_2oM7tlhwPJUW98lr1PQxKnV-yTUxPQ6aLBZuPfJ-3N7F2
pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 29 Apr 2022 12:00:54 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 5331 43 B
64 B 38ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECe3TAA2260bLVsw5sVqLPo&google_cver=1&google_push=AYg5qPKs_2QJECgPYISHlmv3OpPYwj5-qPyXMSJBnrcO7_xpFYCKPn8MctjFoCB1WXIKES7mcuz8F6XQwqY3sIb5NngYqoPlsptp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 83cfp26idpuv8iom1s5sp3r09475eepa

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5331
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5bJQ-PCS2mpwV5jKnvQ3w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5bJQ-PCS2mpwV5jKnvQ3w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIxM6rGmcu3H1WCIPkj2-QoGOno4Ek7IfSBcsYddDQIyMaH4ac5ldQKZAmBrlbe_YCCarvE0UMsbEYVJMBBM3xk2kT3TCnD

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5bJQ-PCS2mpwV5jKnvQ3w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIxM6rGmcu3H1WCIPkj2-QoGOno4Ek7IfSBcsYddDQIyMaH4ac5ldQKZAmBrlbe_YCCarvE0UMsbEYVJMBBM3xk2kT3TCnD
date: Fri, 29 Apr 2022 12:00:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5331
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFVglMi7hmWKDssNIBiE6dQ&google_cver=1&google_push=AYg5qPJcrqilaN0N3SUQBSWyWgZ5rb8XmoMTV4JZGgfcOFbVHQQYVkOgNVLZtUc0kKlEhBcIc_9...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVMFAtRy05Q1Y3&google_push=AYg5qPJcrqilaN0N3SUQBSWyWgZ5rb8XmoMTV4JZGgfcOFbVHQQYVkOgNVLZtUc0kKlEhBcIc_9k5x3Z-DAX0QVeOV1vUM5j6qKJ

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVMFAtRy05Q1Y3&google_push=AYg5qPJcrqilaN0N3SUQBSWyWgZ5rb8XmoMTV4JZGgfcOFbVHQQYVkOgNVLZtUc0kKlEhBcIc_9k5x3Z-DAX0QVeOV1vUM5j6qKJ

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVMFAtRy05Q1Y3&google_push=AYg5qPJcrqilaN0N3SUQBSWyWgZ5rb8XmoMTV4JZGgfcOFbVHQQYVkOgNVLZtUc0kKlEhBcIc_9k5x3Z-DAX0QVeOV1vUM5j6qKJ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5331
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_push=AYg5qPJca8Av2h1RpYwmd9fxDB1YskPuG-ppH...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_push=AYg5qPJca8Av2h1RpYwmd9fxDB1YskPuG-ppH1T1Cs-EDcwm93BbSIfiFHzeQfzsh7OvkbuhmkwmFdpvA3ihsiCF6rSJK4gyQro6

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_push=AYg5qPJca8Av2h1RpYwmd9fxDB1YskPuG-ppH1T1Cs-EDcwm93BbSIfiFHzeQfzsh7OvkbuhmkwmFdpvA3ihsiCF6rSJK4gyQro6
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Fri, 29 Apr 2022 12:00:54 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5331 0
12 B 24ms
22ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JH9xDd8MdQp3qkezUg618TR1qQ6g8wHX7-xce4OB6OPo25NPTcDcw9q18FHmeKsZrClFgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3D46 35 B
462 B 16ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELBlEhDFycbt9wXjd5kQu5w&google_cver=1&google_push=AYg5qPJkJ36u612mdf3CT8Tg6hQUlifXJd9s-aV9Sf2qICHhhw63Ef8Jq1OUW4apxm6NhAeDraS7UzBOIADQ96kdwmUAGuUSgJUF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D46
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIsGDgQ3C3p-eZshrobEm-rEYg3mlWsxYInxra...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW12VGRnQUFCTmVPekFQNw&google_push=AYg5qPIsGDgQ3C3p-eZshrobEm-rEYg3mlWsxYInxra494wQ8xUXU3oYwswGJu2FB4U4vcZLENfWf4h2UbPD8DDRIFD2ukweMmTd

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW12VGRnQUFCTmVPekFQNw&google_push=AYg5qPIsGDgQ3C3p-eZshrobEm-rEYg3mlWsxYInxra494wQ8xUXU3oYwswGJu2FB4U4vcZLENfWf4h2UbPD8DDRIFD2ukweMmTd

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW12VGRnQUFCTmVPekFQNw&google_push=AYg5qPIsGDgQ3C3p-eZshrobEm-rEYg3mlWsxYInxra494wQ8xUXU3oYwswGJu2FB4U4vcZLENfWf4h2UbPD8DDRIFD2ukweMmTd
Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 3D46 43 B
356 B 53ms
19ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEC417wJcQditya1bkv5oMgM&google_push=AYg5qPLKggu4p-rXO5j7TqSKpLew_mLcHxqydX_DM6ifXsas8zEvO506RDdX1LRl5pM1c9L7Wi4d-jYYg8OfXW5pcMkj-Ot_JOvb&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 3D46 43 B
64 B 23ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECe3TAA2260bLVsw5sVqLPo&google_cver=1&google_push=AYg5qPKQWLbOE_akY5PfXX04kVuHLI58UZIyug7P-ch58y13uGOjr8g2pNhYguWkO-a_UdQjyiRMpTW0M8CpDNCUmyyOto7hEIG5
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:53 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: kc2u039vsp3ch4rcsh83fn8kphupg9vl

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D46
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dj4TYnf0RP6rHRktW3vB4Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dj4TYnf0RP6rHRktW3vB4Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLtrzwukZRVLx0TlojV41nCBmppUTv8ARSlCQwPAmemo_yLOoGuQYvbHz03iFTPGNvHIMDSOVDh8m7dqSvqNDlY7TO-YO5g

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dj4TYnf0RP6rHRktW3vB4Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLtrzwukZRVLx0TlojV41nCBmppUTv8ARSlCQwPAmemo_yLOoGuQYvbHz03iFTPGNvHIMDSOVDh8m7dqSvqNDlY7TO-YO5g
date: Fri, 29 Apr 2022 12:00:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D46
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFVglMi7hmWKDssNIBiE6dQ&google_cver=1&google_push=AYg5qPI_Oj_o0ufrwSN3GCtXnJl4pEWOWNB8sacfKb1_J0PdHq-olZfQjAjdyxUM3JizSHLUFE1...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVMFctUi1ENU5I&google_push=AYg5qPI_Oj_o0ufrwSN3GCtXnJl4pEWOWNB8sacfKb1_J0PdHq-olZfQjAjdyxUM3JizSHLUFE10fo4MrRq1R8hgcwy_kWQ8mVm7

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVMFctUi1ENU5I&google_push=AYg5qPI_Oj_o0ufrwSN3GCtXnJl4pEWOWNB8sacfKb1_J0PdHq-olZfQjAjdyxUM3JizSHLUFE10fo4MrRq1R8hgcwy_kWQ8mVm7

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVMFctUi1ENU5I&google_push=AYg5qPI_Oj_o0ufrwSN3GCtXnJl4pEWOWNB8sacfKb1_J0PdHq-olZfQjAjdyxUM3JizSHLUFE10fo4MrRq1R8hgcwy_kWQ8mVm7
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D46
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_push=AYg5qPJSQs3qj-WihkD943irJYnL8mOA1mnv16BDfm-pnV_CB_DjD71dB70L8Vr8PVWpzy82_OgWeOKzjqsRHUghTM...

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_push=AYg5qPJSQs3qj-WihkD943irJYnL8mOA1mnv16BDfm-pnV_CB_DjD71dB70L8Vr8PVWpzy82_OgWeOKzjqsRHUghTMdLpWNXX9M&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_push=AYg5qPJSQs3qj-WihkD943irJYnL8mOA1mnv16BDfm-pnV_CB_DjD71dB70L8Vr8PVWpzy82_OgWeOKzjqsRHUghTMdLpWNXX9M&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Fri, 29 Apr 2022 12:00:54 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3D46 0
12 B 24ms
22ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J9AafW4e9lNaTDV_HkPqVZyFlLMuP7rqO3G4c0y0g2Zn_JET-QhKn4o9LUDsgSdJIb7fT_

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5BC6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

43ms
42ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 12:00:54 GMT
expires: Fri, 29 Apr 2022 12:00:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 12:00:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D52 35 KB
13 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 10:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 10:04:27 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 46AA 1 KB
749 B 13ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sat, 30 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 159B 118 KB
40 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7102753987165683712/728x090.html?e=69&leftOffset=0&topOffset=0&c=OcTbnyLD9B&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7102753987165683712/728x090.html?e=69&leftOffset=0&topOffset=0&c=OcTbnyLD9B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Apr 2022 18:54:49 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 159B 60 KB
24 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7102753987165683712/728x090.html?e=69&leftOffset=0&topOffset=0&c=OcTbnyLD9B&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7102753987165683712/728x090.html?e=69&leftOffset=0&topOffset=0&c=OcTbnyLD9B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Apr 2022 12:00:54 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8544166116536757590/ Frame CC6B 12 KB
12 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8544166116536757590/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb24a97e2830827fd302c6e71e43a9f50ae8725304a44537a0a474df0817ad0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 14:51:49 GMT
x-content-type-options: nosniff
age: 76145
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12522
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 15:23:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Apr 2023 14:51:49 GMT

GET
DATA 200
OK truncated
/ Frame CC6B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CC6B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CC6B 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31c1ad0c288342844e3b8849205ac1750183ecb4d36f567df0e4f480da5196ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame CC6B 28 KB
28 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 222434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:13:40 GMT

GET
H3 200 nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js Show response
pagead2.googlesyndication.com/bg/ Frame 09E7 35 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 10:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 10:04:27 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 46AA
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELBlEhDFycbt9wXjd5kQu5w&google_cver=1&google_push=AYg5qPL3d9j17SubLJ0k9713Dj4yU7zoUP-EUpEtjXP0AM89N7c_ilx4vz...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPL3d9j17SubLJ0k9713Dj4yU7zoUP-EUpEtjXP0AM89N7c_ilx4vzwnr5WvaPnn8YjWnt_V0Bzs7ae_GTCnWR0tVcM7a-8&google_hm=NZT49hUcZfbeg...

