www.canal38.com.br Open in urlscan Pro
2606:4700:3034::6815:4e50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.canal38.com.br/
Effective URL:
https://www.canal38.com.br/
Submission: On November 30 via manual (November 30th 2022, 3:55:07 pm UTC) from US — Scanned from DE

Summary HTTP 182 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 44 IPs in 9 countries across 34 domains to perform 182 HTTP transactions. The main IP is 2606:4700:3034::6815:4e50, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.canal38.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2022. Valid for: a year.

This is the only time www.canal38.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::ac43:da9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	2606:4700:303... 2606:4700:3034::6815:4e50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
9	2804:7b88::32 2804:7b88::32	271437 (JMV Techn...) (JMV Technology Eireli - EPP)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:140e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2 3	52.210.233.79 52.210.233.79	16509 (AMAZON-02) (AMAZON-02)
1	81.17.55.112 81.17.55.112	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 6	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
12	217.79.188.11 217.79.188.11	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.2 217.79.188.2	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
7	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3 10	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	3.123.239.61 3.123.239.61	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1	217.79.188.53 217.79.188.53	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	45.225.80.22 45.225.80.22	271437 (JMV Techn...) (JMV Technology Eireli - EPP)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	88.221.168.189 88.221.168.189	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:205... 2600:9000:2057:fe00:1c:38a0:8a40:93a1	() ()
4	2606:4700::68... 2606:4700::6810:df3	() ()
1	2600:9000:214... 2600:9000:214f:2c00:8:9ed9:9c40:93a1	() ()
1	2600:9000:205... 2600:9000:2057:b200:3:748e:7940:93a1	() ()
1	212.82.100.182 212.82.100.182	() ()
182	44

1 2606:4700:3036::ac43:da9a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.canal38.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:3034::6815:4e50 (United States)

ASN13335 (CLOUDFLARENET, US)

www.canal38.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2804:7b88::32 (Brazil)

ASN271437 (JMV Technology Eireli - EPP, BR)

player.jmvstream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdncrawler.jmvstream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:140e (United States)

ASN13335 (CLOUDFLARENET, US)

www.tempo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a15 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.premiumads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.210.233.79 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-233-79.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.112 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.2 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad1.adfarm1.adition.com

ad1.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.239.61 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-61.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.53 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: vt.adition.com

vt.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.225.80.22 (Divinópolis, Brazil)

ASN271437 (JMV Technology Eireli - EPP, BR)
PTR: dns2.jmvtechnology.com

popcorn-concurrents.jmvstream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.189 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-189.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:fe00:1c:38a0:8a40:93a1 (None, )

ASN- ()

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:df3 (None, )

ASN- ()

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:2c00:8:9ed9:9c40:93a1 (None, )

ASN- ()

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:b200:3:748e:7940:93a1 (None, )

ASN- ()

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (None, )

ASN- ()

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	canal38.com.br 1 redirects www.canal38.com.br	929 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 182	316 KB
18	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248 cm.g.doubleclick.net — Cisco Umbrella Rank: 271	191 KB
15	adition.com imagesrv.adition.com — Cisco Umbrella Rank: 10902 ad1.adfarm1.adition.com — Cisco Umbrella Rank: 28233 vt.adition.com — Cisco Umbrella Rank: 66140	99 KB
10	jmvstream.com player.jmvstream.com popcorn-concurrents.jmvstream.com cdncrawler.jmvstream.com cdn.jmvstream.com Failed	1 MB
9	gstatic.com fonts.gstatic.com www.gstatic.com	189 KB
8	wp.com c0.wp.com — Cisco Umbrella Rank: 7538 stats.wp.com — Cisco Umbrella Rank: 3342 pixel.wp.com — Cisco Umbrella Rank: 2850	90 KB
7	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 276 acdn.adnxs.com — Cisco Umbrella Rank: 764	22 KB
6	tempo.com www.tempo.com — Cisco Umbrella Rank: 169835	17 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705	4 KB
4	navdmp.com tag.navdmp.com usr.navdmp.com cdn.navdmp.com sync2.navdmp.com Failed sync.navdmp.com Failed	6 KB
4	avantisvideo.com cdn.avantisvideo.com static.avantisvideo.com events1.avantisvideo.com Failed cdn1.avantisvideo.com avm.avantisvideo.com Failed	30 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 434 mug.criteo.com — Cisco Umbrella Rank: 1897	1 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 16	1 KB
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 642 match.360yield.com — Cisco Umbrella Rank: 3136	956 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 652	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5967	645 B
2	adtriba.com 1 redirects d.adtriba.com — Cisco Umbrella Rank: 37680	757 B
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 983	365 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2541	24 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5200	914 B
2	premiumads.com.br tags.premiumads.com.br — Cisco Umbrella Rank: 155488	126 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84	20 KB
1	yahoo.com cms.analytics.yahoo.com	123 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1440	573 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 926	191 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 454	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1152	710 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 602	859 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	48 KB
1	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1523	560 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 961	700 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	43 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	2 KB
182	34

	Domain	Requested by
46	www.canal38.com.br	1 redirects www.canal38.com.br
13	pagead2.googlesyndication.com	www.canal38.com.br pagead2.googlesyndication.com player.jmvstream.com 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	imagesrv.adition.com	7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com www.canal38.com.br imagesrv.adition.com
10	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net www.canal38.com.br 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
8	player.jmvstream.com	www.canal38.com.br player.jmvstream.com
7	tpc.googlesyndication.com	7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
6	ib.adnxs.com	2 redirects tags.premiumads.com.br googleads.g.doubleclick.net acdn.adnxs.com
6	www.tempo.com	www.canal38.com.br www.tempo.com
6	c0.wp.com	www.canal38.com.br
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	securepubads.g.doubleclick.net	tags.premiumads.com.br securepubads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com www.canal38.com.br
2	tag.navdmp.com	tags.premiumads.com.br tag.navdmp.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	www.gstatic.com	player.jmvstream.com www.gstatic.com
2	sync.1rx.io	2 redirects
2	match.360yield.com	2 redirects
2	d5p.de17a.com	2 redirects
2	d.adtriba.com	1 redirects 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
2	www.google.com	7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com tpc.googlesyndication.com
2	ad1.adfarm1.adition.com	7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com ad1.adfarm1.adition.com
2	7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	onetag-sys.com	tags.premiumads.com.br
2	script.4dex.io	tags.premiumads.com.br script.4dex.io
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	tags.premiumads.com.br	www.canal38.com.br tags.premiumads.com.br
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	cms.analytics.yahoo.com
1	cdn.navdmp.com	tag.navdmp.com
1	usr.navdmp.com	tag.navdmp.com
1	avm.avantisvideo.com	cdn1.avantisvideo.com
1	cdn1.avantisvideo.com	cdn.avantisvideo.com
1	static.avantisvideo.com	cdn.avantisvideo.com
1	cdn.avantisvideo.com	tags.premiumads.com.br
1	cdncrawler.jmvstream.com	player.jmvstream.com
1	acdn.adnxs.com	tags.premiumads.com.br
1	popcorn-concurrents.jmvstream.com	player.jmvstream.com
1	vt.adition.com	www.canal38.com.br
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel-sync.sitescout.com	7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
1	match.adsrvr.org	7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	www.googletagservices.com	7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
1	prg.smartadserver.com	tags.premiumads.com.br
1	ad.360yield.com	tags.premiumads.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	www.canal38.com.br
1	stats.wp.com	www.canal38.com.br
1	www.googletagmanager.com	www.canal38.com.br
1	fonts.googleapis.com	www.canal38.com.br
0	sync.navdmp.com Failed
0	sync2.navdmp.com Failed
0	events1.avantisvideo.com Failed
0	cdn.jmvstream.com Failed	player.jmvstream.com
182	58

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.supermuffato.com.br
wilsonmotacorretor.com.br
mexcorp.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.jmvstream.com R3	`2022-11-26` - `2023-02-24`	3 months	crt.sh
premiumads.com.br Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.360yield.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2022-04-26` - `2023-05-28`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2022-06-01` - `2023-07-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.avantisvideo.com Amazon	`2022-10-24` - `2023-11-21`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.canal38.com.br/
Frame ID: EB76F88A1FD5F2BF1CFB432B2F2E6AA1
Requests: 101 HTTP requests in this frame

Frame: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t
Frame ID: 9CAB3E60F14F8C48DC1F689ABFA96BB3
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 789442D2156E484A01D166D68357C93C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6147224200920551&output=html&adk=1812271804&adf=3025194257&lmt=1669823361&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.canal38.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669823700989&bpp=2&bdt=231&idt=193&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8471406723690&frm=20&pv=2&ga_vid=1476658255.1669823701&ga_sid=1669823701&ga_hid=214515791&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44770881%2C21065724&oid=2&pvsid=2417336009619435&tmod=1953963323&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=208
Frame ID: DDD481202E73A06942D2D39883170D84
Requests: 1 HTTP requests in this frame

Frame: https://www.tempo.com/getwid/cbf7e3d5e16e688bfd8078f68b3cdd38
Frame ID: 0B61354CC510EE0750470951CE65D1F9
Requests: 5 HTTP requests in this frame

Frame: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F6A0E06734A606262AEE0B5EBC35CBB4
Requests: 1 HTTP requests in this frame

Frame: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8E6A8742B552DA92A94DBB88642A5DE9
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjOgrDaATAB&v=APEucNWSDIW5oROk2PQRL5YQqvFx6rSakLirefkv0F8L7MEg-t3OkemYTR0Y15Jz_6Pir4uoInNBUqHg4KUQUDjOpfeHEPBNzNFogcD4oepIR41HSnoEZgs_8h40QkgKCdOHVxyKRO4c7WYsIPRH9dV6Dw8agb9M67cTNjSsiDqQc2V2XDDBWDU
Frame ID: 434D5A42DEA95D71505EFD2A8049E212
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FE4AA396F82E01D866606ADFEC539432
Requests: 3 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 249C700286FEEA439829EAE2D041DF52
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3BD41B7FCC6C5105E5F73649980064C4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 94D5CA01C26AC582D88525F03890ECE3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7665656EC92B436F216819D47B65EADA
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1669823701379
Frame ID: 01F93A54F6BDCE7F4C73F9FEC8BDBD79
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1C6A25B23C5F8221485ABCA414BCAA15
Requests: 3 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 8660DC5FC34FC55F9DAE6F821D70EB47
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HOME - 38 NEWS

Page URL History Show full URLs

http://www.canal38.com.br/ HTTP 302
https://www.canal38.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

182
Requests

88 %
HTTPS

54 %
IPv6

34
Domains

58
Subdomains

44
IPs

9
Countries

3421 kB
Transfer

6845 kB
Size

25
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/RTVCanal38Apucarana/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/RTVApucarana

Search URL Search Domain Scan URL

URL: https://www.supermuffato.com.br/busca/?fq=H:6632
Title: <img src="https://www.canal38.com.br/wp-content/uploads/2020/04/PUB-FUNDACAO-MARIO-TAMIYA-700x500-1-324x232.png" height="500" width="700" alt="Fundação Mario Tamiya" class="slider-20521 slide-29301" title="Fundação Mario Tamiya" />

Search URL Search Domain Scan URL

URL: http://wilsonmotacorretor.com.br/
Title: <img src="https://www.canal38.com.br/wp-content/uploads/2021/12/WhatsApp-Image-2021-11-30-at-16.47.01-324x232.jpeg" height="500" width="700" alt="" class="slider-20521 slide-90545" title="WhatsApp Image 2021-11-30 at 16.47.01" />

Search URL Search Domain Scan URL

URL: http://mexcorp.net/
Title: mexcorp.net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.canal38.com.br/ HTTP 302
https://www.canal38.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhqjxlF-xVaKcPbQ9cqBi4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhqjxlF-xVaKcPbQ9cqBi4&google_cver=1&C=1

Request Chain 110

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4d81kBrZdmwBn9DvUuzHwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhqjxlF-xVaKcPbQ9cqBi4&google_cver=1

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECJecgMUouy4gTKJlw_lcRg&google_cver=1

Request Chain 112

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0ODA2ODI3NjEwNjUwOTgxNg%3D%3D

Request Chain 118

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display.start11_perfor_adbdl HTTP 302
https://d.adtriba.com/px.gif

Request Chain 132

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAdNb1jQCeWm9FW_ohiSxI8&google_cver=1&google_push=ASkJ3FaNqNULceyvp45VuIVX6lfSlDvHwcPpc2NSTTUuiQi45gOH66YtlRcqPwTeVdTtjX9wLCFX0WAjQPSturuzA20hjQLJpA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaNqNULceyvp45VuIVX6lfSlDvHwcPpc2NSTTUuiQi45gOH66YtlRcqPwTeVdTtjX9wLCFX0WAjQPSturuzA20hjQLJpA

Request Chain 133

https://um.simpli.fi/gp_match?google_gid=CAESEF-PWDJaO3Dt0XV9EzwmK8k&google_cver=1&google_push=ASkJ3FaOZ47NzP2-p86nFC6sFO1CseT8MsSP0hqcPwDHxpafgwsVBXkpEPkVXhzfGR6diQ0hb03HbUVCjHwnFXgXA0mcOICs-g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B70BF04F1614614A8F57239A485AF05&google_push=ASkJ3FaOZ47NzP2-p86nFC6sFO1CseT8MsSP0hqcPwDHxpafgwsVBXkpEPkVXhzfGR6diQ0hb03HbUVCjHwnFXgXA0mcOICs-g

Request Chain 136

https://d5p.de17a.com/cookies/google?google_gid=CAESEK9ClTMN9JhU4EMYRucvXj8&google_cver=1&google_push=ASkJ3FZF6PKYPPkp9Nl-JaPCktNlPQr19QiaYr6a-cujDZjPvVqxjgLZAtcDUvWlDw6ASW63boDnmVwyge5VEUmuIS0nz1S5Fjk HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK9ClTMN9JhU4EMYRucvXj8&google_cver=1&google_push=ASkJ3FZF6PKYPPkp9Nl-JaPCktNlPQr19QiaYr6a-cujDZjPvVqxjgLZAtcDUvWlDw6ASW63boDnmVwyge5VEUmuIS0nz1S5Fjk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZF6PKYPPkp9Nl-JaPCktNlPQr19QiaYr6a-cujDZjPvVqxjgLZAtcDUvWlDw6ASW63boDnmVwyge5VEUmuIS0nz1S5Fjk

Request Chain 137

https://match.360yield.com/match/ebda?google_gid=CAESELfS97_p20TqOU5nNfJGmh4&google_cver=1&google_push=ASkJ3FYw1NOtx6PyBcd5ah-ekT2dRTMlxfdEZaQyf5YyXCP6ZUSSGBgtxeY5pSYV8ntXVlNl-e0ml7t054y2cqrJ6YsQvwKUYFw HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELfS97_p20TqOU5nNfJGmh4&google_cver=1&google_push=ASkJ3FYw1NOtx6PyBcd5ah-ekT2dRTMlxfdEZaQyf5YyXCP6ZUSSGBgtxeY5pSYV8ntXVlNl-e0ml7t054y2cqrJ6YsQvwKUYFw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8FvzXu9XTQGdIScaX8SR3g&google_push=ASkJ3FYw1NOtx6PyBcd5ah-ekT2dRTMlxfdEZaQyf5YyXCP6ZUSSGBgtxeY5pSYV8ntXVlNl-e0ml7t054y2cqrJ6YsQvwKUYFw

Request Chain 138

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBg6rFP6GzSmsQTVsVNVSr4&google_cver=1&google_push=ASkJ3FawIfPaoINDa17NGSwSUV_VN1jfl28R0UV7OCP9dSggeuJ9pK-6g1u-Sy1juZuNKegHLwk3z8MR52ebmx-xg7CNR2z6MnU HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FawIfPaoINDa17NGSwSUV_VN1jfl28R0UV7OCP9dSggeuJ9pK-6g1u-Sy1juZuNKegHLwk3z8MR52ebmx-xg7CNR2z6MnU&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1669823702300 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-2affaace-95de-4e3e-b51f-c9645ab0d929-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FawIfPaoINDa17NGSwSUV_VN1jfl28R0UV7OCP9dSggeuJ9pK-6g1u-Sy1juZuNKegHLwk3z8MR52ebmx-xg7CNR2z6MnU%26google_hm%3DAyr_qs6V3k4-tR_JZFqw2Sk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FawIfPaoINDa17NGSwSUV_VN1jfl28R0UV7OCP9dSggeuJ9pK-6g1u-Sy1juZuNKegHLwk3z8MR52ebmx-xg7CNR2z6MnU&google_hm=Ayr_qs6V3k4-tR_JZFqw2Sk

Request Chain 157

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.canal38.com.br%2F&domain=www.canal38.com.br&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=N67dTXxoZ09kVmVsTGpvWHMxNmVLYk5WanM3S1BGSFRLN25IdWVDUmFaRUptUEI2SmkyZ282UDFtQ1RSc3Z4d2VGdGxNNENUajN2YVZKN3QvM09YK2h5Q0xRR2gxeHFvaElGc2pGTTdTa1V3Q0txNGdSNHNaRHQ3RFA1ZDM0ZDVwQWJvVGFiVG1LdUp6Ti9TU08yR1JWTnVvcmw5cDNPM2Vwa3AyMHZXajhUWjBCNUpOK1Y5UDV1Uk5DWHFURGFCa2hEcUs1ZHJ3MHo1YXFGV0w5d3lkelFGdVJyU09SSmx5TFF3UHM5d0lXdUFsOU5UUWtzeFZlMStEVjFKN2VzODFzWTJUfA&cppv=2

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=76589611681 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=76589611681&google_gid=CAESEE3_jCwEMWVkPMxga3U5s30&google_cver=1

Request Chain 183

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=dca96387-7cd6-4200-a20e-78546fd779b6

182 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.canal38.com.br/
Redirect Chain

http://www.canal38.com.br/
https://www.canal38.com.br/

152 KB
26 KB

669ms
634ms

Document
text/html

2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 103e3e86ec3078f96d761ffb310fb4ba0220ad2fd9d0dda12759f8b713e11490

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7724c3cdcfcabb3b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 15:55:00 GMT
last-modified: Wed, 30 Nov 2022 15:49:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8n5DHFqyThr5EkbdPPgtfRs%2BqJ9YqlgVBPKT18mEKlQmDzRUN2jL3sDzdRdF6XkWx2QePYkfQ8lBZbveCkRLXgsBaap2mcVygsRElVVUqE6pZw4%2BlUUJtp06IyOOqdilvy2FMmfXAZvStPjkxiX4dtQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Cookie

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7724c3cb5965cb22-DUS
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 30 Nov 2022 15:55:00 GMT
Location: https://www.canal38.com.br/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3YDEiEY6aW6PYQwMlAkBbKe%2BVlpNTVmK68quQJv4xNJO66oQ12%2FTR2VLrFRkaEvqYfDOvnIRZiwwS0arbx8YsxS3yT3LH%2BZ8%2BkRSsnj4ks8HD3nWwEtYXQjwc%2FMhWYwioUtij8OzgzhHkL7AAB10%2F8%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
c0.wp.com/c/5.5.11/wp-includes/css/dist/block-library/ 53 KB
7 KB 35ms
6ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.5.11/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 27 Aug 2020 18:00:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:55:00 GMT

GET
H2 200 styles.css
www.canal38.com.br/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 29ms
27ms Stylesheet
text/css 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 12:37:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 68801
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tmld7MJFT1ECcvu%2FtecwGwgA4tuhRiZy0aSyfaOl51IWB1DtESbjkP%2F6j11MTeiL%2BKS6s3nS6vxGK6dEzPpm%2BQR8vF%2FavNQfWWc2Gp%2Fkde5CHmo%2BfOXnvYSphY0kYPp8awyYdyjKsRYnko1JmX%2FnDoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 7724c3d1c933bb3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 09 Dec 2022 20:48:18 GMT

