grandnoticias.com Open in urlscan Pro
2606:4700:3032::ac43:c368 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532...
Effective URL:
https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Submission Tags: falconsandbox
Submission: On November 07 via api (November 7th 2021, 7:02:03 pm UTC) from US — Scanned from DE

Summary HTTP 250 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 40 domains to perform 250 HTTP transactions. The main IP is 2606:4700:3032::ac43:c368, located in United States and belongs to CLOUDFLARENET, US. The main domain is grandnoticias.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.

This is the only time grandnoticias.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3032::ac43:beac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3032::ac43:c368	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
33	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::6815:6038	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:5402	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.161.15.92 51.161.15.92	16276 (OVH) (OVH)
1	67.202.94.94 67.202.94.94	32748 (STEADFAST) (STEADFAST)
25	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
15	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
5	2a04:4e42:200... 2a04:4e42:200::626	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2c40::c7... 2606:2c40::c73c:671d	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	104.18.28.199 104.18.28.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	208.100.17.182 208.100.17.182	32748 (STEADFAST) (STEADFAST)
1	208.100.17.188 208.100.17.188	32748 (STEADFAST) (STEADFAST)
61	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3 9	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1 2	34.250.155.46 34.250.155.46	16509 (AMAZON-02) (AMAZON-02)
3 15	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
1	64.233.166.156 64.233.166.156	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:d800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	52.73.22.104 52.73.22.104	14618 (AMAZON-AES) (AMAZON-AES)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	54.87.192.123 54.87.192.123	14618 (AMAZON-AES) (AMAZON-AES)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	2600:9000:224... 2600:9000:2240:d800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
4 4	217.66.147.170 217.66.147.170	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
1 1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	54.93.162.63 54.93.162.63	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	54.246.208.35 54.246.208.35	16509 (AMAZON-02) (AMAZON-02)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
250	41

1 2606:4700:3032::ac43:beac (United States)

ASN13335 (CLOUDFLARENET, US)

facebruek.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::ac43:c368 (United States)

ASN13335 (CLOUDFLARENET, US)

grandnoticias.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chama.grandnoticias.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:6038 (United States)

ASN13335 (CLOUDFLARENET, US)

animesonehd.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5402 (United States)

ASN13335 (CLOUDFLARENET, US)

m.notfollow.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.161.15.92 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns570935.ip-51-161-15.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.94 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:671d (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 208.100.17.182 (United States)

ASN32748 (STEADFAST, US)
PTR: ip182.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.188 (United States)

ASN32748 (STEADFAST, US)
PTR: ip188.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.250.155.46 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.50 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:d800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.73.22.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-22-104.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.192.123 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-192-123.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:d800:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.170 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-170-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Moscow, Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e1:101::6cae:b25 (San Francisco, United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.222.128.215 (Russian Federation) 1 redirects

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru

google-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.162.63 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-162-63.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.208.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-208-35.eu-west-1.compute.amazonaws.com

secure-gg.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Wetzlar, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	googlesyndication.com pagead2.googlesyndication.com 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com tpc.googlesyndication.com	409 KB
41	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net bid.g.doubleclick.net	311 KB
33	demand.supply live.demand.supply api.demand.supply	60 KB
22	ampproject.org cdn.ampproject.org	435 KB
12	google.com 3 redirects adservice.google.com www.google.com	2 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	106 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	145 KB
10	2mdn.net s0.2mdn.net	557 KB
9	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	8 KB
6	mts.ru 6 redirects sm.rtb.mts.ru tech.rtb.mts.ru	4 KB
5	jwpcdn.com ssl.p.jwpcdn.com	199 KB
5	googleapis.com fonts.googleapis.com	4 KB
5	grandnoticias.com grandnoticias.com chama.grandnoticias.com	13 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
3	googletagservices.com www.googletagservices.com	111 KB
3	google.de adservice.google.de	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	941 B
2	dtscout.com t.dtscout.com	3 KB
2	animesonehd.xyz animesonehd.xyz	216 KB
1	o2online.de portal.o2online.de	609 B
1	imrworldwide.com secure-gg.imrworldwide.com	297 B
1	lijit.com 1 redirects ap.lijit.com	639 B
1	adkernel.com dsp.adkernel.com	233 B
1	rutarget.ru 1 redirects google-sync.rutarget.ru	578 B
1	adriver.ru 1 redirects ssp.adriver.ru	340 B
1	linkedin.com 1 redirects px.ads.linkedin.com	733 B
1	e-volution.ai rtb2-useast.e-volution.ai	233 B
1	smaato.net 1 redirects s.ad.smaato.net	442 B
1	sonobi.com sync.go.sonobi.com	478 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	725 B
1	adsrvr.org match.adsrvr.org	265 B
1	jquery.com code.jquery.com	33 KB
1	jwplayer.com www.jwplayer.com
1	jsdelivr.net cdn.jsdelivr.net	2 KB
1	amung.us whos.amung.us	146 B
1	notfollow.online m.notfollow.online	2 KB
1	waust.at waust.at	7 KB
1	facebruek.online facebruek.online	889 B
250	40