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPL3d9j17SubLJ0k9713Dj4yU7zoUP-EUpEtjXP0AM89N7c_ilx4vzwnr5WvaPnn8YjWnt_V0Bzs7ae_GTCnWR0tVcM7a-8&google_hm=NZT49hUcZfbegZcjD2eVrw

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPL3d9j17SubLJ0k9713Dj4yU7zoUP-EUpEtjXP0AM89N7c_ilx4vzwnr5WvaPnn8YjWnt_V0Bzs7ae_GTCnWR0tVcM7a-8&google_hm=NZT49hUcZfbegZcjD2eVrw
pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 466606.gif
id.rlcdn.com/ Frame 46AA 42 B
60 B 22ms
20ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIj-aG3-tjGpz-iRl0I66UvLizSeGyXZlPscdXq2sj0dw3N3KGlBcHMBtFFi35jf68vedrlLuwTfiAw-bhahUa99lyfTgM&google_gid=CAESENp9DM8Uhr9ZDaQTntVHFqc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=2867021843&adf=588939631&pi=t.aa~a.1175667247~rp.4&w=1164&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=1164x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=1&bdt=3318&idt=1&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0%2C356x280&nras=3&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=3351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iJEABk0Ifd&p=https%3A//observatoriodeourofino.com.br&dtd=143
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:54 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame 46AA 43 B
61 B 37ms
20ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEC417wJcQditya1bkv5oMgM&google_push=AYg5qPLHzPiRvH4zW9r2_9td-9wjYca7_egWXgwz77FdK8voe580BqJhGdfHwgk609G_fksED1VvrT_O-QaZvHyV2encmc4MgFg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=2867021843&adf=588939631&pi=t.aa~a.1175667247~rp.4&w=1164&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=1164x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=1&bdt=3318&idt=1&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0%2C356x280&nras=3&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=3351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iJEABk0Ifd&p=https%3A//observatoriodeourofino.com.br&dtd=143
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 46AA 43 B
64 B 24ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECe3TAA2260bLVsw5sVqLPo&google_cver=1&google_push=AYg5qPIDtDsI2-VYwdZf-n48iK7MoHnP_11H6_N9Aemm8oxFDWrQqfK6bTYQEs4-dtUkmn9EiAkpD8O-jZ29vzeRxzcSLTcbzPg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=2867021843&adf=588939631&pi=t.aa~a.1175667247~rp.4&w=1164&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=1164x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=1&bdt=3318&idt=1&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0%2C356x280&nras=3&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=3351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iJEABk0Ifd&p=https%3A//observatoriodeourofino.com.br&dtd=143
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 6eqvt1rjbh1rdeqqf7c4k8s2favfnheq

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 46AA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Daq7_84TUW_2y2OvTcuZQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Daq7_84TUW_2y2OvTcuZQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK0h3iMnNJDs5AlfmcttUwhiO9kQwy3Bm1IhHcx5XHqfb2aCqWAtr_Y1mrQ3ijOeSuOjyL71FrEJAdHPYpaAKLBPtpZ8as

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Daq7_84TUW_2y2OvTcuZQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK0h3iMnNJDs5AlfmcttUwhiO9kQwy3Bm1IhHcx5XHqfb2aCqWAtr_Y1mrQ3ijOeSuOjyL71FrEJAdHPYpaAKLBPtpZ8as
date: Fri, 29 Apr 2022 12:00:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 46AA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFVglMi7hmWKDssNIBiE6dQ&google_cver=1&google_push=AYg5qPIzM_NloP1wdFwnW7NBwlmCsV-7W08BoGfJRzaR5mo-mZSc5p7KPOvWYOOBsJeuv-kgZ7X...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVNk0tQS01SFVF&google_push=AYg5qPIzM_NloP1wdFwnW7NBwlmCsV-7W08BoGfJRzaR5mo-mZSc5p7KPOvWYOOBsJeuv-kgZ7XhQwKEzr-2ZdOUjHC_0eCzmA

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVNk0tQS01SFVF&google_push=AYg5qPIzM_NloP1wdFwnW7NBwlmCsV-7W08BoGfJRzaR5mo-mZSc5p7KPOvWYOOBsJeuv-kgZ7XhQwKEzr-2ZdOUjHC_0eCzmA

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVNk0tQS01SFVF&google_push=AYg5qPIzM_NloP1wdFwnW7NBwlmCsV-7W08BoGfJRzaR5mo-mZSc5p7KPOvWYOOBsJeuv-kgZ7XhQwKEzr-2ZdOUjHC_0eCzmA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 46AA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_push=AYg5qPJSIyZ-s-BwVO2WBVuOKI7OAUfyYdIwBXfvcJ8zG6AwucpcU1gW4JB2b2jj73JIx9_ePF5OcXQPfZajL9SVtH...

170 B
188 B

27ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_push=AYg5qPJSIyZ-s-BwVO2WBVuOKI7OAUfyYdIwBXfvcJ8zG6AwucpcU1gW4JB2b2jj73JIx9_ePF5OcXQPfZajL9SVtHMYORDgd14&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_push=AYg5qPJSIyZ-s-BwVO2WBVuOKI7OAUfyYdIwBXfvcJ8zG6AwucpcU1gW4JB2b2jj73JIx9_ePF5OcXQPfZajL9SVtHMYORDgd14&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Fri, 29 Apr 2022 12:00:54 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 46AA 0
12 B 24ms
23ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LaXOofIbQDw_m9Eplk4wzHTD-VaFUftZMCsDB3rYeVscf-swIRCfrYz06t2q7DxZz9Epzr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js Show response
pagead2.googlesyndication.com/bg/ Frame FDDC 35 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 10:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 10:04:27 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7E92 0
26 B 80ms
51ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsso0Jbxdshg6kcIPqrjTzwZ6xmtk51qOTlRTbBDjJg408ckSvEN-NS3f2OwRvB-1eOeprd18YJvlmWmINU_4zwlrKe5pIzA50mzx8ZqR-hccpUH5d_-etBiyEO3zJz8eyHq4ZfgbY79RzA9N4gDg-ORkzb0D9eJF7d-sszQyXj7zP-blyKyoFeV1mXRrrZJwv0HuEzk9NvmdWAoHYGlky7YQ8lMEcSd1jgFKyjpgxML3TUsSEz6rAnmO2MU2j3Ht1O05tAwL0Q6_nw8b2IYC9ORs7wOORQPgY9BoUxBppFhBzLvtosuQXOlMKw3ty1rAgQLNuy6IRLc0L5Tj4jHYX_ajXOU1VLyRSPIN_n86QNbrDOuCknQFC5kbDYzbFnIZ51vC1QY2hirQFcUcUS3DmsSteG7CJO6J9ESZYAYHdpMWJuu3IXQchpe1dmOKzyuqOX6jrSslfGHtAWla3ibKtm05rJMUcbQZ7--vnwxiASgzrOmvrNZEeHDsXCcpPgIVebGaYX3iTAbOxbk4wVaPxmm444s4kebvZf06n1lIDLFL3AJH3oXfZI87h9TZ-f1ngmRI_TqnjdncdhAaEV6fB7m77mFbFYRmGEfLoaH_FuG08OWVHCyV5gmvHEyAHIPbnjSyXxZbE01h2tRmaCZYXC2CC9BOVkgOO5Jzc53Kg7Dik4999Hur7cVnGwu_l6MTMrWmYise7qbnmN50KNyEPjjX0WsWmTzJJROqv8oFdgRqzYVkTtovH-ZymVE3tWwizbI2FJIgV7Wg-My4W_oIs7NzvmH9GnEe2GnKdfVmECAcilZItLeZBoeeYcVwSai0eMsh9EZcFxQYGFhQEv1zH33m3cnG5Vz-SQdu6ipF2gzmS8wtSjLV0xzh3UKAxjJBymL92bDAYaEzDZGZSckCdtp5Tg-IbsutaVritaDuB15ziQxrBSxfHGmuPigO4GpoV9P6DkI9cCKcUDXUS9oGorX0uY0A0LhtE6crZuaFPMD2oBlKmLITK--notXBplInqkPK3ic-BZpVfjD1VXFm0DPWd4usVbNyBnoo51mg_VWDDlbJfIsq_qRgpiF29O6OxlXwrqmMYfKnBWhrno78_dubO-vJ-OH5igVgspDBIhcL5LzwADx8KhDeYNtFvJ0uuL2jh6EAuTa_pXjAAGmsjGEugRLsqfBNMgw58b3oMpMjh_ZFACvul3hMobTPhuYWsLJ1JmVWw5DinP94MplQMFQ1yvOpMNf9acJLteK5C6LPylRYmihZ3ReGKBenPM1Bt-sVX1LwfKx7CIldVioWaZ3fw0nNOf_XeksXmvtoxEI3hmm4g0D34c1pOh_ShLvRgSoslhrCA&sai=AMfl-YQOgKLpeGkRjy5Rv9p-oV5wDisoOW5NPcQRQv76DoU-BF2eEFD7qPw1CFA13HW2rwATMx7_eEB3mOJDblw3_oOMVBb7hMIRGoX5AWakTtgcfRLNgArdO_Mqn5j2MMjM3u3z3YCaCsoHK2p6TR-rZ84OfCuqw6g0vJXSp43_ZsNPx5G56tGAh_e7dUcZxIH8zVbky2objAv8CljOF_cXwg&sig=Cg0ArKJSzM6UpSfHco4-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=576&vt=11&dtpt=337&dett=3&cstd=232&cisv=r20220427.92826&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 159B 7 KB
6 KB 29ms
27ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a152eaf2cb23721e3d3324928a9b86abfc5401cc6f93ab56a77d9fbe7851298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5633
x-xss-protection: 0