GET
H2 200 slick.css
www.canal38.com.br/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 1 KB
846 B 24ms
23ms Stylesheet
text/css 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=3.1
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82dfce8760ca230bb796f728f5444cec9f3611c94bfe33298cad70aa524e0eb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2022 10:58:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 218256
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udLeJv4reNuoshEK3bHzZf17KZMl%2Fu7QEKXtJVdwFmPigdkZNV90sp6SZDq72RiUKlRz3y%2BYohAREPZj8N4kmw9H%2BRE%2F5iL3hd3dISWoBlxHfRSAmeUMnVwJCGGiowCrbXdA5SLyYu59jMYdFuPFa68%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 7724c3d1c937bb3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 08 Dec 2022 03:17:20 GMT

GET
H2 200 recent-post-style.css
www.canal38.com.br/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 12 KB
2 KB 25ms
24ms Stylesheet
text/css 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=3.1
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 906a1c7b899193c5ff4f6a373f6584155142dcaaaf3d7d2c2c71bd3cd02a8b42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2022 10:58:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 59790
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZi6%2FSyryCCyreSwCV10RhtgLKQx9pEGnSCuG69d4ygflOSqNA9SykfQH1IdlzSHreo0sD9XKaPukJK7TBjSOONkpc4vxt7Etm2t%2BXjp7u6B8Zq5pTL7cTP4AKmIeFmz9XDZ7EP%2FXO%2BFFl2PRnvvFpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 7724c3d1c941bb3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 09 Dec 2022 23:18:29 GMT

GET
H2 200 style.css
www.canal38.com.br/wp-content/plugins/td-newsletter/ 6 KB
2 KB 39ms
38ms Stylesheet
text/css 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/td-newsletter/style.css?ver=5.5.11
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30de75db99674d52f78585f7f37a04517f2f3a29ef6500b511c87cb96cb995ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 02 Feb 2020 14:05:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107487
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgznJuEBfWBL07syoNsY%2BOfdqxbFieWk6blzkyFhJ7zD31tDecOJnxlC5vKRFRHC2WjEcfxhVxxjOnhnuPc8TvDC%2BDV0e8pRf9sEicUyxHLfnnphYVRjut%2B%2FzaPPWZ3EMrc6dhPrIEiw%2Fx4kG0pG6tY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 7724c3d1c944bb3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 09 Dec 2022 10:03:32 GMT

GET
H2 200 style.css
www.canal38.com.br/wp-content/plugins/td-composer/td-multi-purpose/ 68 KB
10 KB 30ms
29ms Stylesheet
text/css 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=9e241c87ee8782e8f19bb886a935e653
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 962bba463fbc870e1d4e8a32dd01bf0d86af35502a83838f5224b138764e6911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 02 Feb 2020 13:59:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 68801
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHOhZiyq5YVlltayI8dOp1C14kicpmM5C56kLwgjKPOK0ttjjxbzbqg3AH2IyboBaUgaxGe79KdaJuCtbvV%2BHRlI%2Fj9NLiwbxhOPQHEcG1H8RfadCKkxZtzczKELJaXLRUKfEuJi62HkWqLQHTonEfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 7724c3d1c949bb3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 09 Dec 2022 20:48:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 29 KB
2 KB 48ms
20ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.1

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf473c4b25057def8a517e9e49edebf50fe239c6373237d92b4879c2849974e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 14:35:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Nov 2022 15:55:00 GMT

GET
H2 200 style.css
www.canal38.com.br/wp-content/themes/Newspaper/ 1 MB
124 KB 31ms
30ms Stylesheet
text/css 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/themes/Newspaper/style.css?ver=9.1
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c822e019e1e4a2766efe07995323e2a45a5ff229ef478fb1dca8b4d6027b08c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Feb 2020 11:42:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 75663
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7mLQRpUZuIOu0dgSOSwNlKCjet0asN17FFYI20O3cEezoq3akQwAvw5qSj6L6xMTUI39Tw92Itsu6z40%2FWsmWYN8VHiJc9FglUldzMpN%2FMIOZ3gKN7HzWmp5YpFX3WuYejfpYyoCUwRsei6OFcMHHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 7724c3d1c94cbb3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 09 Dec 2022 18:53:55 GMT

GET
H2 200 demo_style.css
www.canal38.com.br/wp-content/themes/Newspaper/includes/demos/local_news/ 2 KB
945 B 24ms
23ms Stylesheet
text/css 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/themes/Newspaper/includes/demos/local_news/demo_style.css?ver=9.1
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7eec807019390dc577251781629f7d0749342de7db02ac614cc4d8b369ea8c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 02 Feb 2020 13:59:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 68800
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=At65EgWJ%2FYCF99coFRDAdL3mkXWnhuVFF9LyWAkvnQkkUDwYG6FtxaLDiB3lMsdg7haC%2FqKjFM9z9Bn1vowSZvYrrBtNA1Dly%2BV%2FJHIVwyj0A54zKAqAzTlYpmBc0bQFgyBsRoLxoOigMwE97vI9Ebw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 7724c3d1c950bb3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 09 Dec 2022 20:48:18 GMT

GET
H2 200 tdb_less_front.css
www.canal38.com.br/wp-content/plugins/td-cloud-library/assets/css/ 67 KB
9 KB 38ms
37ms Stylesheet
text/css 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=4dea8d5b26348370b86f315beb853d86
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e340849e60d5016f6d7e245bcfddf038def85064ad44101c7b6127980d8d13f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 02 Feb 2020 14:04:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 68800
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUn0OVCob3WHe5w%2BbKYg2ukDZjLbiwjqrCGpPiZRxCxnIF5UercAh3BPTvEF%2F%2BdjPREF%2BrkE2%2BgBPBd09U6qnZN698F%2Fd7%2F%2Fc%2FsOUOfgWrmyir4H3BGBFk36XggBEnM6Y5E7vLTsAdi5He4guADHz34%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 7724c3d1c951bb3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 09 Dec 2022 20:48:18 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/9.4.2/css/ 75 KB
13 KB 34ms
7ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.4.2/css/jetpack.css

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

50230a768774ba88bdeb31d5bf3cdcd95b90248334753ab4256aed572396d97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 05 Jan 2021 15:42:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:55:00 GMT

GET
H2 200 jquery.js Show response
c0.wp.com/c/5.5.11/wp-includes/js/jquery/ 95 KB
32 KB 34ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.5.11/wp-includes/js/jquery/jquery.js

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:55:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 49ms
23ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-43518252-2

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b16618ff65c8aa197c0284f3e3f5fbfe0ec1e02dfba065ad2ef328a9aa6b110e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43553
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Nov 2022 15:55:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 103ms
61ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6147224200920551

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

640943fea5a7cffa08a1b60b9870dcea5974c37ca20f8aed0d517e0eeaffbbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canal38.com.br/
Origin: https://www.canal38.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49153
x-xss-protection: 0
server: cafe
etag: 2650118117089068115
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Nov 2022 15:55:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.canal38.com.br/wp-includes/js/ 14 KB
5 KB 43ms
42ms Script
application/javascript 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 03:54:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 680624
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxD84zffB3PxR1dCJGFWjpmyrYZUSXdB6mfqpSkceEIhUaFCWrjEO3uAYKCChXjwI60QURr1tucXC7ONyMRZzl%2Fo1eNXWY2ZNWFLs%2BLrXjENJT1g3QByQYjOvJtMk3lHPsnTVQno228KnbiC5k1zx38%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7724c3d25c991603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Dec 2022 18:51:14 GMT

GET
H3 200 logo544x180-completo-300x99.png
www.canal38.com.br/wp-content/uploads/2020/11/ 30 KB
31 KB 21ms
20ms Image
image/png 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2020/11/logo544x180-completo-300x99.png
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab7105c1407459e866d69bbc951a035870959be85c36cbafac8cda944817e069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
cf-cache-status: HIT
last-modified: Thu, 05 Nov 2020 19:02:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 335127
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYrCOMfw3LfEhYu9FA%2Fl29J3tQNgzWesGIHpQEaKqB%2BfqBbnnmOCKC87Wwht15HGEkkf9r1nmRY8Vp%2B7LGpykTcbvj1bmfWiwipQ6nznaQkwmEZDdNosWS7eo%2FOdatNJ1jXXEKT2%2Bt8CycjCVmmJKxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1728000
cf-ray: 7724c3d25c9a1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 16 Dec 2022 18:49:30 GMT

GET
H3 200 LADRAO-FURTANDO-741x486.jpg
www.canal38.com.br/wp-content/uploads/2021/02/ 18 KB
19 KB 715ms
714ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2021/02/LADRAO-FURTANDO-741x486.jpg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 204e7bcc3e9416cfefc244c2068319d2e024e612912f4c8254dbebeef36370b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Mon, 22 Feb 2021 18:06:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWP3BLIsbXeotI3l311Qzoj9SM11w4mxOp8%2FXR0lnc9nvXfrITYfCZ%2BzknOgJxOc5X890HI5vtGgC4dOwVoZ2LCydUkcepTY2AW1lBKvBiY8LSjM2X5UgilHQJQUaccefAw786ALkp26ATD6pumVotU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d25c9c1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
H3 200 policia-324x160.jpeg
www.canal38.com.br/wp-content/uploads/2021/01/ 12 KB
13 KB 703ms
702ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2021/01/policia-324x160.jpeg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29d0c8fae7dd56bbe72f283a935fb7d96a6d015f80d57302dc8ae10c5ce364d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Sun, 17 Jan 2021 16:44:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9%2BEIzFQw8IJWI%2BSEaScDCBhmH7Toi91NLKqeSwqa8Khkk%2BT%2FzYFu%2FCw4MjCh5vtX25cuw9gI25%2Fc7hSuPeOZzCjD24yaH1%2BUxw73zBgRlW2YXrAQ0MovIDp7%2Ful%2FSwZxYd4YFB2epVu5ajM5hZ49pE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d25c9e1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
H3 200 barreiro-324x160.jpg
www.canal38.com.br/wp-content/uploads/2022/11/ 11 KB
12 KB 661ms
660ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2022/11/barreiro-324x160.jpg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a6adf3454bc69e8cd73c35db0619bfd21a9a9358ee6a17c64df42a970faf491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 13:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77td2GV4iAQ0Y4ME0TC8M7BLV86u5jj02fh1ntbVGzyGdmn9dAvB8OD%2F3o%2FCwgJyyMTBOTOwJLlPTJvT4ejjQqcw3CIx8%2Fj63MOzAB2bqQGbGzrnKEwd7LOzQb2SJv7EMD48%2Fu64O1PJ4a0e8xJLDYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d25ca11603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
H3 200 passe-livre-324x160.jpg
www.canal38.com.br/wp-content/uploads/2022/11/ 13 KB
13 KB 675ms
674ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2022/11/passe-livre-324x160.jpg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba89d518215c486f38847eeba5d8d8b51c046b686f96a42818b5998614408fb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 13:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7e835qogLWLrWs0Gw3eJfj6iP0v%2BLw7sX9aUFbT9OAlulJ8qz6G%2B8PbJIq%2BSnIZXiBNw1DbgJ6erSA4iXfEpY5fCashlvOaLc4ktURDdMCslw3fHEWGZOyxFPoavna4ELjYT99BV0xyJmySgzqdzB0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d25ca31603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 newspaper.woff
www.canal38.com.br/wp-content/themes/Newspaper/images/icons/ 22 KB
22 KB 48ms
48ms Font
application/x-font-woff 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?15
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/wp-content/themes/Newspaper/style.css?ver=9.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1

Request headers

Referer: https://www.canal38.com.br/wp-content/themes/Newspaper/style.css?ver=9.1
Origin: https://www.canal38.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
cf-cache-status: HIT
last-modified: Sun, 02 Feb 2020 13:59:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 336646
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLGrv8XCZerIW58x2CUpaRyGvMlqYdrkI5fo10acu9fvCAleKcukfUpNhR5rw7ngTkrjrjvzG%2FVbW9oaSumSrrVjsrUSUkTZUywHJQJlP1krmw8ju62Mn7GuNl%2F5B40b06e3uT%2BYGb0Q2wy3eVfczYs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
cache-control: max-age=1209600
cf-ray: 7724c3d25cba1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 10 Dec 2022 18:24:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 33ms
10ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.canal38.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 441607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 13:14:53 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 65ms
45ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.canal38.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 11:25:53 GMT
x-content-type-options: nosniff
age: 188947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 11:25:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 27ms
12ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.canal38.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 470731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 05:09:29 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 49ms
41ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.canal38.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:55:54 GMT
x-content-type-options: nosniff
age: 75546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17336
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 18:55:54 GMT

GET
H/1.1 200
OK F4IIqUVJy5A4yAbgGEJk0okQW7615t Show response
player.jmvstream.com/lvw/ Frame 9CAB 5 KB
6 KB 815ms
206ms Document
text/html 2804:7b88::32
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2804:7b88::32 , Brazil, ASN271437 (JMV Technology Eireli - EPP, BR),

Reverse DNS

Software

/ Express

Resource Hash

8e17b6f1d95195483b9516a73f773d5f9bb1ed2963ac63875b40e9841115ebfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.canal38.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-length: 5404
content-type: text/html; charset=utf-8
date: Wed, 30 Nov 2022 15:55:01 GMT
etag: W/"151c-gWXjd30UdpiBcS4HBMvE8ccbdT0"
keep-alive: timeout=5
strict-transport-security: max-age=15768000
x-powered-by: Express

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 281ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43518252-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 15:15:51 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2350
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 30 Nov 2022 17:15:51 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 LADRAO-FURTANDO-696x333.jpg
www.canal38.com.br/wp-content/uploads/2021/02/ 13 KB
14 KB 506ms
505ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2021/02/LADRAO-FURTANDO-696x333.jpg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8786ea1e9123653f32ef551be5d363d3f9eea8f822719b39290dd4aef61d5cfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Mon, 22 Feb 2021 18:06:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QIPAX4AWgKd4u6qCuLb7zNoGng0w4XSKwQi7TQPVZbDZaPXIS7tkP0lcJM4sy6buCl8TYniHulovSRoBFpJ%2FIVyxmCyawpESPIl3H9cmS%2FlsP%2BbGk31hNX%2FKbpqIRDyRD3r%2FUzXBErdhglEeH2FFsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d2ad751603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
H3 200 policia-696x333.jpeg
www.canal38.com.br/wp-content/uploads/2021/01/ 36 KB
36 KB 666ms
664ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2021/01/policia-696x333.jpeg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08db3c797223c98e57fd9e27492f1861d4718620702127ceb7dfb0427770e6ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Sun, 17 Jan 2021 16:44:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBdIvJP4y1r4jmH2oKeGluhhYCl%2BfSYpXZSGFZyy1Yg5fWGRw9Pw0Kqx0mW%2Bv7abTYDSPNOV3vIP%2F1liTyIptRh63VSdru64bxoTPWQxyjjlbqv15XsaP7ZEEeBTuAQF%2FbzW%2B%2BvqMbnMBbbO582cMr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d2ad7a1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
H3 200 barreiro-696x325.jpg
www.canal38.com.br/wp-content/uploads/2022/11/ 41 KB
42 KB 827ms
825ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2022/11/barreiro-696x325.jpg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d32cc61aad27cca5f1fbe591907ecc0fb9289c544ea2081bf0979117a8be78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 13:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXtIJdCybNNihJ96NYDw0%2BpsqhwO4Q3a1fEZ5Uw5po6RmVzhcJHsKNzVtwtXudDWI8uzDaUn9y8t6jcsXnOT1lsV3%2FbyyOddOLwwb77W1EnjIePGrwljkeqJC8%2FNqxbxdP4xqdgYF4aNGSvISC7Udlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d2ad7d1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
H3 200 passe-livre-696x333.jpg
www.canal38.com.br/wp-content/uploads/2022/11/ 43 KB
43 KB 841ms
840ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2022/11/passe-livre-696x333.jpg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3a9075316226a791ff516515a423ff22c22ddf62de611560cc140f282f07e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 13:16:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPhON42YbDLGNXMcjHYyQUI5sQzwORkuJTa5D1aBA7BR4GCJvORrB19P4624xpAEKaGRzf74JqS4kligqxBm2yHONVfSfsuZtuS0LrC%2F3%2F2Wmt48yBnXt27CstsjqEr%2BlM%2BDw5fRXGSrj%2BuSZq9AhW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d2ad7e1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
H3 200 DEN%C3%9ANCIA-696x333.jpg
www.canal38.com.br/wp-content/uploads/2020/08/ 19 KB
20 KB 693ms
692ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2020/08/DEN%C3%9ANCIA-696x333.jpg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8caa78d98352fae7610723f378a8df27f809ae3bb0cd90bd01077f12f6ab7aec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Aug 2020 16:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIzQ7E0O3GhnBtIbSWPspxF9iam6A5ruHCtwVVDQstZWLjnGVyt2rMtUDRbIzivea0xtw%2FfSuIQWAqeC6u2DR%2FlCQgILyfJjENPRUJBRDAsuV8CrIj7Gierxj99Qt3UjZh%2FFXwgbXgLwIO09Pw7E%2Fhw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d2ad7f1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
H3 200 POLICIA-696x333.jpeg
www.canal38.com.br/wp-content/uploads/2020/12/ 20 KB
21 KB 683ms
682ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2020/12/POLICIA-696x333.jpeg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6394803f6e9125068db5d2d1955ff27d34598a532b07d77963b777d54921657d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Sat, 19 Dec 2020 14:06:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91TYLrFIKr7NrxfHGWELOx%2BxLOzZm16m%2FrhDEQNBlKfWzcwwxlgcxdIBSf6awnR06z7OhYXt7mSuwt7Boy2vNnB%2FZKxcDaTJEneiJQTYrqhWEKXSrX1ROyeVBxQkBmtxALoYzGsbMyJEEeNZ6vM8CRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d2ad811603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
H3 200 Programa-de-transformacao-energetica-do-campo-alcanca-696x333.jpg
www.canal38.com.br/wp-content/uploads/2022/11/ 25 KB
25 KB 688ms
687ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2022/11/Programa-de-transformacao-energetica-do-campo-alcanca-696x333.jpg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f5b63cc69aa9074699a0caf59d8f1d3169e92391993c5d5216ee8e74d70a03f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 12:14:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akNr%2BVZTMsWLSxLW4n9f5mcHVR1C3LCyFg%2FNCEUz0OFqP0j81p79P0jFZYR93xYMS4iYPLpisziPKfAA0pfoo4fNBtNwkfDSCJGJGXlhF53DGIq5iX7rco1RURQbLTtEKA5g2Wz7zppnHc%2Fj1nF48Hk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d2ad841603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
H3 200 Camara-aprova-proposta-que-regulamenta-atividade-de-lobby-no-pais-696x416.jpg
www.canal38.com.br/wp-content/uploads/2022/11/ 66 KB
66 KB 707ms
706ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2022/11/Camara-aprova-proposta-que-regulamenta-atividade-de-lobby-no-pais-696x416.jpg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10c7864feb18c212a393b0f73c0633c448739f3056fbe73c2d0d5f122277cc86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 12:04:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oib29gz088xLKSi%2B9dYhSeH9Dxo7Zqh5es5NZzGTOTWD%2FrhMzrGdBV%2FHGPtb7CwqwjoYAF%2Fs5B5D0jiuwo1mAzSqe7rtHIx0GQhY%2FFrxJSUdnNs8nltGnEH3ofraZls%2FXSa0PEFs9mN%2BY6mhAmYPtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d2ad871603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 32ms
11ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.canal38.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 16:15:31 GMT
x-content-type-options: nosniff
age: 344369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Nov 2023 16:15:31 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.canal38.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 589475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 20:10:25 GMT