	Domain	Requested by
39	tpc.googlesyndication.com	grandnoticias.com 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com securepubads.g.doubleclick.net facebruek.online cdn.ampproject.org tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
28	live.demand.supply	grandnoticias.com live.demand.supply client
22	cdn.ampproject.org	securepubads.g.doubleclick.net cdn.ampproject.org
22	pagead2.googlesyndication.com	live.demand.supply 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com tpc.googlesyndication.com fw.adsafeprotected.com grandnoticias.com s0.2mdn.net securepubads.g.doubleclick.net www.googletagservices.com
15	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net grandnoticias.com 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
15	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net grandnoticias.com
10	s0.2mdn.net	facebruek.online s0.2mdn.net
9	www.google.com	3 redirects 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com grandnoticias.com facebruek.online tpc.googlesyndication.com
8	dt.adsafeprotected.com	2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
8	fonts.gstatic.com	fonts.googleapis.com
7	ic.tynt.com	grandnoticias.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com grandnoticias.com facebruek.online
5	api.demand.supply	live.demand.supply
5	ssl.p.jwpcdn.com	animesonehd.xyz ssl.p.jwpcdn.com
5	fonts.googleapis.com	grandnoticias.com securepubads.g.doubleclick.net 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
4	sm.rtb.mts.ru	4 redirects
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	googleads4.g.doubleclick.net	facebruek.online
3	www.gstatic.com	2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
3	www.googletagservices.com	2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com facebruek.online
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	grandnoticias.com	chama.grandnoticias.com grandnoticias.com
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	fw.adsafeprotected.com	1 redirects 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
2	t.dtscout.com	waust.at t.dtscout.com
2	animesonehd.xyz	grandnoticias.com animesonehd.xyz
2	chama.grandnoticias.com	chama.grandnoticias.com
1	portal.o2online.de
1	secure-gg.imrworldwide.com	2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
1	ap.lijit.com	1 redirects
1	dsp.adkernel.com	2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
1	google-sync.rutarget.ru	1 redirects
1	ssp.adriver.ru	1 redirects
1	px.ads.linkedin.com	1 redirects
1	rtb2-useast.e-volution.ai	2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	sync.go.sonobi.com	2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
1	sync.srv.stackadapt.com	1 redirects
1	match.adsrvr.org	2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
1	static.adsafeprotected.com	2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	waust.at
1	code.jquery.com	animesonehd.xyz
1	www.jwplayer.com	animesonehd.xyz
1	cdn.jsdelivr.net	animesonehd.xyz
1	whos.amung.us	waust.at
1	m.notfollow.online	grandnoticias.com
1	waust.at	grandnoticias.com
1	facebruek.online
250	55

This site contains links to these domains. Also see Links.