GET
H3 200 60005582_20220404052534882_STANDARD_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 159B 88 KB
88 KB 18ms
16ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220404052534882_STANDARD_728x090_LOOK-01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ca9f9c180a091841e5a391819f9cd2234088316ad8d7d3f491e83fd0aae2e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7102753987165683712/728x090.html?e=69&leftOffset=0&topOffset=0&c=OcTbnyLD9B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 13:20:47 GMT
x-content-type-options: nosniff
age: 81607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89904
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:25:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Apr 2022 13:20:47 GMT

GET
H3 200 60005582_20220404052539004_STANDARD_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 159B 76 KB
76 KB 21ms
20ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220404052539004_STANDARD_728x090_LOOK-02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e329f3069403b043c8f4e220bfe110c2d919682475c5fe0a5d6742583b1a67a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7102753987165683712/728x090.html?e=69&leftOffset=0&topOffset=0&c=OcTbnyLD9B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 13:20:47 GMT
x-content-type-options: nosniff
age: 81607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77533
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:25:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Apr 2022 13:20:47 GMT

GET
H3 200 60005582_20220404052542907_STANDARD_728x090_LOOK-03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 159B 72 KB
72 KB 20ms
19ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220404052542907_STANDARD_728x090_LOOK-03.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb8be3975f41d8b8a3aeea46d12e7b088c9ca4c1c2f7aef9c8ef7447fb4af0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7102753987165683712/728x090.html?e=69&leftOffset=0&topOffset=0&c=OcTbnyLD9B&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 13:20:47 GMT
x-content-type-options: nosniff
age: 81607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73985
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:25:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Apr 2022 13:20:47 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 555C 15 KB
6 KB 10ms
9ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=17691
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 12:00:54 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 29 Apr 2022 16:55:45 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 88B1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
https://eus.rubiconproject.com/usync.html?p=17184-d

281 B
554 B

39ms
13ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 29 Apr 2022 12:00:54 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 29 Apr 2022 12:00:54 GMT
location: https://eus.rubiconproject.com/usync.html?p=17184-d
server: AkamaiGHost

GET
H/1.1

200
OK

csync Show response
sync.spotim.market/ Frame AF58
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID
https://sync.spotim.market/csync?t=a&ep=323548&extuid=4373938494804321799

0
386 B

651ms
256ms

Document
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.spotim.market/csync?t=a&ep=323548&extuid=4373938494804321799
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Date: Fri, 29 Apr 2022 12:00:55 GMT
Etag: cb5962389c9321fc
Server: VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid: f9780c6f-baa4-4f85-a168-2ad42f2a2ec2
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 29 Apr 2022 12:00:54 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://sync.spotim.market/csync?t=a&ep=323548&extuid=4373938494804321799
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 178.162.209.137; 178.162.209.137; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 4417
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YmvTdvSfbd1F.N-bFoYLuQAA%261143

0
400 B

257ms
255ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YmvTdvSfbd1F.N-bFoYLuQAA%261143
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: VertaMedia 1.0
Etag: f67962389ca321fc
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YmvTdvSfbd1F.N-bFoYLuQAA%261143
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Fri, 29 Apr 2022 12:00:54 GMT

GET
H/1.1

200
OK

csync
sync.spotim.market/ Frame 4417
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D&ox_sc=1
https://sync.spotim.market/csync?t=a&ep=482928&extuid=

43 B
321 B

405ms
34ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.spotim.market/csync?t=a&ep=482928&extuid=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: VertaMedia 1.0
Etag: cb5962389c9321fc
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.spotim.market/csync?t=a&ep=482928&extuid=
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: mact82f7n74itaa5saliltj6nirn7476

GET
H/1.1

200
OK

csync
sync.spotim.market/ Frame 4417
Redirect Chain

https://b1h-apac1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D__ZUID__%20
https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0

43 B
321 B

77ms
47ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: VertaMedia 1.0
Etag: cb5962389c9321fc
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:55 GMT
Content-Type: text/html; charset=utf-8
Location: https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 96
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame 4417 43 B
323 B 37ms
35ms Image
image/gif 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?redir=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 12:00:54 GMT
Server: VertaMedia 1.0
Etag: f67962389ca321fc
Content-Length: 43
Content-Type: image/gif

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6C35 0
10 B 15ms
13ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IYSqAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 159B 17 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 12:00:54 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 88B1 32 KB
10 KB 7ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9373556c315280b756fbe5e357153b8b34d73c3da1a92367a1018561912d4a3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 12:00:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=78390
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9542
Expires: Sat, 30 Apr 2022 09:47:24 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5C5D 640 B
316 B 26ms
25ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6y0QEQpvfjARiu7LbIATAB&v=APEucNXSb23FsAhJBlSJ5Q0DjtmRKYhnBH9iZDf6ekUm1hLh6_2NqMbL8WOfTwT7-7_RvIIypmPxSmnZchhoW0WA7YB6T9F5IQUUD0F1r1iTA_Z46HwnoO3xTpoEx9xaQnAfA64BoBDUShG0WNbFrgwmhyIxMDMSRuzOliHL54yk0Fk8jmKxKvE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=3343718287&adf=404394235&pi=t.aa~a.1623855144~rp.4&w=356&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=356x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=3&bdt=3319&idt=-M&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0&nras=2&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1026&ady=2526&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mZuRuokJc9&p=https%3A//observatoriodeourofino.com.br&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=3343718287&adf=404394235&pi=t.aa~a.1623855144~rp.4&w=356&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=356x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=3&bdt=3319&idt=-M&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0&nras=2&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1026&ady=2526&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mZuRuokJc9&p=https%3A//observatoriodeourofino.com.br&dtd=26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 12:00:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame E1C4 19 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:51:19 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame E1C4 6 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:29:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:29:41 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E1C4 0
27 B 57ms
57ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGWuyiLU8JBufFdi5OfZYyqJc9E3mU8nL6wNJWkLhoEcdkwx8dAEdMNO4aAab-UeNkvzTFLNKUoY5C0evouTilgudOyD1lG1Fn2d2AlmwhgnhmJY6Dmwxnsl3z38ESN4nxP49Bf4YWrJQKtgJRsT3IohL_oPzytE_FWAy4AdjDGqhb3PN8iuiyWBdl0cOlLVLc9CMPPtATEwxQ-uHIzzcPF2S7ie3ps4W4M85ItKAD7jlEjW53K2nA-4cAshSqC_o7_fU7nCMDSwUNHY6yy38Q2VBptZvpB3HJHEqd4RwdKzbpPIprbAhBApiBQWN8p9RJCvQJaiZgSzBrGxt7FyIrBa4mOengpGS0CclFTcsyom2xhmFXDLsrJa8Hr_zta_UIUhyM0D4AxdjF88A_05lHHQj_hwedBf-47vRiVlNbVYQGZJUAWg70SlA0ELgVDy11Y6vBplPyooD-8xdALl7WY1pwzz2359D8FFInjhTSsbwI4oVOEPZs7GyHNYczxzuJL_VseMQhoP7rHH9HmA9OofK2NJ9r1DTjs47BIMXMD1nzhHAzNhOB51fAFbPSFUlIEcu4gfXdpIqj7z67pPhfxl2VD7bZX6nY6-dhpt3CurzBk4fpvmYGXq77Af6z4pnZEmvybwLOGTBompxbQmPEFPI-xO4TtoDFVgvnstvpLqrOPvYfIwJ-7z7MxUj8Ch1WsAX8N-qzWRLxMGVuJPoUYZcXLpNfMAADvjUlPO9aOAnyS2lRzh-MLEFURlUnoOvsAQUZ-dV_4c2BzFgLRiTfVAdXxpaFEvn3-31Hbl-pxC2VXm5RgHHLUDNMDs7qopOOtO1xKo1kS0eRPBBDR2Sb2GeZwzMptFs0DggGTZmy5etUS-qK_G02525cXcSGXsd2ymynMP-gHQd7Z9DGATpEoCO5soeDJ6fkfDjbKB-uRG6EVuxMSrS524MvEXpAOUlnZfDsaHyBtxWRQcGpMfAYraa6Kqk77UiJZ2N_3VLsPnuyCwDC3v95umgQ81ZOuyY2l-6oEFGxsvYijWZi1GntwyCHUdSccuraVmqNoKijkehBPcRtadX3-ECvL7n3UFam1IWfTNMxIeHQhrTTsL1FGzxv0WjMQeU8L9JfsfNm498QjPzm6s4ZC2nQ0sncyZjVIutvg7Wm4-iuK89dItFEojA6Z-OfQksshdhleEsYsWka2f0F12umjIm1kLdceAFNtpb3q14QNKImwgfuO1sVlLBqTAML2O-vuslG_4Z6CV39Bn9PLhxl3cy-M4SabXxJKnw1NMAnlpnn9BNO2eZkkW6VolwiceomtpucSeO6NCmm32cKC156U0mjkioH7fq4hiHuaUZHMAchtFKYClGvlFBbZzFz8ysJpvxnnFX6Ruhm25ZT1Tpwgx6J2-XQ_Q4&sai=AMfl-YTVPyE1amzm3TswrKGEBlIrIJAjojx3BtDJRyOaljkdnfAWFly8d_vFJd2soCfi5UmWaJK58jzyXb4KJz-a4QVO6t7eQ-GzFnXVZX_Q1ux9UfcHz4gdXKp5qKo5ghYjJZ21Nr3jPAxeSXbNCkQpcEX-pIwdegjgU5VYICb_CwXerbdpS1wBJclCBcTc-6P83FE_3d-GAQaR25NPSV2u8lSUE8j6_q7rb6r79uXSdVU0tpV9uf53axmeJ-sCuOm-dQgt3m0LR2AnR3GVO3fy9jIz9Gi-ZqEhVQ3_7DU&sig=Cg0ArKJSzACOt54qeKwZEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220427.87657&adurl=