GET
H3 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 47 KB
47 KB 34ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.canal38.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:54:08 GMT
x-content-type-options: nosniff
age: 162052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 18:54:08 GMT

GET
H2 200 cbf7e3d5e16e688bfd8078f68b3cdd38 Show response
www.tempo.com/wid_loader/ 911 B
651 B 306ms
262ms Script
application/javascript 2606:4700::6811:140e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tempo.com/wid_loader/cbf7e3d5e16e688bfd8078f68b3cdd38

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:140e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf67d2ea5c3bdda991e5f72231b0e306fb840b078114e1b8e0db83cd5ec4ddb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 94731
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 29 Nov 2022 13:36:10 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7724c3d33cfe92c9-FRA
x-robots-tag: none
meteored-site: br
expires: Wed, 29 Nov 2023 13:36:10 GMT

GET
H3 200 LADRAO-FURTANDO-324x160.jpg
www.canal38.com.br/wp-content/uploads/2021/02/ 5 KB
6 KB 510ms
510ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2021/02/LADRAO-FURTANDO-324x160.jpg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfab5d1b12da3c4ef5a41e956e0f0f61c0f432f20856961b54e3dcd53c807d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Mon, 22 Feb 2021 18:06:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9anRyZM2QcI9MDiD%2FAh6l0IO8lfm9F0fB2ZUFvrIvQt7iKiCDK7a6VJweJCfBj35XVIaAHviSOsGIXvxiyWrNDcPUGWgSTLG61lkTp1yBnXDH01mW%2FCbXQNIYsZHGy%2FSQDEIpBCnymcmx5PWYBKu%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d2fe211603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
H3 200 email-decode.min.js Show response
www.canal38.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 16ms
16ms Script
application/javascript 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canal38.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Nov 2022 15:39:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6384d627-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cynJwWXn2gckorEfwJNTC7Xg7CJI7Nm%2BtGlWepvoNSP9lNvNuqDGrJnf3ASmWs9tWiLuj4HNhnyf%2Fyt7VtVFQPnERN%2FHwVtKO1tYbz81aaR0IWoJgWGAvGDglI8lCd%2FDi0iKTVX%2FNbormikoUnb1b08%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7724c3d30e3c1603-DUS
expires: Fri, 02 Dec 2022 15:55:00 GMT

GET
H2 200 30975594-0f7f-421a-0441-08da9008d2cb Show response
tags.premiumads.com.br/dfp/ 77 KB
25 KB 77ms
37ms Script
text/javascript 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/dfp/30975594-0f7f-421a-0441-08da9008d2cb

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f13e7dae56c3686664cbd070d6b8104f371d13fb539ce8ee5efe30dc7a66eada

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 28 Nov 2022 12:32:33 GMT
server: cloudflare
age: 184948
x-powered-by: ASP.NET
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aodE8ociBl3wVlYjTE3TbxakKWe9%2F9fYTKEAkaMGHpwiustuEjahWv6YPFtl2pvuuYK0jev0Tos1cKtY7mgXVoqB7Lzzr0jB%2Bx%2F1o6nAFcI0stL0303WQayX3lbLX4KpjjxvVQpZ1P5M0nwcsG0t%2FjqqOmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=3600
cf-ray: 7724c3d349d8995d-FRA

GET
H3 200 flexslider.css
www.canal38.com.br/wp-content/plugins/ml-slider/assets/sliders/flexslider/ 4 KB
2 KB 26ms
24ms Stylesheet
text/css 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.27.14
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 195182403b2e9d2a0779903fdd87cf7b9047f6a8253d9d12f12e991e2714ca36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 10:09:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 517761
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svwn2l5834XVxCyMfgRsr2Z%2FK3hdQa82FKxGhDS2UOqk2ecQlkSPbwi31o86%2B7uJfcNskjUFxPcJg00z8vH00qp0qXt2%2FE%2BxZq2CDF3xI59emw%2FF1gW3y8PXt0f%2FYqux8aRav1lxOXCZ8Uidrc%2F%2ForE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 7724c3d30e441603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 04 Dec 2022 16:05:37 GMT

GET
H3 200 public.css
www.canal38.com.br/wp-content/plugins/ml-slider/assets/metaslider/ 7 KB
2 KB 26ms
23ms Stylesheet
text/css 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.14
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e72713b875ca0ba2cbbdc49680cd0ff95976dbb3d1ebc0364bce851dbd5abba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 10:09:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 507818
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84bXYc0ELLNFRrG%2B3mnefYQQEknLxwYCxWSyNc3msdvYGwKt63jmSn3HsOZg%2FwtXn%2BkJl9jmTxnyeZNqRtkX%2BNkgkf6FcD4kL6ynTHLGTpPTZHDk69B%2BKQLphlo6sW6UlSopo02uqCXB10TLbkLNu24%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 7724c3d30e451603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 04 Dec 2022 18:51:20 GMT

GET
H3 200 style.min.css
www.canal38.com.br/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/ 10 KB
2 KB 27ms
24ms Stylesheet
text/css 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/style.min.css?ver=1.0.0
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04d16770eb23e8f494f5fa0b2e25997b799ec968e51083ec47bf2fdf58cf1b6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2022 10:56:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 603385
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tubtHuhBjTcS6%2BM5trapphI9ibfM8jyEf79%2BCPVsSRpSm37VrYkxcPz16eRjFiacLyKPxBOpc8HPcbSucV%2FMZchVlKChpnQhTYivvfSIcVPWSlj2%2F%2FFOxCNDh6sQQUvQGB3KIwG2VZ1AVchwkTaGueE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 7724c3d30e471603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 03 Dec 2022 16:18:33 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/5.5.11/wp-includes/js/dist/vendor/ 97 KB
32 KB 9ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.5.11/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 29 Jun 2020 11:50:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:55:00 GMT

GET
H3 200 index.js Show response
www.canal38.com.br/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 26ms
24ms Script
application/javascript 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 12:37:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 18104
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43b1Nzx7dPWr3mPgCfIV3ZXjDMKP1yTPtvR9Hy8p7hu7fd%2BePFU2Ek%2FEccYEgQOie9e3qUuI60%2Br6rwA9Rfnioe%2ByFCZfgOS8jcu04dl9lxcr4VILwedw2RUQr86v7N9Yd1%2FoZXkLmlSdE8WYyLwo3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7724c3d30e491603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 14 Dec 2022 10:53:14 GMT

GET
H3 200 tagdiv_theme.min.js Show response
www.canal38.com.br/wp-content/themes/Newspaper/js/ 204 KB
50 KB 38ms
36ms Script
application/javascript 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=9.1
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91efa265abcbceb1c30dac275e4aff1ec5c5f1373a1a15a79e14b5be0a95ac45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 02 Feb 2020 13:59:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 517760
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PG0AITlH5edaK4LvBbfjg5ueAdCPiYgRcyFvaPaGHB42QGN%2BL3DKbgE%2FscXac%2BX4hc%2FLRxw1Z5BfXVhwD8o9vJ53AaaDCp3YGw4R%2BVV31PwE0mN3qh2EfUiUA7WQDun%2F69ZUJ9dq7lk3z%2BJXmzgf9wU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7724c3d30e4a1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 08 Dec 2022 16:05:37 GMT

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.5.11/wp-includes/js/ 3 KB
1 KB 13ms
10ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.5.11/wp-includes/js/comment-reply.min.js

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 26 Mar 2021 17:49:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:55:00 GMT

GET
H3 200 intersectionobserver-polyfill.min.js Show response
www.canal38.com.br/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 8 KB
3 KB 23ms
21ms Script
application/javascript 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Jun 2021 15:54:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 507818
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFjA4l%2Fz8HS8xlHqTH1X0djiu3GTvyK6L%2FEu45upGcV5M1C1A2gJYXU8dhcfodm%2FJ9hAH5HNNC2xMzD98Kb5ABBXcESvRKgmW36AMHQLEQNnjVASobYdMTtl3OWangnfyWS0rvuV7qzfjchfNVe54n8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7724c3d30e4d1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 08 Dec 2022 18:51:20 GMT

GET
H3 200 lazy-images.min.js Show response
www.canal38.com.br/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 3 KB
2 KB 27ms
25ms Script
application/javascript 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Jun 2021 15:54:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 525259
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Thj5GobaJOBFjGcPUU9murE4Lmpt7Zb%2FX3Ovbe0haYoxANOSyowC0Io7KW%2B%2FzdF0EtxbWM%2BLnmo%2B4fmFSCiKPGmfR5qIZ4LSErPXm0MIBbtRfR6%2FD6YjcoNmycfi2qKDjfqv%2BhtGgJKzozoR%2F%2BJwN68%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7724c3d30e4e1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 08 Dec 2022 14:00:39 GMT

GET
H3 200 js_files_for_front.min.js Show response
www.canal38.com.br/wp-content/plugins/td-cloud-library/assets/js/ 352 B
689 B 27ms
25ms Script
application/javascript 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4dea8d5b26348370b86f315beb853d86
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bc393d7dcf6f307535674aa24952ddce473ae0cff7d8748fa0b000aad25736b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 02 Feb 2020 14:04:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 525259
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUaPuB5CQvPZoyWx88Yal8wNXQjKdZkbkA2lbeLK2WQN0xIkf9B%2FeEaA14WmNlX2nADdlsEdJcpJecQsro7gwRR9c%2BJDs6KQCzHJkf9XSLW3oBxJwNws5VtfktHBvgx63sy1RcxsyJQz%2BjW%2BjYRPD9M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7724c3d30e4f1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 08 Dec 2022 14:00:39 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.5.11/wp-includes/js/ 1 KB
719 B 13ms
11ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.5.11/wp-includes/js/wp-embed.min.js

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 05 Feb 2021 03:06:34 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:55:00 GMT

GET
H3 200 jquery.flexslider.min.js Show response
www.canal38.com.br/wp-content/plugins/ml-slider/assets/sliders/flexslider/ 23 KB
7 KB 32ms
31ms Script
application/javascript 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.27.14
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25ed4e3f92d17bc60fac51838b1b3650e17a07e289ac1c08b7e37abf03d76360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 10:09:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 517760
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9%2BYUAzfl5eShEfiYCrTZ7NCqcB6uPI4pzoBAinHJNydQyp5qX2ggpXBRFqC7ZraTOKx64bJIL3ElEnIP6iM%2BirMBYtlUZWwnol5T%2BREoHgJPMbq3q1Lx0vhADVVmcuEtNkqR7aOpXkPW1oo%2BFdSAWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7724c3d30e501603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 08 Dec 2022 16:05:38 GMT

GET
H3 200 script.js Show response
www.canal38.com.br/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/ 360 B
693 B 22ms
20ms Script
application/javascript 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canal38.com.br/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/script.js?ver=1.0.0
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e507c0aa5e7305097f7d623e8ca2a3051b6782965b37231145c62af60d3ab0b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 10:09:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 170804
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXPQb3P3Jt5lAnPBANbLcA%2BiJwV2k6SAhWbKRHYKa%2BR1eJVGLYoZ1mutjWyEke7ZQeyzEJ0YedF5Xsa1sBrVozC0KBaWcdHCBrPkH5nm59ZypyPBvf7UpoNLiaYfnE6PwbxIGp0LvL4Wo6dxm3AFyho%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7724c3d30e521603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Dec 2022 16:28:15 GMT

GET
H2 200 e-202248.js Show response
stats.wp.com/ 9 KB
3 KB 36ms
7ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202248.js
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn
date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
server: nginx
etag: W/"62f6b688-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 20 Nov 2023 00:47:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
116 KB 95ms
78ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6147224200920551&plah=www.canal38.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6147224200920551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee8734c823f01daa032be4e8f4c0d6fb4232fb53c492933fa8eed8d3d93beb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119174
x-xss-protection: 0
server: cafe
etag: 2969017002435790543
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 30 Nov 2022 15:55:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 7894 10 KB
5 KB 41ms
8ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6147224200920551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canal38.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 07:30:31 GMT
etag: 10353107486223812946
expires: Wed, 14 Dec 2022 07:30:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pbjs-min.js Show response
tags.premiumads.com.br/scripts/ 344 KB
101 KB 51ms
50ms Script
application/javascript 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220910

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/30975594-0f7f-421a-0441-08da9008d2cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d2b354c037b51c9300d20201cdbcfc135a296ae1832b559b387480dbc75668bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 20:12:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 239159
etag: W/"1d8fde5a2545b51"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8zsQgXSVFN2hUZf8seihH0fJDTAbnOkOvlHCHvuwuMkTaJ0uoBlAZHnrHeChNgMW19TCG2iZlcoDo%2BpnsSwKhxPLo%2B7xuK8PuvIgdorAsYs0%2F44sqGWCng88GIpDgD6DenEPvbxT%2B2zPvoCWnCLp7GuuAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7724c3d3db25995d-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 65ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/30975594-0f7f-421a-0441-08da9008d2cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e8e8c9964a446fba9a9473662b21fae9b3b9b54a391f5d637e5e7e6b426aa5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27287
x-xss-protection: 0
server: sffe
etag: "1407 / 949 of 1000 / last-modified: 1669810420"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 30 Nov 2022 15:55:01 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 16ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.4.2&blog=172359004&post=22190&tz=-3&srv=www.canal38.com.br&host=www.canal38.com.br&ref=&fcp=1169&rand=0.6266565251327663
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Nov 2022 15:55:01 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 arrow-left.png
www.canal38.com.br/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/images/ 1 KB
2 KB 97ms
97ms Image
image/png 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/images/arrow-left.png
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/style.min.css?ver=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57472f4859650850932c8632daeb6b20483affb63fd8e86f65ba7462347891fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/style.min.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 10:09:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 525257
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiXdFUfjYYMI5UCIgTm8RSp9R65bb0CgydlJy6wvUjd4hgsPHSSifED8PTkA%2BAqOZ8gNjzL9U6Ob7gb5djIXGVEnHyZDYqwoPmKCRY1hZwyW1HGyJ3vXteKKlXZ0BLb7c6WTGVous65BNA2gc%2Br03Wc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1728000
cf-ray: 7724c3d458f11603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 14 Dec 2022 14:00:42 GMT

GET
H3 200 arrow-right.png
www.canal38.com.br/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/images/ 1 KB
2 KB 21ms
21ms Image
image/png 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/images/arrow-right.png
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/style.min.css?ver=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e060d2552f40e99ad96957f7e4cc703a26fdc6f6846a79c61ec5a72a0a63fd00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/wp-content/plugins/ml-slider/themes/bubble/v1.0.0/style.min.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 10:09:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 427745
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CIsR9QrS6si31porU4BGRaXr2DzxZN%2Bl1CrzJkMZvfQ9Fruv18a%2F2U3Xz%2Bj%2Foe0IpGlZiNtg1k2EuvWeDKp585kz14CrFhn7Eu2Zsx9I7to4OVAKkZ9OSFx%2BijDW9rh03bm1vOPEjdPGKvUM%2FxV4SY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1728000
cf-ray: 7724c3d458f31603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 15 Dec 2022 17:05:53 GMT

GET
H3 200 PUB-FUNDACAO-MARIO-TAMIYA-700x500-1-324x232.png
www.canal38.com.br/wp-content/uploads/2020/04/ 37 KB
37 KB 20ms
20ms Image
image/png 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2020/04/PUB-FUNDACAO-MARIO-TAMIYA-700x500-1-324x232.png
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c94e10f1d7ff188c4ea96cab2cea0e03822319ea6d82c8bb739b6275cfe8281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Apr 2020 18:39:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16194
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2kFcfdRVhkQruv1JmdNyJBLcQ9GKqX3CcXy1NPW4EDRPek0ZcYtcaNsXnnhXtT5x5ApS1yFy1E%2BJB8CsdPtI%2Bym6lG40Wdqw%2BPV1o0yRG7dwj%2FjL0mB9kGd58w5NxnZqANdLw7GBpz9F3PTSn%2BElik%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1728000
cf-ray: 7724c3d459031603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 11:25:06 GMT

GET
H3 200 8a928c26-9aa3-47ec-adf1-6f66f0bec29a-324x232.jpg
www.canal38.com.br/wp-content/uploads/2020/06/ 19 KB
19 KB 19ms
18ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2020/06/8a928c26-9aa3-47ec-adf1-6f66f0bec29a-324x232.jpg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c57bec7e62f61b8d4dec6ec35de95ecb53c07586e58d46eaff6364959858b33b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: HIT
last-modified: Thu, 25 Jun 2020 15:20:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 527428
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voC4UFHQcDf4VUe3eAYAwurdQCR7Dv%2FGR07dMSnawvk%2BLfohPpdbHjrSe8uC7tpSMQZ406M7uo8LenmodZ11%2BcCvf9MLHqa%2BxXFTdDYEUspvOn8D5Z5CBV2nZ0pnG48UPqLDnO8N1tFPhM%2B9B%2FpgKFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d459051603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 14 Dec 2022 13:24:30 GMT

GET
H3 200 PHOTO-2021-04-28-09-39-21-324x232.jpg
www.canal38.com.br/wp-content/uploads/2021/04/ 17 KB
18 KB 124ms
123ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2021/04/PHOTO-2021-04-28-09-39-21-324x232.jpg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f957f6214b1ffb261ed5523a50459a0838f2786fbd462248c4b487c0e8884c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Apr 2021 13:16:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8937
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBiokJAE9WQ%2FJJcwiKLdsEokwP4ldLUPPJWmFKCgEZi2kRGUsQnYfAKX1bnaie%2B%2F515a7SBPKdCd9HZtwtCXKJoRHc%2Bms2R7snRashFCfHG9h0Na8NfEy%2FK6hvRrsfVxVZJRpG0EqTiwpBybR7ixzcs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d459061603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 13:26:03 GMT

GET
H3 200 BANNER-SITE-324x232-1-324x232.png
www.canal38.com.br/wp-content/uploads/2021/07/ 128 KB
128 KB 29ms
28ms Image
image/png 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2021/07/BANNER-SITE-324x232-1-324x232.png
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f74039f2019a94d723a2389541c2ecb5e7250d62be6cee860418f1586957c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 17:24:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 169880
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BwKtpBRoAkNHbYmu4lfkO1bTsri5knAyY%2BsHUs9XEL88XkXonOLyuyIrqI%2Bu7vwkRFISCPYUSus5pcAwdzOWEoI0yf07tW5mMIoVWgzr44l8A2OJ64c5DR5I4FMD4FFov0V5mn6SGYuUYaTovFNFXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1728000
cf-ray: 7724c3d459081603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 16:43:40 GMT

GET
H3 200 WhatsApp-Image-2021-07-28-at-13.28.09-1-324x232.jpeg
www.canal38.com.br/wp-content/uploads/2021/07/ 13 KB
13 KB 82ms
81ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2021/07/WhatsApp-Image-2021-07-28-at-13.28.09-1-324x232.jpeg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 370be3b03fe9bc22dde80ce5957acb91bb7c905ed512b68162f081bb7768094e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 17:24:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 276856
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0%2FaDDlmJGqcoNHFcBtBLRudAsJw0sVhOf93Z62NT1d1poEazih6ypKojXQwu0ug0YWBEUclaVZGQ0gc89%2FmOAxypV6VIxlFUcnunmT08MYI1%2Fe7Kiy5teIc931F9IZaUeXkvXhiCPfivuvE%2FxWiqDw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d459091603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 17 Dec 2022 11:00:41 GMT

GET
H3 200 WhatsApp-Image-2021-11-30-at-16.47.01-324x232.jpeg
www.canal38.com.br/wp-content/uploads/2021/12/ 16 KB
16 KB 700ms
699ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2021/12/WhatsApp-Image-2021-11-30-at-16.47.01-324x232.jpeg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ec711077b87d1d69672ce9caf8f7a3bbdd23199e89f7bc7bb58f049a3aa1863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Dec 2021 20:15:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxSV%2F4haVNMFHMECK5d2BOKprqWjdPOF1h%2F19F2QcSDPWHEla8WeCEnD6cN0aKToh%2BawBsUK0oscrZUXRf%2Bv%2FZFulMm%2FgT10jOjlIAJD%2BoVyJDsqcgfuTGQndu90alV2I6B2v8QgcT367YlU8G1K8O4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d4590a1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 15:54:59 GMT