Domain
bit.ly
whos.amung.us
sulvo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-14` - `2022-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2021-04-21` - `2022-04-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.jwplayer.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
www.jwplayer.com Cloudflare Inc ECC CA-3	`2021-10-12` - `2022-10-11`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2021-09-13` - `2022-10-14`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Frame ID: 7206A453F37D12D07E32AFE6EF4EDD25
Requests: 79 HTTP requests in this frame

Frame: https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4
Frame ID: 62E7CDF8E5F81A0828277CB197866A60
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Frame ID: 4822305C879C4633E323EC9D87B30B70
Requests: 1 HTTP requests in this frame

Frame: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A2144DE928788D292B9CCAC6FE9F8760
Requests: 1 HTTP requests in this frame

Frame: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 72B357CCD0538304EBFA232E0571C1DE
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 9561C925709483AE9336F87302F5CDDF
Requests: 20 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 35202151EB8FC45029B2ADAB62DD0426
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5B3DC576A5DAFC658543747AD3BB9152
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 1D6C31E7CEDE7CE77F1BA7CE8C9F59C7
Requests: 15 HTTP requests in this frame

Frame: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D90FD01B45FCCB0C00F8241AD5CCB8EF
Requests: 1 HTTP requests in this frame

Frame: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DD82679DA19A5C7E6DAED2171C74794E
Requests: 26 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: E1597202DAE3D9305C609110F51E8E18
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: E41423B8439B7A9451691D8F12808EBE
Requests: 15 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGovcMEBFKuiIF0lSSpejMx9vdzezITB2uPXN_jEZT7rGBBnr4R04xtEJ2P-HBxqGugjAhU1GS9H5s5msoFTfFY-KAWI9hy8RoBZaP8lFgro8vytkaJ-IReQDGjaaN2EUruVGzc9lKG7uUQ8ZR5F-0uFI98bHl7UId2In3zVvQfdkV8dle7RypMEVq4jBi2o18TBMiFupsJNOos1zuiZe9xp9BEAB6sI9f22Ff7AeneOTsVlFtFTRpq_YkDBZ35boSmk0kqoV_eIXq5thV3XRb2zAfYSsgvK1YH3OvYEH4ZTEae6sjNAHkSnvymNy-W7vZNHCty6Kgi-UCi_fpI7HScWY7G0r6LgziC8W3OOfDyErhPnU5uFpLNKeJhijnstm-NroyylbYTZdR8OQ7M8QFH6LUmPQQJatq7Ahsyti4-6bVPM1_QmCDGsNNXJ9sXr7YoaIWDoilC_tHSjD9-ftsbmALaOKFbXB05JdcWRMVq1yOjQ-XZBauvLZhPx9DbMcbwGuOPuOl2UqtFU0tIPkV8gptFLC05mHvnP82qme4Ltqcq3SfJs62GcJnk_SXiGboMn1AHpMa_L7zMV8Wo6UX5B79DaS9cnB2of_9zB_KdtZIusP9MLvyE8rjrJBwjUlMWNZcacuUBofrPeMXl0bBv7ziNO8y3QsBhh9NbUZrzf-9PyhctK99Ma4WM5GAJCErJbXFXF1RmiiXkRWF1ZwFy5fAERKiuisKmLS95sBLm9vAfU5MVnxXl_gd5lh-lqVFO2FvAs4y4UyJzdQX01WT4jjdO6eqhvt5xC42MrGlBroEBm1AMVJMHXXU4cWtCcym5FgK0ttWDnx7nhI_pulQWn8GiXWqXoKoGkD1qdMFPjurQO0qLvQDPeiFOGXyKi1GhK5jnjzzENvl6aqfUSUdtQDbdfo0TVRe-CkoxeH06ulbKxpBk8OOz6jJT_Y-DIKzHk39dDOT6JaYyyhmOQFmDgemuKnXX9rcXi2WNOWQzg7p5oBx-GAjvFLJEca8hO7M_l1ff3c26p1Zcoe2No0p4uZAUfcwm8nuMvK1X46SVjW9DDSintxb6SLKeACPqdjlJ2HQXCRwT7JSP5RM49sDw5VNDwK--mvbpwOy4Af626JMxdySLqcLEOPELqSjNBg3L_CsquJIkXy4b-wZxiGHcHX2WVYnwfeIoRn2KH0HCv_PA87AABCoxleui9EHUIoIlytGlza6TZxn2Xw_PdhDn48l16hqDQvu2jOBS2_0wPVmelVW99UtsqN8Xr2B1mbZnmYnMAWRatngotUjjs1w82nPZYBqPjpyikdZfiq-7b5BkEJS&sai=AMfl-YT8F49hCR4Z6pfk6B2RtnbeN-GIijX6JojdBw_shg4b3HSVQHR4_VMmLA&sig=Cg0ArKJSzMSa3L1JRJFIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: DC73CDFC03B18EF69E7808B595BA6D79
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj7lau3ATAB&v=APEucNWUKPEmPXjRdzz8wDpcjbmnqZtCL1st7ZpYUyNAOvL-24PgJax46IwDOcnqcGKXOW-NvWlCBVfA6e8uk73SuyC3AHWGcq5sb9NnUEMakZsacv_wAqoJeg6xqVLgAQKFUfkMbwiPyfjeYc1OWcXNxvZA_7kY6FLcXJsTTCIWh-0wvvRFiPlDBlwnuRWDOZHiB9C0vUSeD4N-O6jm5JfoIOxuJPn1pQ
Frame ID: A9774234EE73DE56CB6F61C2DAD847F4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1FA661954A2DD5132185E716A741A940
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FC480DD5E1F8B5416DEA4CA5162A7F62
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 10FF021AD9415026C3E728E63E23739A
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: FC52F4CF10CCF1F8371B5B56D14EAC36
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 44AFDE778ED98C4BDB85B42F20278E5A
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61924367/20211013081459116/728x90.html?e=69&leftOffset=0&topOffset=0&c=rhPKLxPmMK&t=1&renderingType=2
Frame ID: EA3F83DD50CC41ACE1698EDE0576A7AD
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js
Frame ID: B96B7B15542222BEDF7C25B95F91196C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 03ABEAF80749CC9A5FF6C58012B4D921
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0EA8321D1294EDD5F87973FFD7E71137
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Covid-19: Pfizer recruta novos voluntários para testar vacina no Brasil