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 29 Apr 2022 12:00:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E1C4 41 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 16:41:06 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame E1C4 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:45:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E1C4 120 KB
36 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 12:00:55 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame E1C4 15 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 11:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 11:36:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E1C4 0
0 21ms
20ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT62xUG67VCfoDYER_wI1XFelDhY-qTFRh2bs2kFD--iMqEsniluo6lFKg8oMzPbxDPXi-77laGG9S9vp6fuAy-4zQxBw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=3343718287&adf=404394235&pi=t.aa~a.1623855144~rp.4&w=356&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=356x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=3&bdt=3319&idt=-M&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0&nras=2&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1026&ady=2526&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mZuRuokJc9&p=https%3A//observatoriodeourofino.com.br&dtd=26
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1C4 42 B
63 B 46ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CEdZczVqccSB0QIr6-ywrEvtuO5XHct1ZNu6cqJ4i5wDgH4Bnh3nwlDNWqxo88wX8zL9sKP9-eDTmzdOIt8scvEfYjNPHHHh0LXWEsdK8_sPXc_XQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14074010907875534322
s0.2mdn.net/simgad/ Frame E1C4 46 KB
47 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14074010907875534322

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce63d441f0e6b62cea503dc700818fa6742980611f3fd4cdb39e2b1b60b96fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 18:19:14 GMT
x-content-type-options: nosniff
age: 322900
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47589
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 13:02:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Apr 2023 18:19:14 GMT

GET
H3 200 nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js Show response
pagead2.googlesyndication.com/bg/ Frame 378C 35 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 10:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 10:04:27 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 88B1 284 B
536 B 39ms
10ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

POST
H2 204 tracking.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame CFED 0
309 B 94ms
93ms XHR
text/plain 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://observatoriodeourofino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 01 May 2022 12:00:55 GMT

GET
H2 200 728x90.png
cdn.pixfuture.com/banners/ Frame 31A0 25 KB
26 KB 29ms
29ms Image
image/png 2606:4700:20::681a:b9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/banners/728x90.png
Requested by: Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59068deda373c6a739af2691cf79f8085aa80bc17e6e1169754b7b825e0e6c85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://observatoriodeourofino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5405
content-length: 25711
last-modified: Wed, 03 Feb 2021 20:44:44 GMT
server: cloudflare
etag: "601b0b3c-646f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAyAEfBQxDn%2BHdKY6edRxYA04ws%2B3fTbKbXhHreQBM8nePioStj8cfH7OyJIu3q08qWjF1%2B46gsBSjZF8nPY6MqzbY451Rs3pDSQxz3V7e2efOc5jV1o5xe0cxUUvqejZhzasA7%2BQH%2FwME3j%2BDA0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400, no-transform
accept-ranges: bytes
cf-ray: 7037e14818018fe8-FRA
expires: Sat, 30 Apr 2022 15:19:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C938 1 KB
752 B 13ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sat, 30 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E1C4 0
26 B 51ms
50ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: observatoriodeourofino.com.br
URL: https://observatoriodeourofino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Apr 2022 12:00:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 5C5D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMH2L10LXBMGrNmt42Kvja8&google_cver=1

43 B
61 B

46ms
28ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMH2L10LXBMGrNmt42Kvja8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6y0QEQpvfjARiu7LbIATAB&v=APEucNXSb23FsAhJBlSJ5Q0DjtmRKYhnBH9iZDf6ekUm1hLh6_2NqMbL8WOfTwT7-7_RvIIypmPxSmnZchhoW0WA7YB6T9F5IQUUD0F1r1iTA_Z46HwnoO3xTpoEx9xaQnAfA64BoBDUShG0WNbFrgwmhyIxMDMSRuzOliHL54yk0Fk8jmKxKvE
Protocol: H3
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/18.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
via: 1.1 google
server: OXGW/18.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMH2L10LXBMGrNmt42Kvja8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 5C5D 43 B
131 B 26ms
20ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6y0QEQpvfjARiu7LbIATAB&v=APEucNXSb23FsAhJBlSJ5Q0DjtmRKYhnBH9iZDf6ekUm1hLh6_2NqMbL8WOfTwT7-7_RvIIypmPxSmnZchhoW0WA7YB6T9F5IQUUD0F1r1iTA_Z46HwnoO3xTpoEx9xaQnAfA64BoBDUShG0WNbFrgwmhyIxMDMSRuzOliHL54yk0Fk8jmKxKvE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 5C5D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEINAJAGGVjMcNOlF6fq7dBY&google_cver=1

23 B
172 B

33ms
33ms

Image
image/gif

104.89.28.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEINAJAGGVjMcNOlF6fq7dBY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6y0QEQpvfjARiu7LbIATAB&v=APEucNXSb23FsAhJBlSJ5Q0DjtmRKYhnBH9iZDf6ekUm1hLh6_2NqMbL8WOfTwT7-7_RvIIypmPxSmnZchhoW0WA7YB6T9F5IQUUD0F1r1iTA_Z46HwnoO3xTpoEx9xaQnAfA64BoBDUShG0WNbFrgwmhyIxMDMSRuzOliHL54yk0Fk8jmKxKvE
Protocol: H2
Server: 104.89.28.165 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 29 Apr 2022 12:00:55 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEINAJAGGVjMcNOlF6fq7dBY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 5C5D 23 B
172 B 81ms
37ms Image
image/gif 104.89.28.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6y0QEQpvfjARiu7LbIATAB&v=APEucNXSb23FsAhJBlSJ5Q0DjtmRKYhnBH9iZDf6ekUm1hLh6_2NqMbL8WOfTwT7-7_RvIIypmPxSmnZchhoW0WA7YB6T9F5IQUUD0F1r1iTA_Z46HwnoO3xTpoEx9xaQnAfA64BoBDUShG0WNbFrgwmhyIxMDMSRuzOliHL54yk0Fk8jmKxKvE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 29 Apr 2022 12:00:55 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 88B1 0
239 B 10ms
10ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame E1C4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a75fde242f549663f9fd9d1c023be57a7b80df6aa35961b680cf2d6974fcaffd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E25D 22 KB
8 KB 18ms
17ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 06:04:30 GMT
expires: Fri, 28 Apr 2023 06:04:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C938
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELBlEhDFycbt9wXjd5kQu5w&google_cver=1&google_push=AYg5qPIe01B-xMBzbq6c06if0M8hLcDcrS1wD39VATtHmU9PQYiWRYOazM...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIe01B-xMBzbq6c06if0M8hLcDcrS1wD39VATtHmU9PQYiWRYOazMKQi0DQ74XdJ93BXNiQ87pU6dO426ltVSDxVGvd860&google_hm=NZT49hUcZfbeg...

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIe01B-xMBzbq6c06if0M8hLcDcrS1wD39VATtHmU9PQYiWRYOazMKQi0DQ74XdJ93BXNiQ87pU6dO426ltVSDxVGvd860&google_hm=NZT49hUcZfbegZcjD2eVrw

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIe01B-xMBzbq6c06if0M8hLcDcrS1wD39VATtHmU9PQYiWRYOazMKQi0DQ74XdJ93BXNiQ87pU6dO426ltVSDxVGvd860&google_hm=NZT49hUcZfbegZcjD2eVrw
pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C938
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLf3zTLKnm-0A0zrBmxp7UB7dv4jZkeCiDJCe6...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW12VGR3QUFBUTVtRFY3YQ&google_push=AYg5qPLf3zTLKnm-0A0zrBmxp7UB7dv4jZkeCiDJCe6nvAppHw4-J2fndH9j4FJqJYf_VEUHuPVNFyTimzmcrGz4JQ4K94KVqa8

170 B
188 B

40ms
39ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW12VGR3QUFBUTVtRFY3YQ&google_push=AYg5qPLf3zTLKnm-0A0zrBmxp7UB7dv4jZkeCiDJCe6nvAppHw4-J2fndH9j4FJqJYf_VEUHuPVNFyTimzmcrGz4JQ4K94KVqa8

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW12VGR3QUFBUTVtRFY3YQ&google_push=AYg5qPLf3zTLKnm-0A0zrBmxp7UB7dv4jZkeCiDJCe6nvAppHw4-J2fndH9j4FJqJYf_VEUHuPVNFyTimzmcrGz4JQ4K94KVqa8
Date: Fri, 29 Apr 2022 12:00:55 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame C938 43 B
61 B 20ms
19ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEC417wJcQditya1bkv5oMgM&google_push=AYg5qPLUOqZz2wVdbwp56ZkxaRFZjA6vT_VLu6JsWifufh2xi9jkqssjiMxGLXLm6bN5HGTfsh41qcaA0BmQ-BgtRkBf8pv46CsI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=3343718287&adf=404394235&pi=t.aa~a.1623855144~rp.4&w=356&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=356x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=3&bdt=3319&idt=-M&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0&nras=2&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1026&ady=2526&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mZuRuokJc9&p=https%3A//observatoriodeourofino.com.br&dtd=26
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame C938 43 B
64 B 21ms
19ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECe3TAA2260bLVsw5sVqLPo&google_cver=1&google_push=AYg5qPKPl6fStOsP8s5-OPFvxd1B1Vlc8P9VqzNekv_3NdNG5sPsEZZbkXgPLflpmayZKIJpeN-tysWFaalCHw0e1lbtdhvks5uL
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=280&adk=3343718287&adf=404394235&pi=t.aa~a.1623855144~rp.4&w=356&fwrn=4&fwrnh=100&lmt=1651229169&rafmt=1&to=qs&pwprc=9182423520&psa=0&format=356x280&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233652843&bpp=3&bdt=3319&idt=-M&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea-22031f4585cd00f6%3AT%3D1651233651%3ART%3D1651233652%3AS%3DALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg&prev_fmts=300x250%2C0x0&nras=2&correlator=6221419617674&frm=20&pv=1&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1026&ady=2526&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mZuRuokJc9&p=https%3A//observatoriodeourofino.com.br&dtd=26
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:54 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: sk0jb7uu0mcerjaubjerpj3luc8vplk6