GET
H3 200 PHOTO-2022-04-13-14-54-25-700x500.jpg
www.canal38.com.br/wp-content/uploads/2022/04/ 55 KB
55 KB 94ms
93ms Image
image/jpeg 2606:4700:3034::6815:4e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canal38.com.br/wp-content/uploads/2022/04/PHOTO-2022-04-13-14-54-25-700x500.jpg
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5a93404b056db91a5ea10c9a2a47a2b53ce38c379793fba407ee2d39a3f6baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Apr 2022 15:56:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 854958
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDmuIUNW0m48z1lfdE5Xt4vaccSBifXaX0%2B%2BJ6Pbt%2FT%2F1vZ6YWYRP%2BxHBvyAmvKRybAtV5ythTs0VFAy8RYsyAYt8GiIa1TNF3lkc4iqzwaFR9mUH1lRIcfVESM6g%2FaDsxyBvsbvKUJS%2FZLsWsMjyoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1728000
cf-ray: 7724c3d4590c1603-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 10 Dec 2022 18:25:40 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
700 B 43ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.canal38.com.br&callback=_gfp_s_&client=ca-pub-6147224200920551&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6147224200920551&plah=www.canal38.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df626a8cad12fd5ea643b53e149a5287a607edb016e52f0ea204d96acaa7fd0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 77ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.canal38.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 48ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.canal38.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DDD4 603 B
68 B 61ms
45ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6147224200920551&output=html&adk=1812271804&adf=3025194257&lmt=1669823361&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.canal38.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669823700989&bpp=2&bdt=231&idt=193&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8471406723690&frm=20&pv=2&ga_vid=1476658255.1669823701&ga_sid=1669823701&ga_hid=214515791&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44770881%2C21065724&oid=2&pvsid=2417336009619435&tmod=1953963323&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=208

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canal38.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 15:55:01 GMT
expires: Wed, 30 Nov 2022 15:55:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 986
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Nov 2023 15:38:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 122 B
107 B 62ms
45ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.canal38.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfb454ff2c2abcb058d347520d6ab4c79a64ea664d212af95052269976dc284a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Wed, 30 Nov 2022 15:55:01 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 35ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=214515791&t=pageview&_s=1&dl=https%3A%2F%2Fwww.canal38.com.br%2F&ul=en-us&de=UTF-8&dt=HOME%20-%2038%20NEWS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACUABBAAAACAAI~&jid=132714427&gjid=1005353595&cid=1476658255.1669823701&tid=UA-43518252-2&_gid=20526381.1669823701&_r=1&gtm=2oubs0&did=dZTNiMT&gdid=dZTNiMT&z=1347443556

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canal38.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.canal38.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
765 B 54ms
24ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220910
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Nov 2022 15:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 602630
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wc30OUdcVRO3mo6iiX9JSUOMJBPJbZrxlF0SXzxjS5rMn0ctPqdhJvXipCaedNFfwIhNwjoesD7qmtfVqf1%2F%2FTMu9zkEZtL6%2FSpLyInPxvqcFRZoyhpjHrtVq7QV9KcZMUAu0muGoLOLbbQl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7724c3d53d369177-FRA

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
365 B 84ms
55ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220910

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.canal38.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.canal38.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 pb Show response
ad.360yield.com/ 0
171 B 113ms
32ms XHR
text/plain 52.210.233.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220910
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.233.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-233-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.canal38.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.canal38.com.br
date: Wed, 30 Nov 2022 15:55:01 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 157ms
18ms XHR
application/json 81.17.55.112
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220910
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.canal38.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:00 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.canal38.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 137 B
825 B 56ms
16ms XHR
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220910

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

32fb476f6c1d6a146b79f15879e3b51fc9e62852e6e247ada33afd5cdb526268

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.canal38.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 15:55:01 GMT
AN-X-Request-Uuid: 19fe7379-ac8e-4b45-9234-c4117690e05b
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.canal38.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cbf7e3d5e16e688bfd8078f68b3cdd38 Show response
www.tempo.com/getwid/ Frame 0B61 8 KB
2 KB 57ms
45ms Document
text/html 2606:4700::6811:140e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tempo.com/getwid/cbf7e3d5e16e688bfd8078f68b3cdd38

Requested by

Host: www.tempo.com
URL: https://www.tempo.com/wid_loader/cbf7e3d5e16e688bfd8078f68b3cdd38

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:140e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0160d58ed795599819556a1535c946e67f07fd4340c4f809832eb074aa70268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canal38.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18884
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=39819
cf-cache-status: HIT
cf-ray: 7724c3d54bc2bbc2-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 30 Nov 2022 15:55:01 GMT
expires: Wed, 30 Nov 2022 21:43:56 GMT
last-modified: Wed, 30 Nov 2022 10:40:17 GMT
meteored-site: br
server: cloudflare
vary: Accept-Encoding, User-Agent
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 adagio.js Show response
script.4dex.io/ 74 KB
23 KB 50ms
32ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Nov 2022 15:43:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 237651
etag: W/"c56b6332dacf72f135afcd153ae22448"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vquRCs6SbhZZuDpfLUF81POmO6zeWuuTgOVJv7APmsxQpxBLfhOwhYsHim7sCVJ3641p7MU4DKoQn%2F80udOtOTwM7BtBKBLtxG1M8xvRgET%2BlCwZIz6CsXeq2y1qon6iBdbDiNxN02IE9V%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=1800
cf-ray: 7724c3d57d355c6e-FRA

GET
H3 200 big-12.png
www.tempo.com/css/images/widget/g9/new/ Frame 0B61 6 KB
6 KB 131ms
130ms Image
image/png 2606:4700::6811:140e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tempo.com/css/images/widget/g9/new/big-12.png
Requested by: Host: www.tempo.com
URL: https://www.tempo.com/getwid/cbf7e3d5e16e688bfd8078f68b3cdd38
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:140e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09b06d43122e9fadd36f2565ba1c881a9ca2b12c1298dc4c9c58f064350edfbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tempo.com/getwid/cbf7e3d5e16e688bfd8078f68b3cdd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Tue, 29 Nov 2022 12:56:00 GMT
server: cloudflare
etag: "63860160-17dd"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7724c3d59c73bbc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6109
expires: Thu, 30 Nov 2023 15:55:01 GMT

GET
H3 200 wind-43.png
www.tempo.com/css/images/widget/wind/ Frame 0B61 160 B
465 B 37ms
37ms Image
image/webp 2606:4700::6811:140e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tempo.com/css/images/widget/wind/wind-43.png
Requested by: Host: www.tempo.com
URL: https://www.tempo.com/getwid/cbf7e3d5e16e688bfd8078f68b3cdd38
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:140e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef699c844c7e7e12d792ea2ce763069a37c7ac79f3eecfcd3efd1d82bccaae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tempo.com/getwid/cbf7e3d5e16e688bfd8078f68b3cdd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: HIT
age: 35858
cf-polished: origFmt=png, origSize=208
content-disposition: inline; filename="wind-43.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 160
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Nov 2022 12:56:00 GMT
server: cloudflare
etag: "63860160-d0"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7724c3d59c74bbc2-FRA
expires: Thu, 30 Nov 2023 05:57:23 GMT

GET
H3 200 big-11.png
www.tempo.com/css/images/widget/g9/new/ Frame 0B61 6 KB
7 KB 100ms
100ms Image
image/png 2606:4700::6811:140e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tempo.com/css/images/widget/g9/new/big-11.png
Requested by: Host: www.tempo.com
URL: https://www.tempo.com/getwid/cbf7e3d5e16e688bfd8078f68b3cdd38
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:140e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a6deca46b54264e689842c9272519fbcd434e1ff7bce59f0c87f8495a3c0ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tempo.com/getwid/cbf7e3d5e16e688bfd8078f68b3cdd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: MISS
last-modified: Tue, 29 Nov 2022 12:56:00 GMT
server: cloudflare
etag: "63860160-196e"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7724c3d5ac7cbbc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6510
expires: Thu, 30 Nov 2023 15:55:01 GMT

GET
H3 200 wind-42.png
www.tempo.com/css/images/widget/wind/ Frame 0B61 222 B
526 B 33ms
33ms Image
image/webp 2606:4700::6811:140e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tempo.com/css/images/widget/wind/wind-42.png
Requested by: Host: www.tempo.com
URL: https://www.tempo.com/getwid/cbf7e3d5e16e688bfd8078f68b3cdd38
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:140e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c9701052a144782f173a0cde5c86d0ac11c46def30a7bbf045a65b12bd84411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tempo.com/getwid/cbf7e3d5e16e688bfd8078f68b3cdd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
cf-cache-status: HIT
age: 95838
cf-polished: origFmt=png, origSize=275
content-disposition: inline; filename="wind-42.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 222
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Nov 2022 12:56:00 GMT
server: cloudflare
etag: "63860160-113"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7724c3d5ac7dbbc2-FRA
expires: Wed, 29 Nov 2023 13:17:43 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
19ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.canal38.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
19ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.canal38.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
11 KB 407ms
406ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2417336009619435&correlator=1449463785477656&eid=31071058%2C31069102%2C21065724&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=75894840%3A22836939087%2CCANAL_38_HEADERSTICKY&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C1000x90&ifi=2&adks=3472889030&didk=3522485265&sfv=1-0-40&fsbs=1&prev_scp=data_type%3Danchor%26pp_sticky%3Dbottom%26pp_loop%3D00%26pp_pb%3D0.30&cust_params=url%3Dcanal38.com.br%26categoria%3Dhome&sc=1&cookie=ID%3D0389f8b07d139c1f-2257200101d800cb%3AT%3D1669823701%3ART%3D1669823701%3AS%3DALNI_MYLCj7JsK4spyGYmt43Z8wY1vABEA&gpic=UID%3D00000b8ae525cdd9%3AT%3D1669823701%3ART%3D1669823701%3AS%3DALNI_MZSPocPT8j7CPSXx0kLKZt8LjMt7Q&abxe=1&dt=1669823701473&lmt=1669823361&dlt=1669823700758&idt=509&adxs=315&adys=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.canal38.com.br%2F&frm=20&vis=1&psz=1000x-1&msz=1000x-1&fws=512&ohw=0&ga_vid=1476658255.1669823701&ga_sid=1669823701&ga_hid=214515791&ga_fc=true&cbidsp=Cn8IARIMCgZvbmV0YWcQYCACEhQKDmltcHJvdmVkaWdpdGFsEHkgAhIUCg1zbWFydGFkc2VydmVyEKABIAISDgoIYXBwbmV4dXMQPCACGAIiJDg4N2EyYTZlLTczYTUtNDM5Zi04YTU3LTA1MzQ0ZTQ0YTc5OCoECAMgAEoAQMQT

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10559c3d3d1b1385472ba54a86d75a85ad11f3f196c7347f800c87671634f002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10893
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.canal38.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F6A0 6 KB
3 KB 105ms
20ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canal38.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 15:55:01 GMT
expires: Thu, 30 Nov 2023 15:55:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9CAB 142 KB
48 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: player.jmvstream.com
URL: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b918c5934e4534a863a7236d1127b0c4b8216ae1b6cc5ce30356d55f97c4779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.jmvstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48925
x-xss-protection: 0
server: cafe
etag: 1960132045269042900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Nov 2022 15:55:01 GMT

GET
H/1.1 200
OK main.5429b755.chunk.css
player.jmvstream.com/static/css/ Frame 9CAB 33 KB
33 KB 200ms
199ms Stylesheet
text/css 2804:7b88::32
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://player.jmvstream.com/static/css/main.5429b755.chunk.css

Requested by

Host: player.jmvstream.com
URL: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2804:7b88::32 , Brazil, ASN271437 (JMV Technology Eireli - EPP, BR),

Reverse DNS

Software

/ Express

Resource Hash

8196d4c8e2dd49cd55135df4efe88196fbd67ef49df3954d338708feaf6ea140

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
strict-transport-security: max-age=15768000
last-modified: Tue, 29 Nov 2022 15:20:00 GMT
x-powered-by: Express
etag: W/"8234-184c3f936e7"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
keep-alive: timeout=5
content-length: 33332

GET
H/1.1 200
OK 2.f4fafcee.chunk.js Show response
player.jmvstream.com/static/js/ Frame 9CAB 706 KB
706 KB 795ms
401ms Script
application/javascript 2804:7b88::32
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://player.jmvstream.com/static/js/2.f4fafcee.chunk.js

Requested by

Host: player.jmvstream.com
URL: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2804:7b88::32 , Brazil, ASN271437 (JMV Technology Eireli - EPP, BR),

Reverse DNS

Software

/ Express

Resource Hash

ca9c10dc51355b0d2bff65393a793029c5c1308a2e6270b6c20a50cfca81f720

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:02 GMT
strict-transport-security: max-age=15768000
last-modified: Tue, 29 Nov 2022 15:20:00 GMT
x-powered-by: Express
etag: W/"b069e-184c3f936ea"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
keep-alive: timeout=5
content-length: 722590

GET
H/1.1 200
OK main.4ce3ab43.chunk.js Show response
player.jmvstream.com/static/js/ Frame 9CAB 202 KB
202 KB 794ms
400ms Script
application/javascript 2804:7b88::32
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://player.jmvstream.com/static/js/main.4ce3ab43.chunk.js

Requested by

Host: player.jmvstream.com
URL: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2804:7b88::32 , Brazil, ASN271437 (JMV Technology Eireli - EPP, BR),

Reverse DNS

Software

/ Express

Resource Hash

69e91d39f798070ae61597025b1a84236accd5a1a2affac6746becffac685b09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:02 GMT
strict-transport-security: max-age=15768000
last-modified: Tue, 29 Nov 2022 15:20:00 GMT
x-powered-by: Express
etag: W/"3260c-184c3f936ee"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
keep-alive: timeout=5
content-length: 206348

GET
H3 200 container.html Show response
7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E6A 6 KB
3 KB 26ms
9ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canal38.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 15:55:01 GMT
expires: Thu, 30 Nov 2023 15:55:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 434D 624 B
242 B 49ms
48ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjOgrDaATAB&v=APEucNWSDIW5oROk2PQRL5YQqvFx6rSakLirefkv0F8L7MEg-t3OkemYTR0Y15Jz_6Pir4uoInNBUqHg4KUQUDjOpfeHEPBNzNFogcD4oepIR41HSnoEZgs_8h40QkgKCdOHVxyKRO4c7WYsIPRH9dV6Dw8agb9M67cTNjSsiDqQc2V2XDDBWDU

Requested by

Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 15:55:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8E6A 28 KB
17 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkNQGa4V9W6dIEEQMtOfHylNe6ANbo4N712GSD0rKHu5STnalyJtnWiXj8VTFtJH1xicRbJEQvX5Cek1YvacYoj0SBvNDoXIaGLxiMJq5D4rNvdn4dFa_N_wKLJzThgTA9Jj-gUnsTMSZE-QJ9KpXIbXxRIhOWZj88rj33F7n3_NTFpJQ&cry=1&dbm_d=AKAmf-BHmQBmA3Ruon_TfjwIvJjshlLNQCsRVigDQ5xlDo_Rz9hTK0w8nYoXRELO6NmR3NhjXlEw0bulp22CO-5HnMocO8wuh5HHC3GNrpoxBpQyHXtP-6j-milmcpTS2BA3750pwbxOkUUdJJjLuLX2azsAIU0J4FNEZ8XDgaY3trdSLDxenRFZsVqyi9l3mHHd3Xbp2qbznpO5o-xIKg3g3qRfQJS2y0YTQLpQZmqFGyOqPcK7zLih5ffP9v3ftQ95w7R86NGLfpgdSIm-jvJ9FnRJpukTG6EVOlH7v0US1P26g0qmo4yiWj5rq9Mfj3Qq7pYbNQJ4PcSyhfHHvAD1wyTt-SaVgHxiSoIA7YcWT0oTDsyNa-4j7fhbMy5yzyZVHH40bJHXSEwV_O_TWh3WFUggMR5NQIY3h-JlDmeK0mPmJE_xLgDCuRuEY9nqRugy55usHILhY4lrrUtuTGSz8Ew5JDIUWElH49W7Z56baRG5yk9eCHX-u6zn_Dk8ENWnwYtD9dLQBjJ-dySWigQ_MEeUmF11va2MRFz_KnqhchjCfTDgYctLbt4FabCtyWuN1t9UGIbhPhvgJzc5lrnKgDlR1dZ2oXw6bXP7Eud_3sWy4DJYohLe_hMYajUOxgmdppjMbACaGRKMYFCuBuO6MGGplDFgHcctZkxtlj3DUxuPqAlt4gYwmyc_C9cJoI7xEIcufgG4HffZGdZj-GQPE4NAL4CYvjRYieJzkc7vOO0htTBzWfWjgFOEBUMddi3qRPa4k3hAjDocl_K5DVz9RMARTkBl0wN1YqXXlTopfp7W8ZPcJGGVaHhvjkrjlKc5ZrafAC-wE5OoaVhphUajAd01Y33jRmAiHl6k0mJVs8g9QXgSlmQZHzYFMW3Dm94sa-3fOYVuRgM7I4wOAW4rNi6ky48TPKAh41yRo4NlsxnT-ukN-QRwgUY7YutYd5KfDsrip5gB0V0lRrYQYc3oVC2X6urnLXrddW8L-IzCCilYo1G149bWAxMdAzyY7DQIybKuCOczz9BbzK-GfRWmATRu14piKnaSvyMZMQy5c2rDwHYaFbS8P4BoMe4__GAyAQ4U5GWYeeurO2pedb_I6Wv0LpmY9ou-n12cNoH8ktSstRwTTzk3hwZkb9q9Cge-51NdEv6IfHZoZCNtZTwJngwBqFut8TNEbuW_pBhwILMsYPywXVxrH1_IuqSmDT82KxmBbR4KTrsvyVrB-mPIhGEfmn1dBQuImPXXyIfwx78QaafHl2o6wZ9ZbnDA8rFK9cbIMUdBypf0a-dpKaodHVVWSPZPEZ3JyZBJolyywvucWW1SRICxF-tC_5JKkqZFgvIdQxUdaAhSOdvjFiRYkLGUbfGrtp-hKN-jj5r-lJaiKjyehRzzLZh2X824zB2uoIfVK51ujDuANGmLffJPIrwbd30vqUJ-zmapL61GDN-6k9kYSUiFwOUDeTVw9vzBEv5tuXc6w_x_2_xYrsB2eWinW8I0Xf0ftqJlXkVSNjH4HCiREUT4uPmZOxNJRtyB2S9sRdX0OT47V0WJIsNJ5yCj5lHRoeDnX2a3kFXwH4DPhslMVDYBCivccB-CndhxfoFsoHUc-K9O3QWZC_4eGlJdbbDwcy6wxdALZc5vVQ7OWEim8LjxdRmaQQmxfYNpPHxI-gZrMbRbvhlkUOSXaT1kNjDUHL7esVUx6CS8O8jrrj4Gif-r5DlrKt2to-7Vl4YZ7r6iNN-X42TSx87M3m24nbXfqly4mLXUrS3DGW9Mqa8deVOp5T-hOf9JGQZJHZUBDhxczNO4rqu51LHND7yiEBi8R4BZ0mGzmI2rxQoqOwnIh99UH762vdnOBkHg8KxKZImqRGzXpSHzvbPkICmv5B2qKbiRju0aIozTWPu6vNM_qJn7T05YPnyyo4d-7YcVQk2Jpv3yE98ga0Bx3l3nE7nluWhrE9Iv99SueUlRdrJW8lZ9cAk7LMqdr2LurfzgfAKU2d8mTf0Wg7tmWX9GnxC_bxeuzST2-TGIx8-JFH0e9n5Lj2Ty0TEFH3_znzRkNKPnPLtNd2UPp48jFUKyvhRaM8s24ydtDCCTQ86inCxZ1AaocQZln8AW7qQS_ffAYkzUQQchL6hnXUzsTEcxSrApxvIuJKKBLu6qza3jK1G_xJ5Ohhwb9y7Qh7f40HEgOW1diby5uxzuhfYvhXUElYp7aKVn-XBcQ4Y2DWCkAdC3YGdaxJf7VJykfw1D4RERO7Az8dXTxrPV_5I8qtf8d2kSRgKgF9V39kjOK21oGZos-J9Gl6A5AO4nyq59-97UZ7lrIKv5J7KupUvZdW9nixJaeimhh6mQKiXbTgCmNuzFrO2ZVt_5asWLW3UG2hdvA9-fQ326OM1eKEOlJzS9frHvtsftfy4hMInuVMRef_uUjtsZ_yrpR1lPyXyFjjuH6HBFQ4ePeTG_VtCcpSX6_5IHBUHpLbT9QElFoxOhJ-0qnqRD27ximd1yphRtC9G1_d9tYFWB8VG06dK46LpaeBVKrwodiwo4Wg771UGLnCZuFBz1ZR18Q6PddMMCz8dfZv5AHARat70t8pFF5Sdbu_hUdfCJwgz4xs4zVB3ZP4BP5naMbjaBlYUIl924ZyhGlXNYGJNx-tddcrr1CmXsOnGyLnARWy9krDfJI1Q89ag8fZqvjoumyj59sWb4GlynKJzjFnP0XkA59S0S3waCMw-DQCrYHPsQLfQq3UDulv_JswHilFs579vrojPna_63AzTdD1WQmvMw0PgmHCDBXnDipC8OQ0Y7BqgSW2nCL1M2GsNv2h0b5E69MtLziMrnSrjTHRQQjdI-V3rdbPeTmhgKlITlP5excPXol2cNjbag5rst3iQKBNdIZYE8U-2htsbDHNUcn0Z8VyOTrRLPAMBZNNTEXQFcVFU578lzWC0S3ue9Mk1kcG5RGzk2VOt17kjNDK5d_BBO0I5KUTgRrU_GFohUNpKhWZGcWEktcZrR8YXY6HBndoplBjydNGIenx6KB-Q7mzTY8tQVSYIIkwNx2PsaWiTwzh41p60ssxbvLjhqdKA0MxFy96_cYS31nBdnZoqWl_3v-7PEvJ14q9g05kofSZHyWOGCLSpwkPK5TndekHDYFZIYV7gC7_wkzmi2AdLqlT0wcebW2xtLtn80fw63fEmHltoeaYCVxMlYHhHmmx_m5LYcojWfKoloQaBmoPU8GkAnlM8HAOIjpiSvzbYVGBthLaEMKhEY2FIGwCRDuvvM0CpMTzz1MwKzypn72jvFL5sfsNhJWBI6lUyXEgRt2Iv2q_jgF5NysJolYXE-8xmKXF-wcJDEPZMi4ROApScy57QbdxVIRszijuSPGPg8mqM5vTuVggUQROY3I0dzooLtn9wsU9EoZKDcW-iwegS1d-PQfJ7aZLv8GHjMwzMFGQtMKDSleIBlOAJEBJhvvZNA0XVSKKB6fYBzj9JW3h7z22ered68TlpSjvPs9EsbwrImsn0-f22HZi4nqp3LZUq1Caco92hfMVAQ-AEQYxR9915mJ7HjduOx5zovqOvSSaa3J8iFPvBb2_1h4YwJceP84Bc7EAaMiPFo3U2V8ybiH0NkJ-gTBJA5cNny5U6GG8NLo6FsHayLlVTMwjwRQ_6_wEiKPqTEWl7hGRJjiG47QmTyH0XO-f9XlhAT_A&cid=CAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD-1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.canal38.com.br%252F%240