Page URL History Show full URLs

https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e706... Page URL
https://grandnoticias.com/hokage/itachi.php Page URL
https://chama.grandnoticias.com/link.php Page URL
https://chama.grandnoticias.com/ Page URL
https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/ Page URL

Page Statistics

250
Requests

93 %
HTTPS

48 %
IPv6

40
Domains

55
Subdomains

41
IPs

7
Countries

2625 kB
Transfer

6240 kB
Size

36
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://bit.ly/3lJADS1
Title: Animes One HD

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/victorxone/
Title: 847

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Page URL
https://grandnoticias.com/hokage/itachi.php Page URL
https://chama.grandnoticias.com/link.php Page URL
https://chama.grandnoticias.com/ Page URL
https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 181

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdOmUrL5W5d6W0lLpk_7Uk&google_cver=1

Request Chain 189

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYgipl2q1z-4YN0dYXVK3gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdOmUrL5W5d6W0lLpk_7Uk&google_cver=1

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDtJnVy-DGlJ9Q4mDktYRVk&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDtJnVy-DGlJ9Q4mDktYRVk%26google_cver%3D1

Request Chain 191

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg2MTU1NzkwODQyNTE4MzM4

Request Chain 194

https://fw.adsafeprotected.com/rfw/bgd/820761/57728794/xbbe/creative/adj?p=APEucNXYE4Kt7zvIpJD3n1MNN4v2Go2vwM0OH0_Aw3cc6aY-wlJfThg&d=CnkAoCZ_4KuF5GXkrECrvdoz1_oOoZH_Ri_TP0k4DzZmEaH9lH--B74En5D51KH1-2EIx-ayTDHp8nlzAoFr6DhDRDCP3xyiATRxbkdJvTyvliNSvN-KbJtAd1wTx5I_z1iEqY7GhkeougkD8O2S_Erzc9rlKrgjlmM7EqkUAKAmf-ATQmkUSBzimHrczLX-1pDRIxMYAgWiCeKi1kJrksjpaLPjxTxeVi6IzldwTNqk2M69DpA1arCKf8