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C938
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5bJQ-PCS2mpwV5jKnvQ3w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5bJQ-PCS2mpwV5jKnvQ3w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ6PBgmcE2P0me0N2Y5xOuRIBjg6gVFppgpnXHFAhaiwY5Uh0bf8NONyUx8qE2JIUm5Q6hBAsMc9DygrQADHrJbmXbmyxgy

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5bJQ-PCS2mpwV5jKnvQ3w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ6PBgmcE2P0me0N2Y5xOuRIBjg6gVFppgpnXHFAhaiwY5Uh0bf8NONyUx8qE2JIUm5Q6hBAsMc9DygrQADHrJbmXbmyxgy
date: Fri, 29 Apr 2022 12:00:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C938
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFVglMi7hmWKDssNIBiE6dQ&google_cver=1&google_push=AYg5qPID_6iq0Gd1cLz3TWToGgQNV0UBMnQt3IyEpLvOFLYVRCPY11Clp_iYga8rqXYjbgAC_u_...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVTEEtOS1CVjFG&google_push=AYg5qPID_6iq0Gd1cLz3TWToGgQNV0UBMnQt3IyEpLvOFLYVRCPY11Clp_iYga8rqXYjbgAC_u_kC9Z4EJZtAYrvZibtm5wFOn01

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVTEEtOS1CVjFG&google_push=AYg5qPID_6iq0Gd1cLz3TWToGgQNV0UBMnQt3IyEpLvOFLYVRCPY11Clp_iYga8rqXYjbgAC_u_kC9Z4EJZtAYrvZibtm5wFOn01

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJLRFZVTEEtOS1CVjFG&google_push=AYg5qPID_6iq0Gd1cLz3TWToGgQNV0UBMnQt3IyEpLvOFLYVRCPY11Clp_iYga8rqXYjbgAC_u_kC9Z4EJZtAYrvZibtm5wFOn01
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C938
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_push=AYg5qPLRmpIwHRTT-x3HBf4xfmLpxuv6ihCMC...

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_push=AYg5qPLRmpIwHRTT-x3HBf4xfmLpxuv6ihCMCxuMh8cUfCzGsWIr-Si2dzCGCaFDyg03uFkiOw_L3DhL4sGkeYsYfEfyKeYOd_E

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmvTdvSfbd1F-N_bFoYLuQAABHcAAAIB&google_cver=1&google_gid=CAESEL13XxLG4ivfsXF8wRwxBfA&google_push=AYg5qPLRmpIwHRTT-x3HBf4xfmLpxuv6ihCMCxuMh8cUfCzGsWIr-Si2dzCGCaFDyg03uFkiOw_L3DhL4sGkeYsYfEfyKeYOd_E
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Fri, 29 Apr 2022 12:00:55 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C938 0
12 B 23ms
22ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ihk7nCmr4BylU0869htBUYqJvkM8Q03XWMXFBmKE1fV-iw0lktekGd_C7LYFgAIPcVZAZn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js Show response
pagead2.googlesyndication.com/bg/ Frame E25D 35 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 10:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 10:04:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 09E7 0
22 B 51ms
49ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BROWxddNrYrLKO-XR7_UPydy94AMAAAAAOAHgBAI&bg=!JSalJmLNAAZNIUvJbSE7ACkAdvg8WlmUU8qak3rh2k_P7vPljlHnudNlr_2qhDD9BUuAa_quMzetfAIAAAHSUgAAAANoAQeZAzTAblBZs9hX-vl0jZ04OuTlQg6cPTDVf_DFvVYC9JmUk4PajDcPPZtRE1xp72iS2pzptoLaHhO8ZVYU_0fTE7pQP6ibRvXG0D20SI098o4YYCmfNKL2FAixS7AN1JXEz1Cjz45HXvaJBRm_ALoRqnWzm6yAwFUyrshrY1sXfQ3Z6tEkgFelyKXh6pxl0bHEtbSJmaIJn7xrzw-SHydOZlEuLo7DLQjHq_xlDNoIIUCpmSQ0mTmuyVTOvvLIh1SHLVjwAbS3BdWIi8ZxEceLqRvlYun-J5baPEP0dii3WZGdR9wMOF9dbYq8oL_VVLhtxt9b6By7OhASUstjhVZH-lhYsJPULjrIvT2uFuo-CSd7kcAuBJlRpiKULEbjKQCBINSe7kxb4n7kr_5g9nWcyi0Rpts6T_XMCK7_2GgPUanpVsZ7nlMjtInvoczPTVMMfmali7tSpjgWR7LUZEqOhmLmhRCwNrGPkb23SY_R_GTha1ICe9o9643AgHYkCfXxGptsA5jbZ-f3SPUfD4Ju4w7WdEHLUWhQyjVsoN9nMJeI_HxQ-30lVaLBwKQCmBHlmQcGLJqkugBNJQ9rx-hDzCBcO3zHoPwIeGK68cFcWGpM8FIg0TsB3W407hJtJ_4JJLU_OF3jz7KL2WxjHBrTSbOdHKzdSP1bqZtUn8ai-ek7w5B85sy8XjjrObo3HBJQiT2s3fkL4N8mmLrf3Qaw3-m_uR6BnhcBM9tbPdKLr9OdtxjZbLg4wNVJMh534XGDdQmVAfXVeGvV1WfJslS7CGFrv4bBEfr4eX5gwZ59CX7zAM5px5w7E29c680sq3kMH5GEwFpBgR27wGZkbVklVgo2HCjimL-6_QgHZnNeEjtnG55XGyGrAqY6pR_q-5rGQddt3JymcvYhAqbWiorBSFek0JZU1sF7WmP6JAjNMECfgVR2f8K-qTXmhstDkF_1k8WkZFEasjZJhzwlZgMak0UmAdVhPm1BnZB6n2tyY-sZTzy0EFTicw_YD4jAHCWNPLH4o6wHy674ouMfAUVdOXzuni284F_hA1UOsDN4KrO2bILh5tjHV546L9vGS_p2fpD096MH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F11D 0
747 B 24ms
24ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Apr 2022 12:00:55 GMT
X-Proxy-Origin: 178.162.209.137; 178.162.209.137; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 14ea1cb5-4886-40d6-bff3-9935caf7ebf0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E25D 0
22 B 51ms
50ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjMSDddNrYsyWKpS6iAOBk5PQBQAAAAA4AeAEAg&bg=!bG-lbyvNAAZNIUvJbSE7ACkAdvg8Wjt9_-ewy9xLaeA55xj8TD0shKeOxEQo1pv0zBKalyEONTWKegIAAACjUgAAAARoAQeZAzdMczzPmQEC0cxZhXo7ca1cMiN9yUaDdrMXxnLQoi2pkWRwWe5TQkcYsKCzjsjxZXr56X4FalAJ0PZu7hhXSDNA4ZetUeszOk1afizuxgsKE1rjR6kd7rqPf6DKY1plRzh57Jzf9HJosDcXZq36KE9_pzixSJXNUmOsDI3tQhi6Rq3ciNHp1MPoZfthz7fC20G1cUsMqm5yV-i0BCdSlUYrdC6XXagXF5IM0rA7Mr5pAjmNXE68kSD4KLuQaM-u8ji_4QwPQyvHDEQQeSICr3kNhfGlGpQwlY5GuUNEjttG1IU4UeuDGufMVCha9B1KQ8UgDlAR2n3YUWSP9LVAiN82l8J6FCByF6J5fEhryf_gzu5Jcsl74iyD5brbxJvUiOEAMVBDT71pyHQNF_OIfvX4gwgk2ZPQ4LlXS_gWUBbesiYBpDR7afH2KQwcAiOzVuOddV68qaEIaejvWEUAuW-cEArjbcvTR7ewG3qqVf8q0To0qfhnFqEkGvXJ3Dbkn2FTokHfzzmSQp7djsFvatewBoJ-mw_fmGTHdKXMpynP0FjY4J0GNBjkeE71TtVmAUGAhyicZzmvw8qH_iaKiWIk-3icwPScO48Ez_sGHmAAqAg-4tyhtY29KN46SwGFgHJUjKcThBVoP66lZXcmGDDKuenOppf_vu2VLVki01vD6_b23JgFE7MC4DRoGYQR4GLzbtzq4pqkmaVs0wkc1iN_An7_S-lu7fSysLkj3603m_6xnNk9rXGNThzlw9sJ_yM_SmgeXZTgSvlRkTpmz74IRNdyeIMJwFlv8C8gruImD5gKYzb2HQvR7UbyWkHsY9R4NBwntugZg21bQM5qBrIePJuuflfcLTj1JDxaJ-1c07wDk6kPJThF4U5TKam75pBiTgRP0ONaPx1BdOt55fBwAbnnvzHDxCxooQkCFeF3fgv_pk0eSZQ8QEYykm1v1NY_UMkinfrYtjWLbP-1Dymokpo_MsGL1RYFxOtr-_9t9_FSmeKxINQoUaaU4kZ5cU9Ay5_xbjxAs6KPc1dLIp3Rj_MK-iL9uNWU1otQ3Nae_iZSfVNaLN2LTRtfm6lUEzAzc1dQVn15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E92 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstr0rTOOq68LRoPCAezvi1E5W1FrxTWQOJOjYguTmZVeu5boUSjJIi-Cy5eZ4F4263yEIm6BjzPTwJFUU4pkaMoqsPnzjNiGzYZvqkEhSiwIhMff17X69jLZbqu&sai=AMfl-YRXNrvrydfKPEOQWDQ3viePrcwjAJG3prb_MClHVENCdV3JXzF4mofhVO1dQ4mR8pTMo31eG3ASXFTV33t4dgIalkIXXXXbFEz7t_y_GGqbRVlyxMOFUyHJ67Q&sig=Cg0ArKJSzMBLe0JEDCmQEAE&cid=CAASJORoc6LfoLyyq1jnhP-EWJACIIaAhCBE0jBZD21m1nOR8ZHu5w&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=637,1000,1000,1000,1000&tos=637,363,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651233653226&rpt=458&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame EBF5 5 KB
6 KB 18ms
18ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92759052&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 8b4d8be776353e344fc2b6dfb9a4a8571f1abda4613fb13e8aa659339a9a238a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:57 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame B5C2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF

35 B
467 B

23ms
23ms

Document
image/gif

37.157.4.25

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Fri, 29 Apr 2022 12:00:57 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Fri, 29 Apr 2022 12:00:57 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET

Pug
simage2.pubmatic.com/AdServer/ Frame E75E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:05aa626b-d379-4d00-95d5-8a2187bff6e5&gdpr=0&gdpr_consent=

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 629F
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=358051964782846796

0
0

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 990C 43 B
363 B 58ms
16ms Document
image/gif 178.250.2.151

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 12:00:56 GMT
expires: Fri, 29 Apr 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 455893
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 1D5A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7091994554878982299

0
0

GET b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 2530 0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 4150
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=90OEW--uROR8Wylt7ZhbvrKi0Yk

0
0

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 841D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
421 B

179ms
169ms

Document
image/gif

2606:4700:4400::6812:230b

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:230b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7037e1586b3d9b1b-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Fri, 29 Apr 2022 12:00:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7037e156bfff9b1b-FRA
content-type: text/html
date: Fri, 29 Apr 2022 12:00:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 765

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 0806 43 B
408 B 316ms
15ms Document
image/gif 63.251.232.165

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.165 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 29 Apr 2022 12:00:57 GMT
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Pragma: no-cache
X-RealServer-NX: ams-delivery-9
server: Cowboy

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 2462
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETlZFN0UxNmNBQUNRazloRnRpUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

32ms
32ms

Document
image/gif

54.154.135.58

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.135.58 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 43
Date: Fri, 29 Apr 2022 12:00:57 GMT
Server: nginx
cache-control: no-cache, must-revalidate
content-type: image/gif
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
strict-transport-security: max-age=2592000; includeSubDomains

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 12:00:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 301C
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
0

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame C675 0
0 398ms
95ms Document
text/plain 5.161.47.120

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.161.47.120 -, , ASN (),

Reverse DNS

Software

nginx/1.21.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Fri, 29 Apr 2022 12:00:57 GMT
Server: nginx/1.21.4
Strict-Transport-Security: max-age=15768000

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 8EBE 43 B
280 B 347ms
31ms Document
image/gif 195.5.165.20

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Fri, 29 Apr 2022 12:00:57 GMT
Vary: Accept-Encoding
X-adserver-worker: leviathan-c4a7da277051@version_1.419
X-core-time: 0ms
X-server-arch: v2

GET

Pug
image2.pubmatic.com/AdServer/ Frame D12A
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fimage2...
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fimage2...
https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=1a8b775a3930bfcf0846716bf18b2c74&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQ...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaQWUSXMYgUaQaRVb

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 4970
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1651233657419
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT

0
0

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 53A2
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8ee07d84-5649-4ca2-b0e7-7c8cb55d7a2d-tuct96558f9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

33ms
15ms

Document
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8ee07d84-5649-4ca2-b0e7-7c8cb55d7a2d-tuct96558f9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 0
date: Fri, 29 Apr 2022 12:00:57 GMT
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19127-FRA
x-timer: S1651233657.410414,VS0,VE8

Redirect headers

accept-ranges: bytes
content-length: 0
date: Fri, 29 Apr 2022 12:00:57 GMT
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8ee07d84-5649-4ca2-b0e7-7c8cb55d7a2d-tuct96558f9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19127-FRA
x-timer: S1651233657.374896,VS0,VE9
x-vcl-time-ms: 9

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EBF5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o5bJQ-PCS2mpwV5jKnvQ3w%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

11ms
11ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:57 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=17688
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Fri, 29 Apr 2022 16:55:45 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

SPug
image4.pubmatic.com/AdServer/ Frame EBF5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2a9f626b-d37a-4700-8783-068509d2294d

0
0

GET

/
pixel.onaudience.com/ Frame EBF5
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0d4682f3a60d0951/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=0d4682f3a60d0951/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1
https://pixel.onaudience.com/?partner=68&icm&cver&mapped=258823313433792432&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=a12e34e9-f8e9-4b6b-88d2-72877d7afea1&icm

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame EBF5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTM5NkM5NDMtRTNDMi00QjY5LUE5QzEtNUU2MzJBN0JEMERG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame EBF5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJZ6RKt9eR_ehVZIKq1we8M&google_cver=1

0
0

GET
H2 200 pubmatic
um.simpli.fi/ Frame EBF5 43 B
610 B 65ms
13ms Image
image/gif 169.50.137.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 28 Apr 2022 12:00:57 GMT

GET

Pug
simage2.pubmatic.com/AdServer/ Frame EBF5
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=258823313433792432

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame EBF5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a12e34e9-f8e9-4b6b-88d2-72877d7afea1

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame EBF5
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4373938494804321799&gdpr=0&gdpr_consent=

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame EBF5
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LcBG03_BR4c2xBHUKcJdgiyTFII2wRSDfsB4M5se

0
0

GET
H2 200 A396C943-E3C2-4B69-A9C1-5E632A7BD0DF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame EBF5 43 B
987 B 326ms
33ms Image
image/gif 2a05:d018:d29:3605:ff18:9e8e:6010:4f26

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/A396C943-E3C2-4B69-A9C1-5E632A7BD0DF?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:ff18:9e8e:6010:4f26 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 12:00:57 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET

SPug
image4.pubmatic.com/AdServer/ Frame EBF5
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sVsRyGZE2uVUQwpXfyrpbdgYqKvYuCs-~A&gdpr=0&gdpr_consent=

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame EBF5
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=43d1253e-5953-43dc-98e9-43df3043c99f
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=43d1253e-5953-43dc-98e9-43df3043c99f
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=634cc45b-b735-4879-b7ec-685e4a556630&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=43d1253e-5953-43dc-98e9-43df3043c99f&gdpr=&gdpr_consent=&gdpr_pd=

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame EBF5
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dc8cce11-d53b-46be-9da3-3dba77d480ba&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

0
0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame EBF5 0
104 B 250ms
25ms Image
text/plain 2a02:fa8:8806:20::2040

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A396C943-E3C2-4B69-A9C1-5E632A7BD0DF&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:57 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame EBF5
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3926002561379523907&gdpr=0&gdpr_consent=&us_privacy=

0
0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame EBF5 0
191 B 84ms
23ms Image
text/plain 66.155.71.149

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 -, , ASN (),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Apr 2022 12:00:57 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET

getuid
secure.adnxs.com/ Frame EBF5
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694

Domain: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:05aa626b-d379-4d00-95d5-8a2187bff6e5&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=358051964782846796

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7091994554878982299

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=90OEW--uROR8Wylt7ZhbvrKi0Yk

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaQWUSXMYgUaQaRVb

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT

Domain: image4.pubmatic.com
URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2a9f626b-d37a-4700-8783-068509d2294d

Domain: pixel.onaudience.com
URL: https://pixel.onaudience.com/?partner=147&mapped=a12e34e9-f8e9-4b6b-88d2-72877d7afea1&icm

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJZ6RKt9eR_ehVZIKq1we8M&google_cver=1

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=258823313433792432

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a12e34e9-f8e9-4b6b-88d2-72877d7afea1

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4373938494804321799&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LcBG03_BR4c2xBHUKcJdgiyTFII2wRSDfsB4M5se

Domain: image4.pubmatic.com
URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sVsRyGZE2uVUQwpXfyrpbdgYqKvYuCs-~A&gdpr=0&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=43d1253e-5953-43dc-98e9-43df3043c99f&gdpr=&gdpr_consent=&gdpr_pd=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dc8cce11-d53b-46be-9da3-3dba77d480ba&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3926002561379523907&gdpr=0&gdpr_consent=&us_privacy=

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Verdicts & Comments Add Verdict or Comment