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fc5b567358f8995d74be1f98eb58b321155f7a78c99f16c56800f0c77f7c409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E6A 42 B
63 B 45ms
43ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DKciPCOmelLMmxuNFjqcUVcQBdlQTMvZHwwvmkpJ0yAj6xZyAZoeiX1UqbfA1VTD4j9bEhCvriX_RGcELxUcdjW91Uw2_lcZixrgjb1WxOKaY9Cuw

Requested by

Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 8E6A 32 KB
8 KB 72ms
18ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:01 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad1.adfarm1.adition.com/ Frame 8E6A 3 KB
2 KB 86ms
21ms Script
application/x-javascript 217.79.188.2
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad1.adfarm1.adition.com/js?wp_id=4745915&gdpr=&gdpr_consent=&kid=5585645&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7_UP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba_BFGLHogvOjTomCZRpika8OGOukB2xp_mUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm-0wCTnB5fVgLDvqgLXc-ffNzZZoZ_bvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm_xcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY_T6UARqxaZRPuMy6iSWVlojfQATJzjE-iUcJprTRPfSqGorOMtP-8FmEpXAruF0aDBm2PWFkWF0vmneYp_ynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB_Tz7d8CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD-1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64_1dt1E_-AuI0_lFUUBsDwZM2oJteQ%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-BtLoiro7EXIj6SluzlMCFhsHbZgHXZR9-_ZIxkjzRLp6DgXP2i2A_oGMp41ggQMFyigfT4L9Sb5KR2NOeS8_FadmzLm5iiCNjxqvP57nrZjOGM5H3-W3y6XLkuiit14IgLemHtBqTST7Ue-ncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm_d%3DAKAmf-DBnqvfTxq70rvYECc6wCtxte-1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy-IPT_uEJoF9aP40vt3nBuy8t2Q-NYXRl2Vk_lMS9PrFTHxuyjW0851WEpwz9CHs84XX-aDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe_ZHqZvcRBuGoCmyMclDczMm-cavISU0GOHT1_QVSrXXd0b8HnzDb_s3TtLCPuNLx-Pf-x7wddVo7uj-7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo_QlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi_SmVUQ6YeaciHLjS_wAYgQf-Vb_bl5OirhSi6Z_KvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi_67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj-4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3D
Requested by: Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad1.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 5afd6e4685f802270aea529267954ea6f991932bcc878b7efb0e97980c4371ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Wed, 30 Nov 2022 16:55:02 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8E6A 3 KB
1 KB 47ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:28:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 15:28:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8E6A 18 KB
8 KB 46ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 12:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 12:22:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8E6A 0
0 41ms
15ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFpuVbbsu7zcg2-5H4HQxQc4179Oe7XAOymh3_7jLck2-s_VgHXStaM0hky0GLKkKESuTOJaSz0tJLqiqYIAbDNC2Z3w
Requested by: Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E6A 154 KB
48 KB 78ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 15:55:02 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 434D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhqjxlF-xVaKcPbQ9cqBi4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhqjxlF-xVaKcPbQ9cqBi4&google_cver=1&C=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhqjxlF-xVaKcPbQ9cqBi4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjOgrDaATAB&v=APEucNWSDIW5oROk2PQRL5YQqvFx6rSakLirefkv0F8L7MEg-t3OkemYTR0Y15Jz_6Pir4uoInNBUqHg4KUQUDjOpfeHEPBNzNFogcD4oepIR41HSnoEZgs_8h40QkgKCdOHVxyKRO4c7WYsIPRH9dV6Dw8agb9M67cTNjSsiDqQc2V2XDDBWDU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 15:55:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 15:55:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEGhqjxlF-xVaKcPbQ9cqBi4&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 434D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4d81kBrZdmwBn9DvUuzHwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhqjxlF-xVaKcPbQ9cqBi4&google_cver=1

43 B
894 B

10ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhqjxlF-xVaKcPbQ9cqBi4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjOgrDaATAB&v=APEucNWSDIW5oROk2PQRL5YQqvFx6rSakLirefkv0F8L7MEg-t3OkemYTR0Y15Jz_6Pir4uoInNBUqHg4KUQUDjOpfeHEPBNzNFogcD4oepIR41HSnoEZgs_8h40QkgKCdOHVxyKRO4c7WYsIPRH9dV6Dw8agb9M67cTNjSsiDqQc2V2XDDBWDU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 15:55:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGhqjxlF-xVaKcPbQ9cqBi4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 434D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECJecgMUouy4gTKJlw_lcRg&google_cver=1

43 B
1010 B

15ms
15ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECJecgMUouy4gTKJlw_lcRg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjOgrDaATAB&v=APEucNWSDIW5oROk2PQRL5YQqvFx6rSakLirefkv0F8L7MEg-t3OkemYTR0Y15Jz_6Pir4uoInNBUqHg4KUQUDjOpfeHEPBNzNFogcD4oepIR41HSnoEZgs_8h40QkgKCdOHVxyKRO4c7WYsIPRH9dV6Dw8agb9M67cTNjSsiDqQc2V2XDDBWDU

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 15:55:02 GMT
AN-X-Request-Uuid: 2537ed57-dbb2-4687-a58d-cf1332b4e2d3
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECJecgMUouy4gTKJlw_lcRg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 434D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0ODA2ODI3NjEwNjUwOTgxNg%3D%3D

170 B
243 B

20ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0ODA2ODI3NjEwNjUwOTgxNg%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 15:55:02 GMT
AN-X-Request-Uuid: 6d190a51-6ad5-4afa-8b53-028bd9361e0f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0ODA2ODI3NjEwNjUwOTgxNg%3D%3D
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 8E6A 29 KB
11 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkNQGa4V9W6dIEEQMtOfHylNe6ANbo4N712GSD0rKHu5STnalyJtnWiXj8VTFtJH1xicRbJEQvX5Cek1YvacYoj0SBvNDoXIaGLxiMJq5D4rNvdn4dFa_N_wKLJzThgTA9Jj-gUnsTMSZE-QJ9KpXIbXxRIhOWZj88rj33F7n3_NTFpJQ&cry=1&dbm_d=AKAmf-BHmQBmA3Ruon_TfjwIvJjshlLNQCsRVigDQ5xlDo_Rz9hTK0w8nYoXRELO6NmR3NhjXlEw0bulp22CO-5HnMocO8wuh5HHC3GNrpoxBpQyHXtP-6j-milmcpTS2BA3750pwbxOkUUdJJjLuLX2azsAIU0J4FNEZ8XDgaY3trdSLDxenRFZsVqyi9l3mHHd3Xbp2qbznpO5o-xIKg3g3qRfQJS2y0YTQLpQZmqFGyOqPcK7zLih5ffP9v3ftQ95w7R86NGLfpgdSIm-jvJ9FnRJpukTG6EVOlH7v0US1P26g0qmo4yiWj5rq9Mfj3Qq7pYbNQJ4PcSyhfHHvAD1wyTt-SaVgHxiSoIA7YcWT0oTDsyNa-4j7fhbMy5yzyZVHH40bJHXSEwV_O_TWh3WFUggMR5NQIY3h-JlDmeK0mPmJE_xLgDCuRuEY9nqRugy55usHILhY4lrrUtuTGSz8Ew5JDIUWElH49W7Z56baRG5yk9eCHX-u6zn_Dk8ENWnwYtD9dLQBjJ-dySWigQ_MEeUmF11va2MRFz_KnqhchjCfTDgYctLbt4FabCtyWuN1t9UGIbhPhvgJzc5lrnKgDlR1dZ2oXw6bXP7Eud_3sWy4DJYohLe_hMYajUOxgmdppjMbACaGRKMYFCuBuO6MGGplDFgHcctZkxtlj3DUxuPqAlt4gYwmyc_C9cJoI7xEIcufgG4HffZGdZj-GQPE4NAL4CYvjRYieJzkc7vOO0htTBzWfWjgFOEBUMddi3qRPa4k3hAjDocl_K5DVz9RMARTkBl0wN1YqXXlTopfp7W8ZPcJGGVaHhvjkrjlKc5ZrafAC-wE5OoaVhphUajAd01Y33jRmAiHl6k0mJVs8g9QXgSlmQZHzYFMW3Dm94sa-3fOYVuRgM7I4wOAW4rNi6ky48TPKAh41yRo4NlsxnT-ukN-QRwgUY7YutYd5KfDsrip5gB0V0lRrYQYc3oVC2X6urnLXrddW8L-IzCCilYo1G149bWAxMdAzyY7DQIybKuCOczz9BbzK-GfRWmATRu14piKnaSvyMZMQy5c2rDwHYaFbS8P4BoMe4__GAyAQ4U5GWYeeurO2pedb_I6Wv0LpmY9ou-n12cNoH8ktSstRwTTzk3hwZkb9q9Cge-51NdEv6IfHZoZCNtZTwJngwBqFut8TNEbuW_pBhwILMsYPywXVxrH1_IuqSmDT82KxmBbR4KTrsvyVrB-mPIhGEfmn1dBQuImPXXyIfwx78QaafHl2o6wZ9ZbnDA8rFK9cbIMUdBypf0a-dpKaodHVVWSPZPEZ3JyZBJolyywvucWW1SRICxF-tC_5JKkqZFgvIdQxUdaAhSOdvjFiRYkLGUbfGrtp-hKN-jj5r-lJaiKjyehRzzLZh2X824zB2uoIfVK51ujDuANGmLffJPIrwbd30vqUJ-zmapL61GDN-6k9kYSUiFwOUDeTVw9vzBEv5tuXc6w_x_2_xYrsB2eWinW8I0Xf0ftqJlXkVSNjH4HCiREUT4uPmZOxNJRtyB2S9sRdX0OT47V0WJIsNJ5yCj5lHRoeDnX2a3kFXwH4DPhslMVDYBCivccB-CndhxfoFsoHUc-K9O3QWZC_4eGlJdbbDwcy6wxdALZc5vVQ7OWEim8LjxdRmaQQmxfYNpPHxI-gZrMbRbvhlkUOSXaT1kNjDUHL7esVUx6CS8O8jrrj4Gif-r5DlrKt2to-7Vl4YZ7r6iNN-X42TSx87M3m24nbXfqly4mLXUrS3DGW9Mqa8deVOp5T-hOf9JGQZJHZUBDhxczNO4rqu51LHND7yiEBi8R4BZ0mGzmI2rxQoqOwnIh99UH762vdnOBkHg8KxKZImqRGzXpSHzvbPkICmv5B2qKbiRju0aIozTWPu6vNM_qJn7T05YPnyyo4d-7YcVQk2Jpv3yE98ga0Bx3l3nE7nluWhrE9Iv99SueUlRdrJW8lZ9cAk7LMqdr2LurfzgfAKU2d8mTf0Wg7tmWX9GnxC_bxeuzST2-TGIx8-JFH0e9n5Lj2Ty0TEFH3_znzRkNKPnPLtNd2UPp48jFUKyvhRaM8s24ydtDCCTQ86inCxZ1AaocQZln8AW7qQS_ffAYkzUQQchL6hnXUzsTEcxSrApxvIuJKKBLu6qza3jK1G_xJ5Ohhwb9y7Qh7f40HEgOW1diby5uxzuhfYvhXUElYp7aKVn-XBcQ4Y2DWCkAdC3YGdaxJf7VJykfw1D4RERO7Az8dXTxrPV_5I8qtf8d2kSRgKgF9V39kjOK21oGZos-J9Gl6A5AO4nyq59-97UZ7lrIKv5J7KupUvZdW9nixJaeimhh6mQKiXbTgCmNuzFrO2ZVt_5asWLW3UG2hdvA9-fQ326OM1eKEOlJzS9frHvtsftfy4hMInuVMRef_uUjtsZ_yrpR1lPyXyFjjuH6HBFQ4ePeTG_VtCcpSX6_5IHBUHpLbT9QElFoxOhJ-0qnqRD27ximd1yphRtC9G1_d9tYFWB8VG06dK46LpaeBVKrwodiwo4Wg771UGLnCZuFBz1ZR18Q6PddMMCz8dfZv5AHARat70t8pFF5Sdbu_hUdfCJwgz4xs4zVB3ZP4BP5naMbjaBlYUIl924ZyhGlXNYGJNx-tddcrr1CmXsOnGyLnARWy9krDfJI1Q89ag8fZqvjoumyj59sWb4GlynKJzjFnP0XkA59S0S3waCMw-DQCrYHPsQLfQq3UDulv_JswHilFs579vrojPna_63AzTdD1WQmvMw0PgmHCDBXnDipC8OQ0Y7BqgSW2nCL1M2GsNv2h0b5E69MtLziMrnSrjTHRQQjdI-V3rdbPeTmhgKlITlP5excPXol2cNjbag5rst3iQKBNdIZYE8U-2htsbDHNUcn0Z8VyOTrRLPAMBZNNTEXQFcVFU578lzWC0S3ue9Mk1kcG5RGzk2VOt17kjNDK5d_BBO0I5KUTgRrU_GFohUNpKhWZGcWEktcZrR8YXY6HBndoplBjydNGIenx6KB-Q7mzTY8tQVSYIIkwNx2PsaWiTwzh41p60ssxbvLjhqdKA0MxFy96_cYS31nBdnZoqWl_3v-7PEvJ14q9g05kofSZHyWOGCLSpwkPK5TndekHDYFZIYV7gC7_wkzmi2AdLqlT0wcebW2xtLtn80fw63fEmHltoeaYCVxMlYHhHmmx_m5LYcojWfKoloQaBmoPU8GkAnlM8HAOIjpiSvzbYVGBthLaEMKhEY2FIGwCRDuvvM0CpMTzz1MwKzypn72jvFL5sfsNhJWBI6lUyXEgRt2Iv2q_jgF5NysJolYXE-8xmKXF-wcJDEPZMi4ROApScy57QbdxVIRszijuSPGPg8mqM5vTuVggUQROY3I0dzooLtn9wsU9EoZKDcW-iwegS1d-PQfJ7aZLv8GHjMwzMFGQtMKDSleIBlOAJEBJhvvZNA0XVSKKB6fYBzj9JW3h7z22ered68TlpSjvPs9EsbwrImsn0-f22HZi4nqp3LZUq1Caco92hfMVAQ-AEQYxR9915mJ7HjduOx5zovqOvSSaa3J8iFPvBb2_1h4YwJceP84Bc7EAaMiPFo3U2V8ybiH0NkJ-gTBJA5cNny5U6GG8NLo6FsHayLlVTMwjwRQ_6_wEiKPqTEWl7hGRJjiG47QmTyH0XO-f9XlhAT_A&cid=CAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD-1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.canal38.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 10:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 10:10:49 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E6A 41 KB
15 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:22:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:22:14 GMT