qWwWwEsEW2ZRRBXrwL_WYjxstfgK_5zK2gd6k3Mn7SI_YPgSsT_2fZl0KNA-HXpTLV8DCLRmxsntfSliFCzWV1JIkFbSAbtuWcjGVwO1vfZLs6c2oCLiqYKr2kwo62zuPp6jjeFFXFyf0jo4AobERpa1HwqU2mr4eIORYaJWi3tgrTPTszj891nM4Y8DDI4wfoG4rru1xcm09UR6xa6N2ImdC1ciI90qpNwJgKGOwZW7eIj4DwcoVAXFLhpBBnOAIgubqZdfdv1gjYq1O_A88r97K5tl15zz7wsSa9UBhHxAUh7bkSUiNOdQnxB-DoMtYhgLCSUAcAwmmpIiV7uT2Dms0kiyZN_StxPqLUbjaMdM7IvTLXsv5l5Xl4SALRH0L00oP0Xu8NZWdkCN_r9k_spztfk7lmx5V64pu-6u9OGqWYEVpNy3kgabvMutS4Qk6FZ2Uz3ErlredLQqvj04WsUKTcBO7XYcvv84hYBGmP5w3B1-t_AMhexqvK7nzB_MSyQjtuVx502MPIAqr5FhwXV4iHZGUgV2rgR6uwLhBHGTmrc15oZUTRFF_0zjYsiAxjdG63fWVlILgtjX1vPd-PzKbg-32xOUeTCVZGuHJ9m8JDJxy7Lya3gZyLFP1vwgGjjozytZUXiMPmzWJTVNhNzGuOQwCdEAys6IpNthjflLiLcaajuxFH69i4tVIeujIXD5oCiyvYxbZMyR6C2O0Yw1dlDcTfwi-T8oRFpsNPG9NFeOjqJCxYomHKeDRdrgOzgc35wQihIDMBe2C5xvSBnnWUYFMCVGKidThd2dovuyNu08iCTLZ6Sxbod40v1P5Hc-92ln9tlPnNClXT6veMv9Zntj0zGknqOKP6RGIEycbwGcjVgRxPpUw1oMmehFRYF16bLM02gPnwcGafE2VqXDu4hKXhCC_P4Mf3Ki0mHmrbipY1sVSmtjbuA0aGfU9QpAJEj6Zi7s-zHFFezqAN_1234gsQol5AIftgigothTuA3Jo0a3OWAdVqNXXKBj9gFkuAxCBCPT0mww5LVBpNerSci4_hIRYfRF3H_81IDSdjA2BqFTdRnfl4853l9itQwwHCV-jitQjQPZeEvIgK8PJBb0ZlhvPqPonsBsVdHkdvvxw_4n3-FQKx0lx0RrghtiU3OpNkMTErvsfYopgvmo_y99qIt999zw5bIWueF5t5zwblGjMnfeasFejFh0fTCGV9a4rk1aWBBlqAg2f_O4poepKAbkzFj5RkPwc31rMpe2Ae17geNY8PpejVWjUnLwPU_NtDNLAuE3DBfrJUOhnAlIKig8mYZCvL8MIKzsPR7KjOcYBg_IY3NdoMsksK5sPDPrmDjDWOaDoTte3Qv2ZHzt-ty-8TGlv7Wxp6bPd7Ktmq3ZLWacNPk3yH43x6agN0POQ4Iiv6_JnEM_m5ptMdGSEg2poG-akgIVuAK4ktg7cv2T9qc_vavvLvu0pgIc2IckjbBhVNAJa9h9TObrnmqoOegyQX-YAQJqz3h3ZwOfULESK0P3TS33CM2L3Pm8tsZ_8GkqopjzZ2sqvkGIkHUEiPZQJqpcyO6xQlTo6PA5BqWB-SzYpUN8g7gmEMVILJV2GIjdmrOFgRSuaBPrl0Hiv4C4QbKkxYN6M8VRzvG0f5hQ1HtACBcJUk5vCSWMQr77DdkKSoMWEofhV7Rq20hld96YMuanD2rnFtIf7qFynzXxNafhmtV-qb4Fw_y3Tx5BJBxbmTMD3RWhDkfEESO5CljxOwsYSQD01iyMlxF9l-CYK0ASQagIZeCR0vOvHlfjqgp0udXTKcouGx13GdPAlcfUF1GJTmwJsMpIqM-rjykRB5oMtzu8Hb0Dv7AfkRrEVo0Zs4FWSKOS-Fp2PViwlVPyunz09iO7-DPVyXgYCIf60M85ySHsjt4mv_ZGxGQt8Qf4ICWebp-VY3M3x9ShBhOzIvpZNAaZVtG9zLTniHofMc0HTx7AmrCZElJN_V8Z4nSfjF2iFM9dIsaW4B_Ux4j_ptNmMwj3UqJea_vAdz4y84l2OU3igRzER4vztotPEJhzOHz7VAtlSI_ih5z5U8jDSFoXOwmDk1FdVBV8We091btYtylOJwKfbj2Ag4iUMV63ojVTcd4-Lf0F8E3h5lgRD8IqDlBVliRxag2FAmOKUqEOaYmIGbzi72IGipMDz5GUtz1Zb1hfYrvZAOEOMu7-EbdypynACVav-amowiw0Y_I3ffMgx3FrMwirSw-nHrAm8oIKtmZu_rwnaRJV1awqkTdzVz2oLz7rUosgD-sUbap9YRAiKlv4na4B_4H8rTittXitVY48CyUAvai0pW_z5d2luXChEjLLXJwZXkO8g685JmftezuXUi6xkm_zIQ4RDN9AGYQEd4rQJaEtMWw5N-sJNyWcNC8gUALFJKRNWnqGEzl-3BUA0gZ2Kbmgj22czmzLyPEoDJKs_SRxuRygGDdpuxan1mfdn5PyedOxo6mmfLvAt3cq-o6f13CGyA9A2rMdIKPXckmPJC_ey-jr4NrQhOGV1ynLRWNvH45u91FbPLtUfVMUATqSA1TWcY32dSN7epupJlY5t9CWjyeUr54s2k2AwhxPiwh6MRiQdkFK0VZtaHyq2rB_AfY6O1Gl1fD3xuZAoOLUR5faC888ok4LrIh6VbeJtpxk-o_6kZlqj83lQK6AJ8Re0zj7ySyNyMR5Ov4pRW6ipxoOgl48X6RAEf1f2DDg7Z9o-T-UIoG3YnWRbpU1L0GfUXLZjhtCBmiyF5ScBrtj7KQq5xANM6TTkHKKM5nYGkb1WjkmNptgJ7jT8FFcpVc8rxoF4qbNQ--VLi2tDd3EkTF1_yHBZfrhUmcdUG6agJjr8ypd66iFJCLEJODRXrxt9cNUYrSIA1KY6Y-21v4uLSpF5k8ov2Uz4XFuRenbUQwVetoSmSWH6yHjOpTWWuXnZqt34tr0i-rJPS9NVfnRxC77MSjEt9FHehxz_OZLTsdQXFSESUj_iagZeXgQcjGhWJkjwWmdEc7K9Lc3CuXeuTkgvB-8UCU1UM6auU-PuVvwUBYwZ1UuJwp97RMTHZXJDHTKYbFPFZ_e8n2C0oxNFHaDu_5xcm9FKV62nEODYsncfqN5nJQj7vDZutere5nYWeMR0-_EYt0rVpiKu3i28hdAEBEVlhfPK5A0dIOHEcVhZtWu7IQsN6g3xsYni-cxJwWHiVipwjH3jezrUXJs5JKEohKK6n_ap0LdqTfirN5hCxi85GbY0bHSDIKo2tWpo1tcUhjbvUFOYg9dek9IEmh7WEZfiFY1v0NNT35qpGk4-snOI1R65HiCwELNqhZqg2nTBiHMkCURVMzEhRp0hfA_2--zbTcOJ533jyIg3NFX3dw45EBtjYGhYIABIS5GjOPVjiLZ4lo4bGzDZc4rX6YAE&adsafe_url=https%3A%2F%2Fgrandnoticias.