250 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.observatoriodeourofino.com.br/	1970-01-20 20:11:45	Name: _ga Value: GA1.3.1318378751.1651233650
.observatoriodeourofino.com.br/	1970-01-20 02:42:00	Name: _gid Value: GA1.3.1859926508.1651233650
.observatoriodeourofino.com.br/	1970-01-20 02:40:33	Name: _gat_gtag_UA_48948937_7 Value: 1
.observatoriodeourofino.com.br/	1970-01-20 02:40:33	Name: _gat_gtag_UA_36182607_1 Value: 1
.observatoriodeourofino.com.br/	1970-01-20 02:40:33	Name: _gat_gtag_UA_3637695_1 Value: 1
.observatoriodeourofino.com.br/	1970-01-20 04:50:09	Name: _gcl_au Value: 1.1.93518388.1651233650
.doubleclick.net/	1970-01-20 12:02:09	Name: IDE Value: AHWqTUn7RJ8wY7L4uImSzmy4Vw37XVd7NRUt1Rx9GELIy3kk0NI3XFVfMHy06D5esfQ
observatoriodeourofino.com.br/	1970-01-20 03:23:45	Name: _pbjs_userid_consent_data Value: 3524755945110770
observatoriodeourofino.com.br/	1970-01-20 02:40:37	Name: _lr_retry_request Value: true
observatoriodeourofino.com.br/	1970-01-20 03:23:45	Name: _lr_env_src_ats Value: false
.adnxs.com/	1970-01-20 04:50:09	Name: uuid2 Value: 4373938494804321799
.adsrvr.org/	1970-01-20 11:26:09	Name: TDID Value: a12e34e9-f8e9-4b6b-88d2-72877d7afea1
observatoriodeourofino.com.br/	1970-01-20 04:06:57	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22a12e34e9-f8e9-4b6b-88d2-72877d7afea1%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-04-29T12%3A00%3A52%22%7D
.lijit.com/	1970-01-20 11:26:09	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
observatoriodeourofino.com.br/	1970-01-20 12:02:09	Name: cto_bidid Value: qDgmcV9mN1NyNkExVFpCTXBEeW94aHFvbVV0bms3dHl1aWxnNTlDckhYb0dNTjBZbUlQdU5palJGMkdXckVEREc0MEFySlVDSWVxb0xtZVYzT0U0M2NKQzdvelZJNmY1MmNDbjhqTiUyRjlWeGRzOHFzJTNE
observatoriodeourofino.com.br/	1970-01-20 12:02:09	Name: cto_bundle Value: eW7dB185MFQweWhDRkd6bFNHSExKT0s3cDVuZzZLamtVU3ZtSHVkSGduUDJnckptdW1UdUElMkZzd09Ua29TYVAlMkY2JTJCVzFzY3N2QzgyYU9WcmlsampiRk43MjV1VSUyQjh4Y1JndiUyQjM1UklvTWJ0QU9OZnUzOEVTaXI0QnZPNnZNVDBhd2paU2p6R3hPOVpsTnNWTSUyRjlFdlFUdzNJSlElM0QlM0Q
.adnxs.com/	1970-01-20 04:50:09	Name: icu Value: ChgI3sJXEAoYASABKAEw9KavkwY4AUABSAEQ9KavkwYYAA..
.observatoriodeourofino.com.br/	1970-01-20 12:02:09	Name: __gads Value: ID=4fb37a4d499968ea-22031f4585cd00f6:T=1651233651:RT=1651233652:S=ALNI_MbOziOiXQxZXn9MruDri8ZmXAsmEg
.casalemedia.com/	1970-01-20 11:26:09	Name: CMID Value: YmvTdvSfbd1F.N-bFoYLuQAA
.casalemedia.com/	1970-01-20 04:50:09	Name: CMPS Value: 3162
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.adnxs.com/	1970-01-20 04:50:09	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In3rLxr!]tb`8i_iqf!oN/@E'zz<Z0Q3DQ6<g(#kz_lh@h(#!((f2au=<p7KRgPXM%TD._*PlZ[C[-kX-EGmYr
.doubleclick.net/	1970-01-20 02:40:37	Name: DSID Value: NO_DATA
.360yield.com/	1970-01-20 04:50:09	Name: tuuid Value: ac61c826-805a-4715-afce-62ea685a396d
.360yield.com/	1970-01-20 04:50:09	Name: tuuid_lu Value: 1651233654
.casalemedia.com/	1970-01-20 04:50:09	Name: CMPRO Value: 1143
.ads.pubmatic.com/	1970-01-20 02:42:00	Name: KCCH Value: YES
.casalemedia.com/	1970-01-20 11:26:09	Name: CMRUM3 Value: 2d626bd3762760CAESEMAhLvw77rkHHihPj7dsgVg
.quantserve.com/	1970-01-20 04:50:09	Name: d Value: EDwBCQGCJoEA
.quantserve.com/	1970-01-20 12:10:48	Name: mc Value: 626bd376-6ae20-37ad3-3d2e2
.rlcdn.com/	1970-01-20 11:26:09	Name: rlas3 Value: 5Zb3ZnpnIV9X+gBNur3HMlFov74c1RoX+XgHUVWAELY=
.rlcdn.com/	1970-01-20 04:06:57	Name: pxrc Value: CPamr5MGEgUI6AcQABIGCOndKhAA
.e.dlx.addthis.com/	1970-01-20 12:10:48	Name: na_tc Value: Y
.openx.net/	1970-01-20 11:26:09	Name: i Value: cba5cb9f-5dbd-4f78-b0e2-4ad401a4305f\|1651233654
.addthis.com/	1970-01-20 12:10:48	Name: na_id Value: 2022042912005400016478611240
.addthis.com/	1970-01-20 12:10:48	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:10:48	Name: uid Value: 626bd3760745bdcf
.addthis.com/	1970-01-20 12:10:48	Name: ouid Value: 626bd37600019c5c3cee363b9742c5bb817373ca6b0927a02dbe
.dlx.addthis.com/	1970-01-20 03:23:45	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 03:23:45	Name: na_sr Value: 20220429
.dlx.addthis.com/	1970-01-20 02:40:33	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 03:23:45	Name: na_sc_e Value: 0
.pubmatic.com/	1970-01-20 04:50:09	Name: KADUSERCOOKIE Value: A396C943-E3C2-4B69-A9C1-5E632A7BD0DF
.adtelligent.com/	1970-01-20 04:09:50	Name: a297253 Value: 4373938494804321799
.adtelligent.com/	1970-01-20 04:09:50	Name: a289656 Value: ac61c826-805a-4715-afce-62ea685a396d
.adtelligent.com/	1970-01-20 04:09:50	Name: vmuid Value: f67962389ca321fc
.adtelligent.com/	1970-01-20 04:09:50	Name: a323546 Value: YmvTdvSfbd1F.N-bFoYLuQAA&1143
.casalemedia.com/	1970-01-20 02:42:00	Name: CMST Value: YmvTdmJr03cA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
javascript	error	URL: https://observatoriodeourofino.com.br/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://observatoriodeourofino.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=3171307609&adk=3267273293&adf=1916475581&pi=t.ma~as.3171307609&w=300&lmt=1651229169&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233651890&bpp=5&bdt=2366&idt=144&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea%3AT%3D1651233651%3AS%3DALNI_MYM7RRYYRJ3z19V-ARzPwje0yRphg&correlator=6221419617674&frm=20&pv=2&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=bdeuoqw8R1&p=https%3A//observatoriodeourofino.com.br&dtd=165 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13150679774491910741/DAH_336x280_Hamburg/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915609541681026&output=html&h=250&slotname=3171307609&adk=3267273293&adf=1916475581&pi=t.ma~as.3171307609&w=300&lmt=1651229169&psa=0&format=300x250&url=https%3A%2F%2Fobservatoriodeourofino.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651233651890&bpp=5&bdt=2366&idt=144&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fb37a4d499968ea%3AT%3D1651233651%3AS%3DALNI_MYM7RRYYRJ3z19V-ARzPwje0yRphg&correlator=6221419617674&frm=20&pv=2&ga_vid=1318378751.1651233650&ga_sid=1651233651&ga_hid=1075350720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065741%2C31067267&oid=2&pvsid=2903018302951535&pem=213&tmod=2040841742&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=bdeuoqw8R1&p=https%3A//observatoriodeourofino.com.br&dtd=165 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13150679774491910741/DAH_336x280_Hamburg/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