GET
H2 200 banner Show response
ad1.adfarm1.adition.com/ Frame 8E6A 12 KB
5 KB 24ms
24ms Script
text/javascript 217.79.188.2
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad1.adfarm1.adition.com/banner?sid=4745915&adjsver=3&fvers=&iframe=1&ref=https%3A//www.canal38.com.br/&ro=https%3A//7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/107.0.5304.121%20Safari/537.36&os=17&browser=11&userid=0&kid=5585645&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3D
Requested by: Host: ad1.adfarm1.adition.com
URL: https://ad1.adfarm1.adition.com/js?wp_id=4745915&gdpr=&gdpr_consent=&kid=5585645&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7_UP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba_BFGLHogvOjTomCZRpika8OGOukB2xp_mUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm-0wCTnB5fVgLDvqgLXc-ffNzZZoZ_bvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm_xcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY_T6UARqxaZRPuMy6iSWVlojfQATJzjE-iUcJprTRPfSqGorOMtP-8FmEpXAruF0aDBm2PWFkWF0vmneYp_ynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB_Tz7d8CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD-1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64_1dt1E_-AuI0_lFUUBsDwZM2oJteQ%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-BtLoiro7EXIj6SluzlMCFhsHbZgHXZR9-_ZIxkjzRLp6DgXP2i2A_oGMp41ggQMFyigfT4L9Sb5KR2NOeS8_FadmzLm5iiCNjxqvP57nrZjOGM5H3-W3y6XLkuiit14IgLemHtBqTST7Ue-ncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm_d%3DAKAmf-DBnqvfTxq70rvYECc6wCtxte-1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy-IPT_uEJoF9aP40vt3nBuy8t2Q-NYXRl2Vk_lMS9PrFTHxuyjW0851WEpwz9CHs84XX-aDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe_ZHqZvcRBuGoCmyMclDczMm-cavISU0GOHT1_QVSrXXd0b8HnzDb_s3TtLCPuNLx-Pf-x7wddVo7uj-7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo_QlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi_SmVUQ6YeaciHLjS_wAYgQf-Vb_bl5OirhSi6Z_KvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi_67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj-4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad1.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: a544e41abe13ec58d03fa0f0c87693ce97b167bdd6b38c3842e6556452c4d859

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 16:55:02 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FE4A 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 127756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 04:25:46 GMT
expires: Wed, 29 Nov 2023 04:25:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
imagesrv.adition.com/banners/3618/16920999/ Frame 249C 17 KB
3 KB 18ms
17ms Document
text/html 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 631a676a8539cedd99291852a2cd963ba50faaa5b22ed5fd23697965ba3c7643

Request headers

Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
content-length: 3098
content-type: text/html
date: Wed, 30 Nov 2022 15:55:02 GMT
etag: "2579096121-br"
last-modified: Fri, 18 Nov 2022 15:43:21 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

px.gif Show response
d.adtriba.com/ Frame 8E6A
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display.start11_perfor_adbdl
https://d.adtriba.com/px.gif

42 B
227 B

8ms
8ms

Script
image/gif

3.123.239.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 3.123.239.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-239-61.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 15:55:02 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Wed, 30 Nov 2022 15:55:02 GMT
Last-Modified: Wed, 30 Nov 2022 15:55:02 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame FE4A 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 15:29:22 GMT

GET
H2 200 AditionH5_ClickTags.js Show response
imagesrv.adition.com/js/ Frame 249C 753 B
407 B 18ms
17ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:02 GMT
content-encoding: br
last-modified: Thu, 20 Aug 2020 14:03:40 GMT
etag: "1134380014-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 330

GET
H2 200 acf66dc7a4fccab2e3a74ebd380cb66c.js Show response
imagesrv.adition.com/banners/3618/16920999/ Frame 249C 59 KB
14 KB 19ms
18ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/3618/16920999/acf66dc7a4fccab2e3a74ebd380cb66c.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: b1fc7f6738f4a59d3161eff84c1bdb4180004ca6aeb8ef105d153dd577a1fb82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:02 GMT
content-encoding: br
last-modified: Fri, 18 Nov 2022 14:45:21 GMT
etag: "4258179751-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 14106

GET
H2 200 b2d7d8d48d3df04fa21f3e3520cc96cd.svg
imagesrv.adition.com/banners/3618/16920999/media/ Frame 249C 2 KB
2 KB 18ms
17ms Image
image/svg+xml 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/16920999/media/b2d7d8d48d3df04fa21f3e3520cc96cd.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 2949ad87f5759aa23a8447e1f38f53f4003bc7f30da5b2e7b65db2f687dd4dfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Nov 2022 15:55:02 GMT
last-modified: Mon, 06 Jun 2022 08:57:30 GMT
accept-ranges: bytes
etag: "1264739588"
content-length: 1758
content-type: image/svg+xml

GET
H2 200 ac4848f5dbf9aff1f6f13ddd9583fb81.svg
imagesrv.adition.com/banners/3618/16920999/media/ Frame 249C 13 KB
13 KB 19ms
17ms Image
image/svg+xml 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/16920999/media/ac4848f5dbf9aff1f6f13ddd9583fb81.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 63faa8b7384c37c4834b77615586404ad7d7591d5ab8ac0c50c2b10470b35b0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Nov 2022 15:55:02 GMT
last-modified: Wed, 16 Nov 2022 12:35:48 GMT
accept-ranges: bytes
etag: "675566260"
content-length: 13735
content-type: image/svg+xml

GET
H2 200 8b54dce6f96ba4fb0bcd50cfe708b21b.svg
imagesrv.adition.com/banners/3618/16920999/media/ Frame 249C 21 KB
21 KB 19ms
18ms Image
image/svg+xml 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/16920999/media/8b54dce6f96ba4fb0bcd50cfe708b21b.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: a4c8f8f3612949d51dd7aa84210839ea4b7a7071a2dc4f67a0ee524335d6fdea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Nov 2022 15:55:02 GMT
last-modified: Fri, 18 Nov 2022 14:45:21 GMT
accept-ranges: bytes
etag: "3719343464"
content-length: 21008
content-type: image/svg+xml

GET
H2 200 b50e9936a36ec50859d493ece2c9a5af.svg
imagesrv.adition.com/banners/3618/16920999/media/ Frame 249C 932 B
984 B 19ms
18ms Image
image/svg+xml 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/16920999/media/b50e9936a36ec50859d493ece2c9a5af.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5a23ea6be465e25445e367b045e14b5247d633c2a3bde97f1faf5c8d01e77ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Nov 2022 15:55:02 GMT
last-modified: Fri, 18 Nov 2022 14:45:21 GMT
accept-ranges: bytes
etag: "2893344044"
content-length: 932
content-type: image/svg+xml

GET
H2 200 8af4410d2f5dade8da213f887084bec3.svg
imagesrv.adition.com/banners/3618/16920999/media/ Frame 249C 12 KB
12 KB 35ms
34ms Image
image/svg+xml 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/16920999/media/8af4410d2f5dade8da213f887084bec3.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5972b67cb85d43b34d8c75e2ba6b0fcd87acd628696ddb9de81f88cd07a01474

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Nov 2022 15:55:02 GMT
last-modified: Fri, 18 Nov 2022 15:43:21 GMT
accept-ranges: bytes
etag: "1052467722"
content-length: 11826
content-type: image/svg+xml

GET
H2 200 4db576e4617b9aa3d21c74227736f21b.svg
imagesrv.adition.com/banners/3618/16920999/media/ Frame 249C 3 KB
3 KB 36ms
35ms Image
image/svg+xml 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/16920999/media/4db576e4617b9aa3d21c74227736f21b.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 3e476db9091c3b8bdbb5979eb4ce6296f802d1b475ffcc042f430d841a70ad36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Nov 2022 15:55:02 GMT
last-modified: Fri, 18 Nov 2022 15:43:21 GMT
accept-ranges: bytes
etag: "3993740464"
content-length: 3431
content-type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3BD4 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 10:10:49 GMT
etag: 48472445140208031
expires: Thu, 01 Dec 2022 10:10:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8E6A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2911eed9afa02eb7c0f63dd5aa2ee9e1f42fbdbf7a0324b14a037946b0867626

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 385f4ff90299b92efa9810659a02bb9f.svg
imagesrv.adition.com/banners/3618/16920999/media/ Frame 249C 11 KB
11 KB 60ms
59ms Image
image/svg+xml 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/16920999/media/385f4ff90299b92efa9810659a02bb9f.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: a2c902cca968a8171e1cf9dc9ccdb6ca161749947ba12624355a6bbd9dfa165f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Nov 2022 15:55:02 GMT
last-modified: Fri, 18 Nov 2022 15:43:21 GMT
accept-ranges: bytes
etag: "2406098207"
content-length: 11150
content-type: image/svg+xml

GET
H2 200 be1ae360fac827f95367482dc41de62f.svg
imagesrv.adition.com/banners/3618/16920999/media/ Frame 249C 3 KB
4 KB 77ms
76ms Image
image/svg+xml 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/16920999/media/be1ae360fac827f95367482dc41de62f.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: ed557ea698486243f2a70df3a180536cac4b063740faf145c373211100981dc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/16920999/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrFgq1XyHY5qyIsPI7%5FUP1LCw6AaHkNq8bcmsv937EPAuEAEg95SsMGCVgoCAoAegAfSLkqAByAEJqQLpYQ2L5WOxPqgDAaoEngJP0Hj7KtxT7wEwFzZwr1Ba%5FBFGLHogvOjTomCZRpika8OGOukB2xp%5FmUETnRdZTipGAEbmoWIZZmY4HgrMg18oSqFIgd3Q54ayWBm%2D0wCTnB5fVgLDvqgLXc%2DffNzZZoZ%5FbvMGDSeNfLNl36hAT8gQljeV4BxlT9qAWm%5Fxcx7IlguOFi1DGMVSBK4p4885HCBPJ9sY%5FT6UARqxaZRPuMy6iSWVlojfQATJzjE%2DiUcJprTRPfSqGorOMtP%2D8FmEpXAruF0aDBm2PWFkWF0vmneYp%5FynyEt70sZZ5GbsmtamZFGAcGfyE4sKVvOTqMQYNslwGtni28uR7W0DlhxUoJCMBAUw3U5pmdEGaWhpYaf184rLtNGME3hVdriYjSSawAScjv2DlwTgBAOQBgGgBk2AB%5FTz7d8CqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOTg7MR0BMA2BMNiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD%2D1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw%26sig%3DAOD64%5F1dt1E%5F%2DAuI0%5FlFUUBsDwZM2oJteQ%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DBtLoiro7EXIj6SluzlMCFhsHbZgHXZR9%2D%5FZIxkjzRLp6DgXP2i2A%5FoGMp41ggQMFyigfT4L9Sb5KR2NOeS8%5FFadmzLm5iiCNjxqvP57nrZjOGM5H3%2DW3y6XLkuiit14IgLemHtBqTST7Ue%2DncGmWsan7Pq4eBTCaqnGccBM0FdNaSCvAs%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDBnqvfTxq70rvYECc6wCtxte%2D1LfUbxZOU7gAvrGJwqgRXLAIBrhFKNJEQZAbfSVwH0hlJrokHFmIDzZHPy%2DIPT%5FuEJoF9aP40vt3nBuy8t2Q%2DNYXRl2Vk%5FlMS9PrFTHxuyjW0851WEpwz9CHs84XX%2DaDB1rjuK2wuaZvryj6B6g0ix5fDEX4UbQ4fEoQiXtLpKPzwbQP72Qe%5FZHqZvcRBuGoCmyMclDczMm%2DcavISU0GOHT1%5FQVSrXXd0b8HnzDb%5Fs3TtLCPuNLx%2DPf%2Dx7wddVo7uj%2D7DGOcOxud2UIW6V5NxgREQIMEbbg39c5Wo%5FQlsBP0zHxiUihEUrnnC9gul7atVNhl43NFYrATNPFnIdoi%5FSmVUQ6YeaciHLjS%5FwAYgQf%2DVb%5Fbl5OirhSi6Z%5FKvQD0WsMKhdRzpuV4e8JQygGznJJKVmH9G91xIwcy505sBOPHi%5F67wq4MCVNRAhqlj6mQ10Fudam6mCbBQc8vj%2D4FMfkr75DRRyWSUvLr61Dq67WPDNhQB4cATlZvIm7mAD35kQIiEPUBYr7WjiNxRktPDQ6Y%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7171838185935997707%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7171838185940585483%2526sid%253D4745915%2526kid%253D5585645%2526bid%253D16920999%2526c%253D45566%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Nov 2022 15:55:02 GMT
last-modified: Fri, 18 Nov 2022 15:43:21 GMT
accept-ranges: bytes
etag: "3623069093"
content-length: 3544
content-type: image/svg+xml

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BD4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAdNb1jQCeWm9FW_ohiSxI8&google_cver=1&google_push=ASkJ3FaNqNULceyvp45VuIVX6lfSlDvHwcPpc2NSTTUuiQi45gOH66YtlRcqPwTeVdTtjX9wLCFX0WAjQPSturuz...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaNqNULceyvp45VuIVX6lfSlDvHwcPpc2NSTTUuiQi45gOH66YtlRcqPwTeVdTtjX9wLCFX0WAjQPSturuzA20hjQLJpA

170 B
188 B

23ms
22ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaNqNULceyvp45VuIVX6lfSlDvHwcPpc2NSTTUuiQi45gOH66YtlRcqPwTeVdTtjX9wLCFX0WAjQPSturuzA20hjQLJpA

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 30 Nov 2022 15:55:02 GMT
Server: MT3 169 32252b7 master cdg-pixel-x27 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaNqNULceyvp45VuIVX6lfSlDvHwcPpc2NSTTUuiQi45gOH66YtlRcqPwTeVdTtjX9wLCFX0WAjQPSturuzA20hjQLJpA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 30 Nov 2022 15:55:01 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BD4
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEF-PWDJaO3Dt0XV9EzwmK8k&google_cver=1&google_push=ASkJ3FaOZ47NzP2-p86nFC6sFO1CseT8MsSP0hqcPwDHxpafgwsVBXkpEPkVXhzfGR6diQ0hb03HbUVCjHwnFXgXA0mcOICs-g
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B70BF04F1614614A8F57239A485AF05&google_push=ASkJ3FaOZ47NzP2-p86nFC6sFO1CseT8MsSP0hqcPwDHxpafgwsVBXkpEPkVXhzfGR6diQ0hb03HbUVCjHwnFXg...

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B70BF04F1614614A8F57239A485AF05&google_push=ASkJ3FaOZ47NzP2-p86nFC6sFO1CseT8MsSP0hqcPwDHxpafgwsVBXkpEPkVXhzfGR6diQ0hb03HbUVCjHwnFXgXA0mcOICs-g

Requested by

Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 30 Nov 2022 15:55:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B70BF04F1614614A8F57239A485AF05&google_push=ASkJ3FaOZ47NzP2-p86nFC6sFO1CseT8MsSP0hqcPwDHxpafgwsVBXkpEPkVXhzfGR6diQ0hb03HbUVCjHwnFXgXA0mcOICs-g
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 29 Nov 2022 15:55:02 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3BD4 70 B
265 B 124ms
41ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJ1zTwQXdTvnAZQPNm7znc4&google_cver=1&google_push=ASkJ3Fb2AAfMV9tPYLYiFZVcNNaeakc9GI6DpHztBgqtJVnUSROxnSZwAUgsIUGwPEvAKl9tmnX_FDo8hrTsUSCMNGJ1yUzzuA
Requested by: Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Nov 2022 15:55:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3BD4 0
191 B 3237ms
66ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFZA1fXz-gmC1gr-20QJabA&google_cver=1&google_push=ASkJ3FadW_HtYklHDqr5xv-xJGNWr_OUr57WBbGdGXJAB0Pg5wVSbW7hm74glmw9Dgcfr1wzsSj8yiq9MkYExQn_riubFjN_rKk
Requested by: Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 30 Nov 2022 15:55:04 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BD4
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEK9ClTMN9JhU4EMYRucvXj8&google_cver=1&google_push=ASkJ3FZF6PKYPPkp9Nl-JaPCktNlPQr19QiaYr6a-cujDZjPvVqxjgLZAtcDUvWlDw6ASW63boDnmVwyge5VEUmuIS0nz1S...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK9ClTMN9JhU4EMYRucvXj8&google_cver=1&google_push=ASkJ3FZF6PKYPPkp9Nl-JaPCktNlPQr19QiaYr6a-cujDZjPvVqxjgLZAtcDUvWlDw6ASW63boDnmVwyge5VEUmuIS0nz...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZF6PKYPPkp9Nl-JaPCktNlPQr19QiaYr6a-cujDZjPvVqxjgLZAtcDUvWlDw6ASW63boDnmVwyge5VEUmuIS0nz1S5Fjk

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZF6PKYPPkp9Nl-JaPCktNlPQr19QiaYr6a-cujDZjPvVqxjgLZAtcDUvWlDw6ASW63boDnmVwyge5VEUmuIS0nz1S5Fjk

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZF6PKYPPkp9Nl-JaPCktNlPQr19QiaYr6a-cujDZjPvVqxjgLZAtcDUvWlDw6ASW63boDnmVwyge5VEUmuIS0nz1S5Fjk
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BD4
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESELfS97_p20TqOU5nNfJGmh4&google_cver=1&google_push=ASkJ3FYw1NOtx6PyBcd5ah-ekT2dRTMlxfdEZaQyf5YyXCP6ZUSSGBgtxeY5pSYV8ntXVlNl-e0ml7t054y2cqrJ6YsQvw...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELfS97_p20TqOU5nNfJGmh4&google_cver=1&google_push=ASkJ3FYw1NOtx6PyBcd5ah-ekT2dRTMlxfdEZaQyf5YyXCP6ZUSSGBgtxeY5pSYV8ntXVlNl-e0ml7t054y2cqrJ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8FvzXu9XTQGdIScaX8SR3g&google_push=ASkJ3FYw1NOtx6PyBcd5ah-ekT2dRTMlxfdEZaQyf5YyXCP6ZUSSGBgtxeY5pSYV8ntXVlNl-e0ml7t054y2cqr...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8FvzXu9XTQGdIScaX8SR3g&google_push=ASkJ3FYw1NOtx6PyBcd5ah-ekT2dRTMlxfdEZaQyf5YyXCP6ZUSSGBgtxeY5pSYV8ntXVlNl-e0ml7t054y2cqrJ6YsQvwKUYFw

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8FvzXu9XTQGdIScaX8SR3g&google_push=ASkJ3FYw1NOtx6PyBcd5ah-ekT2dRTMlxfdEZaQyf5YyXCP6ZUSSGBgtxeY5pSYV8ntXVlNl-e0ml7t054y2cqrJ6YsQvwKUYFw
access-control-allow-origin: *
date: Wed, 30 Nov 2022 15:55:02 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BD4
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FawIfPaoINDa17NGSwSUV_VN1jfl28R0UV7OCP9dSggeuJ9pK-6g1u-Sy1juZuNKegHLwk3z8MR52ebmx-xg7CNR2z6MnU&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-2affaace-95de-4e3e-b51f-c9645ab0d929-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FawIfPaoINDa17NGSwSU...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FawIfPaoINDa17NGSwSUV_VN1jfl28R0UV7OCP9dSggeuJ9pK-6g1u-Sy1juZuNKegHLwk3z8MR52ebmx-xg7CNR2z6MnU&google_hm=Ayr_qs6V3k4-tR_JZFqw2Sk

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FawIfPaoINDa17NGSwSUV_VN1jfl28R0UV7OCP9dSggeuJ9pK-6g1u-Sy1juZuNKegHLwk3z8MR52ebmx-xg7CNR2z6MnU&google_hm=Ayr_qs6V3k4-tR_JZFqw2Sk

Requested by

Host: www.canal38.com.br
URL: https://www.canal38.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FawIfPaoINDa17NGSwSUV_VN1jfl28R0UV7OCP9dSggeuJ9pK-6g1u-Sy1juZuNKegHLwk3z8MR52ebmx-xg7CNR2z6MnU&google_hm=Ayr_qs6V3k4-tR_JZFqw2Sk
date: Wed, 30 Nov 2022 15:55:02 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX2affaace95de4e3eb51fc9645ab0d929003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3BD4 0
12 B 50ms
17ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LE1L3qh2mc4ZNFkvFDujRLLch8TijobZFuAbHg7iXWTbLoF8hdEtMQvF0OMVlMkOxzcwQ1