385782dfa26228be64ed333ea0434beb.safeframe.googlesyndication.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
b1h-apac1.zemanta.com
barra.uai.com.br
c1.adform.net
c2.taboola.com
cdn.pixfuture.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
core.iprom.net
csync.loopme.me
dis.criteo.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imgs2.uai.com.br
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mug.criteo.com
observatoriodeourofino.com.br
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.everesttech.net
pixel.onaudience.com
pixel.rubiconproject.com
pixfuture2-d.openx.net
pr-bh.ybp.yahoo.com
prebid.media.net
pubmatic-match.dotomi.com
rtb.openx.net
s.adtelligent.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
served-by.pixfuture.com
simage2.pubmatic.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.spotim.market
sync.teads.tv
tm.jsuol.com.br
tm.uol.com.br
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
um.simpli.fi
us-u.openx.net
vid.vidoomy.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
a4p.adpartner.pro
api.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
pixel.onaudience.com
secure.adnxs.com
simage2.pubmatic.com
sync-tm.everesttech.net
104.89.28.165
104.89.42.102
108.128.215.255
142.250.185.130
142.250.186.162
142.250.186.98
151.101.1.44
151.101.129.108
169.50.137.182
172.217.23.98
178.250.0.157
178.250.2.151
18.185.251.21
185.33.221.50
185.33.221.90
185.64.190.78
185.83.69.178
195.181.174.138
195.5.165.20
204.237.133.116
23.108.101.160
23.205.235.133
23.227.147.138
23.35.228.23
23.35.236.201
23.88.75.189
2600:9000:206f:4000:6:5b96:3f00:93a1
2600:9000:20eb:1000:6:9eb2:5cc0:93a1
2606:4700:20::681a:b9c
2606:4700:4400::6812:230b
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2006
2a00:1450:4001:828::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:400c:c07::9b
2a02:2638::1c
2a02:6ea0:c700::10
2a02:fa8:8806:20::2040
2a05:d018:d29:3605:ff18:9e8e:6010:4f26
2a06:98c1:3120::7
3.33.220.150
34.107.148.139
34.98.64.218
34.98.67.61
35.186.253.211
35.244.159.8
35.244.174.68
37.157.4.25
5.161.47.120
5.178.65.245
51.89.21.5
51.89.9.254
52.214.158.110
54.154.135.58
62.149.0.72
63.251.232.165
66.155.71.149
67.202.105.34
68.183.31.14
69.173.144.138
69.173.144.165
72.251.249.13
92.122.147.230
96.16.141.156
007c769662c3b7cab77265360474a4da16594e37cbe62a81cd7381f20b85a7ad
0117082955c19dd930456ec30c3c35a54e3f1eec129a82ce6721d8735b916731
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03c2b481a3d6ae510fc516779446e43755d51ef0134b48f9cf72eb3dd4cd93f4
05fd46abce1d557c25b81420abf17eb501cb6c4ac6460fcf07261209660da9cc
08c19272c2f4f2e9182304fa928374ca3ae0bc94b9a34e8c2dff93d6bc8882f8
08e83ba5926eb7406a2b058c5b1d8b22072f8fb8a7c5ca816c693f564233efd3
0a152eaf2cb23721e3d3324928a9b86abfc5401cc6f93ab56a77d9fbe7851298
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e3acaace5bfdd10b40e45ea6111c8d148bce299e0519ae3e00a1b38d4af9659
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18b958e7324ec5fdd6b3410f9b2406945f2c59c8cf8a3927e098f0470b2cde6c
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b588f7a82dacda5a429eafc52b59872dc668ea6d51eab2ddf9c36804676184
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e09609efcc649111044cdf2f10f5b2ae370aa855573e80e7f6a4ea647b367ee
2eb8be3975f41d8b8a3aeea46d12e7b088c9ca4c1c2f7aef9c8ef7447fb4af0a
2ece0030d780eb59e1892dbf0b5667e3a20bf11cb2fb6d6e5a8d53757c20b923
2fd69d938741264f71ba861709e38d6a8b3860d0fc3829ef5478464bed35fb19
317b461d0bd86c4b065aa35ce25d53c57ac4b80649e7bc5bd7e310b653455cfc
31c1ad0c288342844e3b8849205ac1750183ecb4d36f567df0e4f480da5196ea
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bf544863583cfb1afc1228953c4e6021728ba3bbb93dfca42ad3b78b6455a3
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3446347312012117afa6fda23ded94cf916e271d6773e571fb537792e170c924
34c9f73e113ccb2ce50e439aa36b1cf642613fbc81c9b3ac0a6e8d4061e9265e
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
394ddd1c963497b0de4039e64855da10426362ae90510d675337b390bb213327
3a24d6e7e491926b900ad13f501d64fa3367f3b83148206af7a39101d6263c36
3a9d7ece219eadbf759da68e497af11cc391f179f627bde9050237a80321accc
3b3e1d3b60e8c87df17d53bfb684102153aa9675f2ed34a60dd94d36540eb810
3c31f194616ed5157c41e5e3ae46976fbf82a885584917b82fcfbeee0f10bf7b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401ff0f99b0f3bf92b662baae4cb303b9e5d5723efe1a226a32195406204519e
41c544a9957cf448f9dd048520a74d87bc4ffcfeff1456b406109d90d9fb859f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45df10c585e01c07a3602ed16c1c6842d2572d6b15bceff9cb1f58256d330e31
481fc6de8cd1aac51ee428e017c092a525911fafbc36e962ebb283e00e1a0a98
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48db2bd4f6be481a3541ba1a839ecbf2a639baeabeaab6236fcd3288f11d3dc9
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c02f0c3809ab5ade178dacffa5852828f29def13dc66d2eb406f2996b9a23c4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f730ba6f339a72c156241c3a4fc5147c2d1e4ac83c5ef7ebd4a68f6d40d4dd
514ddeccaea5512e4a61152a64b975af4ed5c62b5d3f1906c7cbf05d74acb668
536386f4e5a08dcde004ad0d24c4ea816a2054ba53f5da25ebb12fa4493f693f
5386d0e7b814a03addb73f5e2535ace587fb8ef721a4c801eae0a9a07198681e
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59068deda373c6a739af2691cf79f8085aa80bc17e6e1169754b7b825e0e6c85
5a3a57721c542c75d1ada59a8b088e5fc03957a83a9da86c0f8a47c52006732b
5a74a5a5210a8dd5594658adf3b88c6f023bdecef7621f18e38a885f655fc461
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f95bfde693fdf0a38e75ce5c73199b240263191d301c12d32d4387cf2f26826
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624a18a7fac4f2f27169fc4103c568c2aaf283dbb14a30eabf7f1d1a3cdf77f5
64c41a6752147d6209ab9377bd28d1970be83a0a8d8617dfa4ea8dddf0516194
679b33246b4b4e9cab1895def827c097ba2a329892a18e77ccceedfcfb29959c
67d2fa341b47cfe1abcfe08a1ca0c2180b861e87b3f06598e939d701fff40324
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d77712774b24cbc957f638eb754e7082ee151c12c1a9b995526b970e16e9ca7
730571ee84654b4c25e919b85df0b124a3ec03a257fc5a1bcdd49436900c82f8
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
7423929ac41384d94f7f846868445ded424038c6a043ae2d3adb7e0ad1607d95
7791fc59ac754d9fd67ef26a2497e802ebfcb0db4468ba92f0fb744d0b6fe91c
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c2e249d6591e7aa8115463c525c82d6a11f57176338e062abe2c669c9708098
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
8046d0949013eda592002293561965b0edb1e92bf779033eee1d1acddb99b666
83056cb62961fd9c47117752a89d173665d3ac485d75731388016cd40e60c71b
83304226231cfa98bca3c6138fd6567b9b7dec5cc1b561ba1e379542e25016dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
854e7efb5f09924dbf8543ab9e7ad276e8d3034ee675e1cb571d574384437102
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b4d8be776353e344fc2b6dfb9a4a8571f1abda4613fb13e8aa659339a9a238a
8cb22f26870c311e1d6970f8f0ac4d264e19016d39627a957f0184d16ad4bdd9
8d78e872eb5dc54d1ff5c3e5b3430dfe51634385f46f9d81c82ae587218370b2
8ebea5c4fcf414150a9a6250689b15695fd85988becb315d8ff9fb43db506fd8
90c0199e14954113d5e7cffb0c06c99d7d5e4a953ce88483c15bac7e9a8c29d9
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
926cfdbcb7e64be5b911524c61c376f4d33faa2535486a2cebadb34153ed7529
92b3334a22c2fcc04a5550446048aa51fcea3db4051d6c0d894f78dd7fb625f6
9373556c315280b756fbe5e357153b8b34d73c3da1a92367a1018561912d4a3a
970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894
9720ac5c3c75ed17b5bde0e073ab68be91aa4b2ba7efcd56f867aaa24c262175
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ca9f9c180a091841e5a391819f9cd2234088316ad8d7d3f491e83fd0aae2e25
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f3d1fc7befa734b5b562540a321ac92156abce03cdeb0a6eda122b9714be4a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c5c27cfddc38965ab8436a08e4a3fb2c820b037869d87e1edb5e499ebbc121
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75fde242f549663f9fd9d1c023be57a7b80df6aa35961b680cf2d6974fcaffd
a890942c6eeae2e17903ceb867ac1f063570b01518d9621899f3ec58de26400b
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abb5e6cd351a63e85e134d678fa2d6c4d21015554692008ce174e11cbd69777f
ade14baa9fc8510e1785cefbd9649bc920c92801beddf794ce63a6bcee7d0278
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b149de19dca14151c9dd1a728698910d92db444886efad87920d76564bc03907
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b7398ce8a14ad03ac3aa53e44824d867c46aa4d9319f2fb014b22b1c4b6a4ff5
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
bad9c4efc3ec0a8005d3a1b4899f48efc4e0bfa0f57520d89632916e745de72c
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c3ecf31e703f59a268f18b82ef3d290ae24f91bda18a770a42798ad1ea0fa0a5
cb24a97e2830827fd302c6e71e43a9f50ae8725304a44537a0a474df0817ad0a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
ce54f7339b5809848aba419825988f335f5a83eca7ef3ee4a151b0494530db95
ce63d441f0e6b62cea503dc700818fa6742980611f3fd4cdb39e2b1b60b96fc3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9d0058827fbd662121996a74779a4beb95d301fb5620e1313bc790da4e68ab
d0582443a11f06928cfafe5aab7cd2cbbb2d160397a038e14f7fb8c063de7cab
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e
d60f1f9e78c804c13e5447cceef69a3ef8d3ec5b35533807e7f67671bace3fb0
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da409f16fad14bcbafffba6b65de0c36dc32f742d4080523234ee2541bed3380
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e329f3069403b043c8f4e220bfe110c2d919682475c5fe0a5d6742583b1a67a0
e341adfffd27c2724b990454a759a54a2c18b3e07622129d4e1fa24c68263b17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c9373c3e76d1db35f3ae004bd30194ecd9cb038fe2ec7e27acbda4d18f5b05
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef57c028ca3d4f36d659c489bbf587650b329f265fd27ad429bdb4c827f8f5a5
f0b6d7fdd5a6fc178a82d37500d867866cfe94543b3c91da3974c3dbe2d73115
f2331563867ab257b27bcf2add845a4482d1c8fb6143e5c950640b2f7e1c78a5
f2e1de6d64f1f4555dc9c0acd0cc228419f76f569bc122a37c8c851e337f2c0a
f5023b54d4df84252b78c9e1038eb52e4ade7182b8569634f432dcb6666ac77c
f9105ad89b0652997872724722eb0747fbabefd60ac84c4d47c374bc27529821
f98ae5d0def0dd4458227a6c9a58799de2aafdbf4dc14e09af26b627cd68b6f6
f9ac0f3868a0d41bc2727d8c4b8fdfb132095e4433442839f912f0652be887b9
f9db567eae6e6a3c4c4fba754606ed7b66d231bdfd11fd72ea6dbd56d4a850e8
fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a

observatoriodeourofino.com.br Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

348 Requests

84 %HTTPS

34 %IPv6

55 Domains

91 Subdomains

71 IPs

9 Countries

3971 kBTransfer

8295 kBSize

48 Cookies

15 Outgoing links

Page URL History

Redirected requests

348 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

observatoriodeourofino.com.br Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

348
Requests

84 %
HTTPS

34 %
IPv6

55
Domains

91
Subdomains

71
IPs

9
Countries

3971 kB
Transfer

8295 kB
Size

48
Cookies

348 HTTP transactions
10 data transactions