Requested by

Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE4A 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFK2l1XyHY_y-OsG83gPxubGIAwAAAAA4AeAEAg&bg=!qKulq-_NAAbvMpMzzzI7ACkAdvg8WuZkPq_J0IsEGSNdHXp6oqyyADQFM5dD1vYccIe_kHlp5GCMxAIAAACiUgAAAAJoAQeZAutPkctNkABLDtX0FS-ghRbMKtH93wWkdqGPYbw3eDOiBzXliUOLm0BaKpPVezplKVZaR5DP0mc5Sq7LwuK1HGA7P59c656zZU-6OkhZYgxkP6cacfmv0QABW7gRoKdD8rgC9Y4d9B4YIrHVEX1xLWr-lzV-bsPpKljs3s68XgSjPxsS5AKzMDrFw45_hPcYkaneChvRiYY8PKAtfscbc9wo9DWjO_sHO5q7cgcdvTcfzJlJlG6-oXEJRj0HIBt3TFXOkcDJAaJJKS3lJeMDUMcRZGnbvKMijMOIajKTdBfXsEsGUnGChHogxxxJE60TKjeWvkezNciVFjDQSdMvbUzrcd2bVpdDdFrVogzk_eog6LDkAHaan2miydTv_opKjx8_-rrYeyOIFYBNowPtPxmn1HvbXcnAZ4iUtI86hon0PpfQGF42CmF-578p6jgh6sd8EmpmAnvjlBwr6X4FbXBpz3UIBb0xHwL0BK884Qr1CL5bFT5Pcs-5dtnppQvzmrEnmmf2mNPaHBbxXbttaYacDivioT-H66RINWHjKhiQtPdzkkdvkIKGr7Hmu0o9hEkirUiVqL3ofyBpc1YiGofkK01TU3sS-u5noIL1jPpujTrf7A9Dpmc9858ExxNoOmXse68s0nXSq8TksP-KhJSH1BADw04FeHSF6_zz8Awiu2omIiIpGcccZPuW51gIYI_SGousHfsJNAltCWZ9Llb4mbQm8FxNAjRrNnWvelfvVzhgZR1CFCiGvs2iLj1Aa0BvI3cr-eb4uSq_r7AQcUlyqNhEbm0spETSEBAtQh7qI2GOslBRxI8fPEzAu16Vmte404PW1WiNSRSEaO-N07H5JYSuYz-GaD-QYzbt2eCtv9QV4zPxlBVolPAvY3vkxdGf7Gx-voTS4JACHGWpROvcldrSWDn20M10XuT_QnH6iiigpwPWuPENBBA8QNlOfHSLwmYyjYx0sQAY_CZRwTPjcGaxOK_sX56v4MM

Requested by

Host: 7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK d
vt.adition.com/ Frame 8E6A 68 B
297 B 83ms
16ms Image
image/gif 217.79.188.53
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vt.adition.com/d?lid=7171838185935997707&n=3618&c=5585645&b=16920999&cu=4745915&vt=0&elapsed=1&ma=100&suvt=0&h=0&v=0&vt_50=0&vt_60=0&vt_100=0&vt_cust=0&version=6
Requested by: Host: www.canal38.com.br
URL: https://www.canal38.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.53 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: vt.adition.com
Software: nginx /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 15:55:03 GMT
Last-Modified: Mon, 30 Jan 2012 11:56:59 GMT
Server: nginx
ETag: "4f26858b-44"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8E6A 42 B
64 B 85ms
53ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMvZdLFL551Y1ND0HNyWyrN9BSCPzUH4YurwuwreJd8n4GJ2l1V6tzy2hkkeIczYvZZSAiKD0YpTwx0gxcCCaz0re_-VMT9LyQlUKBTTDB1EiMOfqe_rrStalLx7jrr8TXk_4k6g&sai=AMfl-YSsUI4iG-iojIMsckzLv83N3bMRkVewmw4ShZXxBKQX6xBbTT347TQde7oD0MkMv7fUe8yBf34CTxzh4y_3KGIAiY50IFIYorNBYSjZagVX0eKQiMsMljkYKBpUvQ&sig=Cg0ArKJSzEI_YPIAtwL4EAE&cid=CAQSOwDq26N9VlS9JyjO3AiO2T6eUYBnRlzRKad9PZ2WM5K2jpxsZMD-1Vo6iRXKQNEphMR6ExUoOD6vY4wQGAEgEw&id=lidar2&mcvt=1000&p=1237,436,1327,1164&mtos=800,917,1000,1066,1168&tos=800,117,83,66,102&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3472889030&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669823701900&rpt=272&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9CAB 4 KB
3 KB 55ms
22ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: player.jmvstream.com
URL: https://player.jmvstream.com/static/js/main.4ce3ab43.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.jmvstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 15:55:03 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 9CAB 52 KB
15 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.jmvstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 14:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 01 Dec 2022 14:43:17 GMT

GET
H/1.1 200
OK / Show response
popcorn-concurrents.jmvstream.com/socket.io/ Frame 9CAB 103 B
414 B 805ms
197ms XHR
text/plain 45.225.80.22
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=polling&t=OJ9Fwf1
Requested by: Host: player.jmvstream.com
URL: https://player.jmvstream.com/static/js/2.f4fafcee.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.225.80.22 Divinópolis, Brazil, ASN271437 (JMV Technology Eireli - EPP, BR),
Reverse DNS: dns2.jmvtechnology.com
Software: nginx/1.20.1 /
Resource Hash: a5505aa5aa7d8147c42fa6430e40d3a743142b34b7f65007c057ffee6d289c8e

Request headers

Accept: */*
Referer: https://player.jmvstream.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: https://player.jmvstream.com
date: Wed, 30 Nov 2022 15:55:04 GMT
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 103
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK 7.87574412.chunk.css
player.jmvstream.com/static/css/ Frame 9CAB 2 KB
2 KB 203ms
202ms Stylesheet
text/css 2804:7b88::32
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://player.jmvstream.com/static/css/7.87574412.chunk.css

Requested by

Host: player.jmvstream.com
URL: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2804:7b88::32 , Brazil, ASN271437 (JMV Technology Eireli - EPP, BR),

Reverse DNS

Software

/ Express

Resource Hash

fe4b76d8efe8e97589478486cebe3a43365d034dedd0b6e26583eb1e02f8cf5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:03 GMT
strict-transport-security: max-age=15768000
last-modified: Tue, 29 Nov 2022 15:20:00 GMT
x-powered-by: Express
etag: W/"765-184c3f936e7"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
keep-alive: timeout=5
content-length: 1893

GET
H/1.1 200
OK 7.d04aff24.chunk.js Show response
player.jmvstream.com/static/js/ Frame 9CAB 9 KB
9 KB 201ms
200ms Script
application/javascript 2804:7b88::32
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://player.jmvstream.com/static/js/7.d04aff24.chunk.js

Requested by

Host: player.jmvstream.com
URL: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2804:7b88::32 , Brazil, ASN271437 (JMV Technology Eireli - EPP, BR),

Reverse DNS

Software

/ Express

Resource Hash

43df529c92507faa2021cadc9544870778be628e49d8f796e3f7a222480b92fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:03 GMT
strict-transport-security: max-age=15768000
last-modified: Tue, 29 Nov 2022 15:20:00 GMT
x-powered-by: Express
etag: W/"22c1-184c3f936ec"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
keep-alive: timeout=5
content-length: 8897

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 58ms
57ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c943d0b729b4478412fda049ccb129f1dda8f5543aac662e2a070c61f82e9f95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11062
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 15:55:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 94D5 13 KB
5 KB 27ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canal38.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1454
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 15:30:49 GMT
expires: Thu, 30 Nov 2023 15:30:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7665 783 B
534 B 53ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d7311b51d1ba3bf24f1093fe64d20b8c82dbbff47fbd60a4e9190d8042e5f53

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g-xkdXBlhgya1R7kqHSTtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canal38.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-g-xkdXBlhgya1R7kqHSTtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 15:55:03 GMT
expires: Wed, 30 Nov 2022 15:55:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 94D5 36 KB
16 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 15:29:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7665 0
0 41ms
41ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2417336009619435&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 94D5 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?D-mxRA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST /
popcorn-concurrents.jmvstream.com/socket.io/ Frame 9CAB 0
0

GET /
popcorn-concurrents.jmvstream.com/socket.io/ Frame 9CAB 0
0

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.canal38.com.br%2F&domain=www.canal38.com.br&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=N67dTXxoZ09kVmVsTGpvWHMxNmVLYk5WanM3S1BGSFRLN25IdWVDUmFaRUptUEI2SmkyZ282UDFtQ1RSc3Z4d2VGdGxNNENUajN2YVZKN3QvM09YK2h5Q0xRR2gxeHFvaElGc2pGTTdTa1V3Q0txNGdSNHNaRHQ3RFA1ZD...

356 B
648 B

65ms
22ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=N67dTXxoZ09kVmVsTGpvWHMxNmVLYk5WanM3S1BGSFRLN25IdWVDUmFaRUptUEI2SmkyZ282UDFtQ1RSc3Z4d2VGdGxNNENUajN2YVZKN3QvM09YK2h5Q0xRR2gxeHFvaElGc2pGTTdTa1V3Q0txNGdSNHNaRHQ3RFA1ZDM0ZDVwQWJvVGFiVG1LdUp6Ti9TU08yR1JWTnVvcmw5cDNPM2Vwa3AyMHZXajhUWjBCNUpOK1Y5UDV1Uk5DWHFURGFCa2hEcUs1ZHJ3MHo1YXFGV0w5d3lkelFGdVJyU09SSmx5TFF3UHM5d0lXdUFsOU5UUWtzeFZlMStEVjFKN2VzODFzWTJUfA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2317ea8d648ec2dcd590f3b0b51db2b088846af279c59ce2ed2c683a2e5ff0f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1495697
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Nov 2022 15:55:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=N67dTXxoZ09kVmVsTGpvWHMxNmVLYk5WanM3S1BGSFRLN25IdWVDUmFaRUptUEI2SmkyZ282UDFtQ1RSc3Z4d2VGdGxNNENUajN2YVZKN3QvM09YK2h5Q0xRR2gxeHFvaElGc2pGTTdTa1V3Q0txNGdSNHNaRHQ3RFA1ZDM0ZDVwQWJvVGFiVG1LdUp6Ti9TU08yR1JWTnVvcmw5cDNPM2Vwa3AyMHZXajhUWjBCNUpOK1Y5UDV1Uk5DWHFURGFCa2hEcUs1ZHJ3MHo1YXFGV0w5d3lkelFGdVJyU09SSmx5TFF3UHM5d0lXdUFsOU5UUWtzeFZlMStEVjFKN2VzODFzWTJUfA&cppv=2
access-control-allow-origin: https://www.canal38.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 643323
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 43ms
13ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.canal38.com.br%2F&domain=www.canal38.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.canal38.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.canal38.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 30 Nov 2022 15:55:03 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 539957
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 01F9 0
0 13ms
12ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1669823701379

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220910

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.canal38.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1C6A 52 KB
17 KB 54ms
9ms Document
text/html 88.221.168.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220910
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-189.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.canal38.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 15:55:04 GMT
ETag: "623de86a-cf34"
Expires: Thu, 01 Dec 2022 15:55:06 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
60ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2417336009619435&bg=!c3ClcDTNAAbvMpMzzzI7ACkAdvg8WqaFRwhGqrIeeecqBNrWgaP-kZaOhq8BhZvgOXGkFCt2OwdGJAIAAABaUgAAAAVoAQeZAqD9-3zaAUVAGnzkl6ZQZWmKR985PRVzKy7SofwWKntC9cPGp_li-GRx3Y0aTXV1StKB-XrebnHpV6gJuZrS2QELyny0pCyVg3l_HKYfj8X7w8bxGaVqUZo8ReLC-7SIMWLUheTjNC94t-uuW242DB4aOOdEK-fk-6PoRfZK5aXSAjG7lktC_XiWopRbE28rRF_PwgqX7fYlFt1x9s_rSdc_kXMK1aWSqxmmXMAsD2MqEzzDYdLjhAzBoExQ4aqVFUEuesiqGpwpmPauJOO8HKLGqGl3hA-jSB-Pv2h93ruCryFEQdGY6AclZ1ThnoJbbnm7R9Vhc44xlQRhJeQ0FumHwDYWaEV8dOHgDJGhiCju_lMyUGsXbI-aa4q6NajM-6nlO4I0cS3O5uprwvE797bWbtz7XMkNIIQBm8_lJeXIYx554gpeJWt9S2rGVcwcSDIOL7ZCUZAwNt25t8ZSLDIHvUKnXLEzMQTSdtcrhlhfXU3B4n40XuuTxkj4cp4OHCa6n2zwYjW_fOqE0xG8WUkLwE1AxgIX6dPqModqtTbWuySsfRpMVrIafY2hPSddV1MB2ksLYd-LWoGDdS8x8QUqDOGfKLtbc4q2tgr2eNCQzNqzIV3519QnYq2D15uCxw8C4jFKfnYiGKW5qTJHozTzpau0Xj7vB4u20nwXhzUICULyN789OfuaOGtj8LMlERe75UNREOc5MnPJ600o1dAq33m5GkffeCUTC4Y5FYpx7PKGMAtCttXR0-DpVXBqM9o4HvXltSxNjhAXIwcLgOBPLvfwzSSVWozuf7xKL46hOdXk3X3KBqsOaJp4vWGABlb9XNq1ObcQJxqCMeXHBvVX-Zrs8CbxBDYJqNWTOMpnbYlf5prXLuynFrS3AJ_3yTU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1C6A 0
737 B 37ms
15ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 15:55:04 GMT
AN-X-Request-Uuid: a8f056d8-ba1e-4c05-8c24-a21b0612ef79
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 185ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 30 Nov 2022 15:55:04 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 388263
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST /
popcorn-concurrents.jmvstream.com/socket.io/ Frame 9CAB 0
0

OPTIONS
H/1.1 204
No Content cdncrawlerviews
cdncrawler.jmvstream.com/api/ Frame 0
0 819ms
198ms Preflight
text/html 2804:7b88::32
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://cdncrawler.jmvstream.com/api/cdncrawlerviews
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:7b88::32 , Brazil, ASN271437 (JMV Technology Eireli - EPP, BR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://player.jmvstream.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,PUT,POST,OPTIONS,DELETE,GET
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
content-type: text/html

POST cdncrawlerviews
cdncrawler.jmvstream.com/api/ Frame 9CAB 0
0

GET
H/1.1 200
OK hls.min.js Show response
player.jmvstream.com/ Frame 9CAB 306 KB
307 KB 396ms
396ms Script
application/javascript 2804:7b88::32
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://player.jmvstream.com/hls.min.js

Requested by

Host: player.jmvstream.com
URL: https://player.jmvstream.com/static/js/main.4ce3ab43.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2804:7b88::32 , Brazil, ASN271437 (JMV Technology Eireli - EPP, BR),

Reverse DNS

Software

/ Express

Resource Hash

3d912e422f571998b2135fd854682ba0ae823d5773972f1f8c118cdc5650d53d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:05 GMT
strict-transport-security: max-age=15768000
last-modified: Tue, 29 Nov 2022 15:20:00 GMT
x-powered-by: Express
etag: W/"4c9ed-184c3f936cd"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
keep-alive: timeout=5
content-length: 313837

GET
H/1.1 200
OK play.9ea9064a.svg
player.jmvstream.com/static/media/ Frame 9CAB 689 B
1015 B 203ms
202ms Image
image/svg+xml 2804:7b88::32
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://player.jmvstream.com/static/media/play.9ea9064a.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2804:7b88::32 , Brazil, ASN271437 (JMV Technology Eireli - EPP, BR),

Reverse DNS

Software

/ Express

Resource Hash

c8d19428b6ed29bce59c771a16fb2bf0031f174f92209adb73eeba79b6229633

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:05 GMT
strict-transport-security: max-age=15768000
last-modified: Tue, 29 Nov 2022 15:20:00 GMT
x-powered-by: Express
etag: W/"2b1-184c3f936f4"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
keep-alive: timeout=5
content-length: 689

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1C6A 0
737 B 15ms
15ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 15:55:05 GMT
AN-X-Request-Uuid: bff1c341-1cf8-4e4d-845a-6319ee90c816
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET /
popcorn-concurrents.jmvstream.com/socket.io/ Frame 9CAB 0
0

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ 32 KB
11 KB 145ms
8ms Script
application/javascript 2600:9000:2057:fe00:1c:38a0:8a40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=81&subId=&callback=
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/30975594-0f7f-421a-0441-08da9008d2cb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:fe00:1c:38a0:8a40:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: o3_UP5DBpj34HIRp37PMEele1xlw3U13
content-encoding: gzip
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
date: Tue, 29 Nov 2022 23:00:52 GMT
last-modified: Sun, 29 May 2022 06:35:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 60854
etag: W/"d29171b34ea93548beb17fd35f5b439b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: HGZxdDsdXRWbuXfs6cehBoRF6nMEk6xJ3m7rcfLSgyskjZB_EJ58kw==

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 172ms
36ms Script
application/javascript 2606:4700::6810:df3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/30975594-0f7f-421a-0441-08da9008d2cb
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 May 2022 12:22:37 GMT
server: cloudflare
age: 2222
etag: W/"6283938d-3671"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7724c3f3f9ce9019-FRA
expires: Wed, 30 Nov 2022 16:18:04 GMT

GET playlist.m3u8
cdn.jmvstream.com/w/LVW-8503/LVW8503_d0V5oduFlK/ Frame 9CAB 0
0

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ 5 KB
2 KB 70ms
16ms XHR
text/plain 2600:9000:214f:2c00:8:9ed9:9c40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=81&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2c00:8:9ed9:9c40:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d21cd4cb3b9f3ec54e634ab0976215d89e3c88125f641d94c041ec067d6943cb

Request headers

Referer: https://www.canal38.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Nov 2022 21:06:51 GMT
content-encoding: gzip
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:34:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 67695
etag: W/"87060f017d846493b7f437c322021dbf"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.canal38.com.br
x-cache: Hit from cloudfront
access-control-allow-credentials: true
x-amz-cf-id: REIUv6d9ahY2-gXERNx_aY4GauU4tM1C9SUBMADh2fPy4We7Z18yaw==

POST /
events1.avantisvideo.com/ 0
0

GET
H2 200 46575 Show response
tag.navdmp.com/u/ 497 B
475 B 161ms
161ms Script
application/javascript 2606:4700::6810:df3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/46575
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 26 Aug 2022 15:00:58 GMT
server: cloudflare
etag: W/"6308e02a-1f1"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7724c3f42a399019-FRA
expires: Wed, 30 Nov 2022 16:55:06 GMT

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 8660 46 KB
17 KB 30ms
7ms Document
text/html 2600:9000:2057:fe00:1c:38a0:8a40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=81&subId=&callback=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:fe00:1c:38a0:8a40:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer: https://www.canal38.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84234
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:31:12 GMT
etag: W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified: Wed, 06 Apr 2022 12:25:53 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id: AhKNsLnIHQywktrfpQekqeW_Kjd4hcYgXHoihqM32qH9IqJxpL4TZg==
x-amz-cf-pop: FRA6-C1
x-amz-version-id: dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache: Hit from cloudfront

GET geoip
avm.avantisvideo.com/api/v1/ Frame 8660 0
0

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
429 B 180ms
172ms Script
application/javascript 2606:4700::6810:df3

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e1d615be22594f37e06d66a8eca49be5f6c66f75d42b9b39ffc2fc3e6d157fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: public
date: Wed, 30 Nov 2022 15:55:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 7724c3f54c909019-FRA
expires: Wed, 30 Nov 2022 16:55:06 GMT

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 272ms
161ms Preflight 2600:9000:2057:b200:3:748e:7940:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:b200:3:748e:7940:93a1 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cdn1.avantisvideo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://cdn1.avantisvideo.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Wed, 30 Nov 2022 15:55:06 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id: hkHcvf3bvGaZe5RnzRvWZsGST-TgC6yCFbVjDLpLEIdnJki53EcqBQ==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 180ms
171ms Script
application/x-javascript 2606:4700::6810:df3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=11d518baa1167c17bbefa1335310%7C0&acc=46575&tit=HOME%2520-%252038%2520NEWS&url=https%253A%2F%2Fwww.canal38.com.br%2F&upd=1&new=1&h1=
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7724c3f66f289019-FRA
content-length: 6
content-type: application/x-javascript

GET

sync
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=76589611681
https://sync2.navdmp.com/sync?prtid=2&id=76589611681&google_gid=CAESEE3_jCwEMWVkPMxga3U5s30&google_cver=1

0
0

GET

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=dca96387-7cd6-4200-a20e-78546fd779b6

0
0

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
123 B 113ms
36ms Image
text/html 212.82.100.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canal38.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 15:55:06 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: popcorn-concurrents.jmvstream.com
URL: https://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=polling&t=OJ9Fwrh&sid=To9WoC7CpS-YGTttQbSi

Domain: popcorn-concurrents.jmvstream.com
URL: https://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=polling&t=OJ9Fwri&sid=To9WoC7CpS-YGTttQbSi

Domain: popcorn-concurrents.jmvstream.com
URL: https://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=polling&t=OJ9Fwun&sid=To9WoC7CpS-YGTttQbSi

Domain: cdncrawler.jmvstream.com
URL: https://cdncrawler.jmvstream.com/api/cdncrawlerviews

Domain: popcorn-concurrents.jmvstream.com
URL: https://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=polling&t=OJ9Fx8N

Domain: cdn.jmvstream.com
URL: https://cdn.jmvstream.com/w/LVW-8503/LVW8503_d0V5oduFlK/playlist.m3u8

Domain: events1.avantisvideo.com
URL: https://events1.avantisvideo.com/

Domain: avm.avantisvideo.com
URL: https://avm.avantisvideo.com/api/v1/geoip

Domain: sync2.navdmp.com
URL: https://sync2.navdmp.com/sync?prtid=2&id=76589611681&google_gid=CAESEE3_jCwEMWVkPMxga3U5s30&google_cver=1

Domain: sync.navdmp.com
URL: https://sync.navdmp.com/sync?img=1&mdia=dca96387-7cd6-4200-a20e-78546fd779b6

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.canal38.com.br/	1970-01-20 08:33:35	Name: _pbjs_userid_consent_data Value: 3524755945110770
.canal38.com.br/	1970-01-20 17:26:23	Name: _ga Value: GA1.3.1476658255.1669823701
.canal38.com.br/	1970-01-20 07:51:50	Name: _gid Value: GA1.3.20526381.1669823701
.canal38.com.br/	1970-01-20 07:50:23	Name: _gat_gtag_UA_43518252_2 Value: 1
.canal38.com.br/	1970-01-20 17:11:59	Name: __gpi Value: UID=00000b8ae525cdd9:T=1669823701:RT=1669823701:S=ALNI_MZSPocPT8j7CPSXx0kLKZt8LjMt7Q
.doubleclick.net/	1970-01-20 17:11:59	Name: IDE Value: AHWqTUnHZ1hX1B7cAnXuDMovSi-vBqCGfwu-U-wTQOEUl33S42u0spbd36YT2I3qKPk
.canal38.com.br/	1970-01-20 17:11:59	Name: __gads Value: ID=0389f8b07d139c1f-2257200101d800cb:T=1669823701:S=ALNI_MYLCj7JsK4spyGYmt43Z8wY1vABEA
.adfarm1.adition.com/	1970-01-20 09:59:59	Name: UserID1 Value: 7171838185940585483
.adnxs.com/	1970-01-20 09:59:59	Name: uuid2 Value: 4648068276106509816
.adfarm1.adition.com/	1970-01-20 07:50:25	Name: lv_5585645 Value: w=4745915\|t=1669823701
.adnxs.com/	1970-01-20 09:59:59	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVMtFrZb!]tbPl1M>e)ZlrFUfJ+tGXxpKA++hjHjSX9Z.Kzm`t_AQLvsb^b#pdKJ9Fh!3If)y3KL9D3I?+baNN3I
.adtriba.com/	1970-01-20 17:26:23	Name: atbgdid Value: c17dc9ed-faa8-47cf-9971-10cdca25dece
.casalemedia.com/	1970-01-20 16:35:59	Name: CMID Value: Y4d81kBrZdmwBn9DvUuzHwAA
.casalemedia.com/	1970-01-20 09:59:59	Name: CMPS Value: 3312
.casalemedia.com/	1970-01-20 09:59:59	Name: CMPRO Value: 3312
.simpli.fi/	1970-01-20 16:37:26	Name: suid Value: 8B70BF04F1614614A8F57239A485AF05
.360yield.com/	1970-01-20 09:59:59	Name: tuuid Value: f05bf35e-ef57-4d01-9d21-271a5fc491de
.360yield.com/	1970-01-20 09:59:59	Name: tuuid_lu Value: 1669823702
.1rx.io/	1970-01-20 16:35:59	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-2affaace-95de-4e3e-b51f-c9645ab0d929-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 16:35:59	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-2affaace-95de-4e3e-b51f-c9645ab0d929-003%22%7D
.mathtag.com/	1970-01-20 17:16:18	Name: uuid Value: dca96387-7cd6-4200-a20e-78546fd779b6
.mathtag.com/	1970-01-20 08:33:35	Name: mt_mop Value: 4:1669823702
.de17a.com/	1970-01-20 16:28:47	Name: guid Value: 1.4845889110710982130
.canal38.com.br/	1970-01-20 17:11:59	Name: cto_bundle Value: smbejF9rZU8wa2ZIcExOajI2cSUyQjRIT3A1dmlsalZoUGw0Z1VCYXhZd2hVdkE4NFZaenFFTnBMR0xzd1dnS1BmTHRiS1lZM3VyOG85MFJzVWRKa2MzdThtcG9iUlFNZVdCRzdYcjdrSHppMDM3MGpOWGlaQjlLamRHN0wyOU1OQ3lFOUx1
.canal38.com.br/	1970-01-20 17:11:59	Name: cto_bidid Value: VAo3YV96UlBUbmVUUyUyRmlKa3dtU1VqeTglMkY0Uk9HQUx1QmZtaFA2WHozSWJxTThEamQyJTJGQ2t0bjVpM2ttWVJMVDF3NVhzM292Y3hlaDJPc2xGUnAlMkJVUGZKdGR3JTNEJTNE

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.canal38.com.br/(Line 1162) Message: Allow attribute will take precedence over 'allowfullscreen'.
security	error	URL: https://7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://d.adtriba.com/px.gif' because its MIME type ('image/gif') is not executable.
javascript	error	URL: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t Message: Access to XMLHttpRequest at 'https://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=polling&t=OJ9Fwrh&sid=To9WoC7CpS-YGTttQbSi' from origin 'https://player.jmvstream.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=polling&t=OJ9Fwrh&sid=To9WoC7CpS-YGTttQbSi Message: Failed to load resource: net::ERR_FAILED
network	warning	URL: https://player.jmvstream.com/static/js/2.f4fafcee.chunk.js(Line 1) Message: WebSocket connection to 'wss://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=websocket&sid=To9WoC7CpS-YGTttQbSi' failed: WebSocket is closed before the connection is established.
javascript	error	URL: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t Message: Access to XMLHttpRequest at 'https://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=polling&t=OJ9Fwri&sid=To9WoC7CpS-YGTttQbSi' from origin 'https://player.jmvstream.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=polling&t=OJ9Fwri&sid=To9WoC7CpS-YGTttQbSi Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t Message: Access to XMLHttpRequest at 'https://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=polling&t=OJ9Fwun&sid=To9WoC7CpS-YGTttQbSi' from origin 'https://player.jmvstream.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=polling&t=OJ9Fwun&sid=To9WoC7CpS-YGTttQbSi Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://player.jmvstream.com/lvw/F4IIqUVJy5A4yAbgGEJk0okQW7615t Message: Access to XMLHttpRequest at 'https://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=polling&t=OJ9Fx8N' from origin 'https://player.jmvstream.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://popcorn-concurrents.jmvstream.com/socket.io/?EIO=3&transport=polling&t=OJ9Fx8N Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7fa947a8394cb05dcf577261fdcab9b2.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ad1.adfarm1.adition.com
adservice.google.com
adservice.google.de
avm.avantisvideo.com
c0.wp.com
cdn.avantisvideo.com
cdn.jmvstream.com
cdn.navdmp.com
cdn1.avantisvideo.com
cdncrawler.jmvstream.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
d.adtriba.com
d5p.de17a.com
dsum-sec.casalemedia.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
imagesrv.adition.com
match.360yield.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.wp.com
player.jmvstream.com
popcorn-concurrents.jmvstream.com
prg.smartadserver.com
script.4dex.io
securepubads.g.doubleclick.net
static.avantisvideo.com
stats.wp.com
sync.1rx.io
sync.mathtag.com
sync.navdmp.com
sync.targeting.unrulymedia.com
sync2.navdmp.com
tag.navdmp.com
tags.premiumads.com.br
tpc.googlesyndication.com
um.simpli.fi
usr.navdmp.com
vt.adition.com
www.canal38.com.br
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tempo.com
avm.avantisvideo.com
cdn.jmvstream.com
cdncrawler.jmvstream.com
events1.avantisvideo.com
popcorn-concurrents.jmvstream.com
sync.navdmp.com
sync2.navdmp.com
142.250.186.162
15.197.193.217
178.250.0.157
185.29.134.244
185.80.39.216
185.89.210.141
192.0.76.3
192.0.77.37
212.82.100.182
213.155.156.183
213.19.147.44
217.79.188.11
217.79.188.2
217.79.188.53
2600:9000:2057:b200:3:748e:7940:93a1
2600:9000:2057:fe00:1c:38a0:8a40:93a1
2600:9000:214f:2c00:8:9ed9:9c40:93a1
2606:4700:20::681a:9a9
2606:4700:20::ac43:4a15
2606:4700:3034::6815:4e50
2606:4700:3036::ac43:da9a
2606:4700::6810:df3
2606:4700::6811:140e
2804:7b88::32
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2008
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200a
2a02:2638:1::13
3.123.239.61
35.204.74.118
45.225.80.22
51.89.9.251
52.210.233.79
66.155.71.25
81.17.55.112
88.221.168.189
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04d16770eb23e8f494f5fa0b2e25997b799ec968e51083ec47bf2fdf58cf1b6e
06d32cc61aad27cca5f1fbe591907ecc0fb9289c544ea2081bf0979117a8be78
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
08db3c797223c98e57fd9e27492f1861d4718620702127ceb7dfb0427770e6ba
09b06d43122e9fadd36f2565ba1c881a9ca2b12c1298dc4c9c58f064350edfbe
0a6adf3454bc69e8cd73c35db0619bfd21a9a9358ee6a17c64df42a970faf491
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b918c5934e4534a863a7236d1127b0c4b8216ae1b6cc5ce30356d55f97c4779
0e1d615be22594f37e06d66a8eca49be5f6c66f75d42b9b39ffc2fc3e6d157fb
0f5b63cc69aa9074699a0caf59d8f1d3169e92391993c5d5216ee8e74d70a03f
103e3e86ec3078f96d761ffb310fb4ba0220ad2fd9d0dda12759f8b713e11490
10559c3d3d1b1385472ba54a86d75a85ad11f3f196c7347f800c87671634f002
10c7864feb18c212a393b0f73c0633c448739f3056fbe73c2d0d5f122277cc86
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
195182403b2e9d2a0779903fdd87cf7b9047f6a8253d9d12f12e991e2714ca36
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ec711077b87d1d69672ce9caf8f7a3bbdd23199e89f7bc7bb58f049a3aa1863
204e7bcc3e9416cfefc244c2068319d2e024e612912f4c8254dbebeef36370b0
2317ea8d648ec2dcd590f3b0b51db2b088846af279c59ce2ed2c683a2e5ff0f9
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
25ed4e3f92d17bc60fac51838b1b3650e17a07e289ac1c08b7e37abf03d76360
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
2911eed9afa02eb7c0f63dd5aa2ee9e1f42fbdbf7a0324b14a037946b0867626
2949ad87f5759aa23a8447e1f38f53f4003bc7f30da5b2e7b65db2f687dd4dfc
29d0c8fae7dd56bbe72f283a935fb7d96a6d015f80d57302dc8ae10c5ce364d7
2bc393d7dcf6f307535674aa24952ddce473ae0cff7d8748fa0b000aad25736b
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2c9701052a144782f173a0cde5c86d0ac11c46def30a7bbf045a65b12bd84411
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e
30de75db99674d52f78585f7f37a04517f2f3a29ef6500b511c87cb96cb995ec
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32fb476f6c1d6a146b79f15879e3b51fc9e62852e6e247ada33afd5cdb526268
370be3b03fe9bc22dde80ce5957acb91bb7c905ed512b68162f081bb7768094e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d912e422f571998b2135fd854682ba0ae823d5773972f1f8c118cdc5650d53d
3e476db9091c3b8bdbb5979eb4ce6296f802d1b475ffcc042f430d841a70ad36
3e8e8c9964a446fba9a9473662b21fae9b3b9b54a391f5d637e5e7e6b426aa5d
43df529c92507faa2021cadc9544870778be628e49d8f796e3f7a222480b92fb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d7311b51d1ba3bf24f1093fe64d20b8c82dbbff47fbd60a4e9190d8042e5f53
50230a768774ba88bdeb31d5bf3cdcd95b90248334753ab4256aed572396d97b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57472f4859650850932c8632daeb6b20483affb63fd8e86f65ba7462347891fe
5972b67cb85d43b34d8c75e2ba6b0fcd87acd628696ddb9de81f88cd07a01474
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5a23ea6be465e25445e367b045e14b5247d633c2a3bde97f1faf5c8d01e77ab5
5afd6e4685f802270aea529267954ea6f991932bcc878b7efb0e97980c4371ff
5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631a676a8539cedd99291852a2cd963ba50faaa5b22ed5fd23697965ba3c7643
6394803f6e9125068db5d2d1955ff27d34598a532b07d77963b777d54921657d
63faa8b7384c37c4834b77615586404ad7d7591d5ab8ac0c50c2b10470b35b0b
640943fea5a7cffa08a1b60b9870dcea5974c37ca20f8aed0d517e0eeaffbbc7
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69e91d39f798070ae61597025b1a84236accd5a1a2affac6746becffac685b09
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
76f74039f2019a94d723a2389541c2ecb5e7250d62be6cee860418f1586957c0
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7c822e019e1e4a2766efe07995323e2a45a5ff229ef478fb1dca8b4d6027b08c
7ee8734c823f01daa032be4e8f4c0d6fb4232fb53c492933fa8eed8d3d93beb0
8196d4c8e2dd49cd55135df4efe88196fbd67ef49df3954d338708feaf6ea140
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82dfce8760ca230bb796f728f5444cec9f3611c94bfe33298cad70aa524e0eb2
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8786ea1e9123653f32ef551be5d363d3f9eea8f822719b39290dd4aef61d5cfb
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c94e10f1d7ff188c4ea96cab2cea0e03822319ea6d82c8bb739b6275cfe8281
8caa78d98352fae7610723f378a8df27f809ae3bb0cd90bd01077f12f6ab7aec
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e17b6f1d95195483b9516a73f773d5f9bb1ed2963ac63875b40e9841115ebfd
8ef699c844c7e7e12d792ea2ce763069a37c7ac79f3eecfcd3efd1d82bccaae2
8fc5b567358f8995d74be1f98eb58b321155f7a78c99f16c56800f0c77f7c409
906a1c7b899193c5ff4f6a373f6584155142dcaaaf3d7d2c2c71bd3cd02a8b42
91efa265abcbceb1c30dac275e4aff1ec5c5f1373a1a15a79e14b5be0a95ac45
962bba463fbc870e1d4e8a32dd01bf0d86af35502a83838f5224b138764e6911
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2c902cca968a8171e1cf9dc9ccdb6ca161749947ba12624355a6bbd9dfa165f
a3a9075316226a791ff516515a423ff22c22ddf62de611560cc140f282f07e3c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a4c8f8f3612949d51dd7aa84210839ea4b7a7071a2dc4f67a0ee524335d6fdea
a544e41abe13ec58d03fa0f0c87693ce97b167bdd6b38c3842e6556452c4d859
a5505aa5aa7d8147c42fa6430e40d3a743142b34b7f65007c057ffee6d289c8e
a5a93404b056db91a5ea10c9a2a47a2b53ce38c379793fba407ee2d39a3f6baf
ab7105c1407459e866d69bbc951a035870959be85c36cbafac8cda944817e069
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16618ff65c8aa197c0284f3e3f5fbfe0ec1e02dfba065ad2ef328a9aa6b110e
b1fc7f6738f4a59d3161eff84c1bdb4180004ca6aeb8ef105d153dd577a1fb82
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba89d518215c486f38847eeba5d8d8b51c046b686f96a42818b5998614408fb4
bf473c4b25057def8a517e9e49edebf50fe239c6373237d92b4879c2849974e9
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c57bec7e62f61b8d4dec6ec35de95ecb53c07586e58d46eaff6364959858b33b
c8d19428b6ed29bce59c771a16fb2bf0031f174f92209adb73eeba79b6229633
c943d0b729b4478412fda049ccb129f1dda8f5543aac662e2a070c61f82e9f95
ca9c10dc51355b0d2bff65393a793029c5c1308a2e6270b6c20a50cfca81f720
cf67d2ea5c3bdda991e5f72231b0e306fb840b078114e1b8e0db83cd5ec4ddb4
cfab5d1b12da3c4ef5a41e956e0f0f61c0f432f20856961b54e3dcd53c807d12
d0160d58ed795599819556a1535c946e67f07fd4340c4f809832eb074aa70268
d21cd4cb3b9f3ec54e634ab0976215d89e3c88125f641d94c041ec067d6943cb
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c
d2b354c037b51c9300d20201cdbcfc135a296ae1832b559b387480dbc75668bb
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
df626a8cad12fd5ea643b53e149a5287a607edb016e52f0ea204d96acaa7fd0f
dfb454ff2c2abcb058d347520d6ab4c79a64ea664d212af95052269976dc284a
e060d2552f40e99ad96957f7e4cc703a26fdc6f6846a79c61ec5a72a0a63fd00
e340849e60d5016f6d7e245bcfddf038def85064ad44101c7b6127980d8d13f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a6deca46b54264e689842c9272519fbcd434e1ff7bce59f0c87f8495a3c0ba
e507c0aa5e7305097f7d623e8ca2a3051b6782965b37231145c62af60d3ab0b9
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e72713b875ca0ba2cbbdc49680cd0ff95976dbb3d1ebc0364bce851dbd5abba8
e7eec807019390dc577251781629f7d0749342de7db02ac614cc4d8b369ea8c3
e7f957f6214b1ffb261ed5523a50459a0838f2786fbd462248c4b487c0e8884c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ed557ea698486243f2a70df3a180536cac4b063740faf145c373211100981dc2
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13e7dae56c3686664cbd070d6b8104f371d13fb539ce8ee5efe30dc7a66eada
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe4b76d8efe8e97589478486cebe3a43365d034dedd0b6e26583eb1e02f8cf5f

www.canal38.com.br Open in urlscan Pro 2606:4700:3034::6815:4e50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

182 Requests

88 %HTTPS

54 %IPv6

34 Domains

58 Subdomains

44 IPs

9 Countries

3421 kBTransfer

6845 kBSize

25 Cookies

5 Outgoing links

Page URL History

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.canal38.com.br Open in urlscan Pro
2606:4700:3034::6815:4e50 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

88 %
HTTPS

54 %
IPv6

34
Domains

58
Subdomains

44
IPs

9
Countries

3421 kB
Transfer

6845 kB
Size

25
Cookies

182 HTTP transactions
4 data transactions