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:db4e9058-1171-a62a-e33f-3152d47f187e,c:tjgqzo,sl:outOfView,em:true,fr:false,thd:1,mn:app17ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:forwrd1,nbld:0,mtim:3,fm:sO6Fd7T+11%7C12%7C13%7C1411%7C15%7C16%7C1711%7C1712%7C18*.820761-57728794%7C181%7C182%7C19%7C1a,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:22,oid:2e858299-3ffd-11ec-bbc5-0289e6fd96ae,v:19.8.263,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXYE4Kt7zvIpJD3n1MNN4v2Go2vwM0OH0_Aw3cc6aY-wlJfThg&d=CnkAoCZ_4KuF5GXkrECrvdoz1_oOoZH_Ri_TP0k4DzZmEaH9lH--B74En5D51KH1-2EIx-ayTDHp8nlzAoFr6DhDRDCP3xyiATRxbkdJvTyvliNSvN-KbJtAd1wTx5I_z1iEqY7GhkeougkD8O2S_Erzc9rlKrgjlmM7EqkUAKAmf-ATQmkUSBzimHrczLX-1pDRIxMYAgWiCeKi1kJrksjpaLPjxTxeVi6IzldwTNqk2M69DpA1arCKf8qWwWwEsEW2ZRRBXrwL_WYjxstfgK_5zK2gd6k3Mn7SI_YPgSsT_2fZl0KNA-HXpTLV8DCLRmxsntfSliFCzWV1JIkFbSAbtuWcjGVwO1vfZLs6c2oCLiqYKr2kwo62zuPp6jjeFFXFyf0jo4AobERpa1HwqU2mr4eIORYaJWi3tgrTPTszj891nM4Y8DDI4wfoG4rru1xcm09UR6xa6N2ImdC1ciI90qpNwJgKGOwZW7eIj4DwcoVAXFLhpBBnOAIgubqZdfdv1gjYq1O_A88r97K5tl15zz7wsSa9UBhHxAUh7bkSUiNOdQnxB-DoMtYhgLCSUAcAwmmpIiV7uT2Dms0kiyZN_StxPqLUbjaMdM7IvTLXsv5l5Xl4SALRH0L00oP0Xu8NZWdkCN_r9k_spztfk7lmx5V64pu-6u9OGqWYEVpNy3kgabvMutS4Qk6FZ2Uz3ErlredLQqvj04WsUKTcBO7XYcvv84hYBGmP5w3B1-t_AMhexqvK7nzB_MSyQjtuVx502MPIAqr5FhwXV4iHZGUgV2rgR6uwLhBHGTmrc15oZUTRFF_0zjYsiAxjdG63fWVlILgtjX1vPd-PzKbg-32xOUeTCVZGuHJ9m8JDJxy7Lya3gZyLFP1vwgGjjozytZUXiMPmzWJTVNhNzGuOQwCdEAys6IpNthjflLiLcaajuxFH69i4tVIeujIXD5oCiyvYxbZMyR6C2O0Yw1dlDcTfwi-T8oRFpsNPG9NFeOjqJCxYomHKeDRdrgOzgc35wQihIDMBe2C5xvSBnnWUYFMCVGKidThd2dovuyNu08iCTLZ6Sxbod40v1P5Hc-92ln9tlPnNClXT6veMv9Zntj0zGknqOKP6RGIEycbwGcjVgRxPpUw1oMmehFRYF16bLM02gPnwcGafE2VqXDu4hKXhCC_P4Mf3Ki0mHmrbipY1sVSmtjbuA0aGfU9QpAJEj6Zi7s-zHFFezqAN_1234gsQol5AIftgigothTuA3Jo0a3OWAdVqNXXKBj9gFkuAxCBCPT0mww5LVBpNerSci4_hIRYfRF3H_81IDSdjA2BqFTdRnfl4853l9itQwwHCV-jitQjQPZeEvIgK8PJBb0ZlhvPqPonsBsVdHkdvvxw_4n3-FQKx0lx0RrghtiU3OpNkMTErvsfYopgvmo_y99qIt999zw5bIWueF5t5zwblGjMnfeasFejFh0fTCGV9a4rk1aWBBlqAg2f_O4poepKAbkzFj5RkPwc31rMpe2Ae17geNY8PpejVWjUnLwPU_NtDNLAuE3DBfrJUOhnAlIKig8mYZCvL8MIKzsPR7KjOcYBg_IY3NdoMsksK5sPDPrmDjDWOaDoTte3Qv2ZHzt-ty-8TGlv7Wxp6bPd7Ktmq3ZLWacNPk3yH43x6agN0POQ4Iiv6_JnEM_m5ptMdGSEg2poG-akgIVuAK4ktg7cv2T9qc_vavvLvu0pgIc2IckjbBhVNAJa9h9TObrnmqoOegyQX-YAQJqz3h3ZwOfULESK0P3TS33CM2L3Pm8tsZ_8GkqopjzZ2sqvkGIkHUEiPZQJqpcyO6xQlTo6PA5BqWB-SzYpUN8g7gmEMVILJV2GIjdmrOFgRSuaBPrl0Hiv4C4QbKkxYN6M8VRzvG0f5hQ1HtACBcJUk5vCSWMQr77DdkKSoMWEofhV7Rq20hld96YMuanD2rnFtIf7qFynzXxNafhmtV-qb4Fw_y3Tx5BJBxbmTMD3RWhDkfEESO5CljxOwsYSQD01iyMlxF9l-CYK0ASQagIZeCR0vOvHlfjqgp0udXTKcouGx13GdPAlcfUF1GJTmwJsMpIqM-rjykRB5oMtzu8Hb0Dv7AfkRrEVo0Zs4FWSKOS-Fp2PViwlVPyunz09iO7-DPVyXgYCIf60M85ySHsjt4mv_ZGxGQt8Qf4ICWebp-VY3M3x9ShBhOzIvpZNAaZVtG9zLTniHofMc0HTx7AmrCZElJN_V8Z4nSfjF2iFM9dIsaW4B_Ux4j_ptNmMwj3UqJea_vAdz4y84l2OU3igRzER4vztotPEJhzOHz7VAtlSI_ih5z5U8jDSFoXOwmDk1FdVBV8We091btYtylOJwKfbj2Ag4iUMV63ojVTcd4-Lf0F8E3h5lgRD8IqDlBVliRxag2FAmOKUqEOaYmIGbzi72IGipMDz5GUtz1Zb1hfYrvZAOEOMu7-EbdypynACVav-amowiw0Y_I3ffMgx3FrMwirSw-nHrAm8oIKtmZu_rwnaRJV1awqkTdzVz2oLz7rUosgD-sUbap9YRAiKlv4na4B_4H8rTittXitVY48CyUAvai0pW_z5d2luXChEjLLXJwZXkO8g685JmftezuXUi6xkm_zIQ4RDN9AGYQEd4rQJaEtMWw5N-sJNyWcNC8gUALFJKRNWnqGEzl-3BUA0gZ2Kbmgj22czmzLyPEoDJKs_SRxuRygGDdpuxan1mfdn5PyedOxo6mmfLvAt3cq-o6f13CGyA9A2rMdIKPXckmPJC_ey-jr4NrQhOGV1ynLRWNvH45u91FbPLtUfVMUATqSA1TWcY32dSN7epupJlY5t9CWjyeUr54s2k2AwhxPiwh6MRiQdkFK0VZtaHyq2rB_AfY6O1Gl1fD3xuZAoOLUR5faC888ok4LrIh6VbeJtpxk-o_6kZlqj83lQK6AJ8Re0zj7ySyNyMR5Ov4pRW6ipxoOgl48X6RAEf1f2DDg7Z9o-T-UIoG3YnWRbpU1L0GfUXLZjhtCBmiyF5ScBrtj7KQq5xANM6TTkHKKM5nYGkb1WjkmNptgJ7jT8FFcpVc8rxoF4qbNQ--VLi2tDd3EkTF1_yHBZfrhUmcdUG6agJjr8ypd66iFJCLEJODRXrxt9cNUYrSIA1KY6Y-21v4uLSpF5k8ov2Uz4XFuRenbUQwVetoSmSWH6yHjOpTWWuXnZqt34tr0i-rJPS9NVfnRxC77MSjEt9FHehxz_OZLTsdQXFSESUj_iagZeXgQcjGhWJkjwWmdEc7K9Lc3CuXeuTkgvB-8UCU1UM6auU-PuVvwUBYwZ1UuJwp97RMTHZXJDHTKYbFPFZ_e8n2C0oxNFHaDu_5xcm9FKV62nEODYsncfqN5nJQj7vDZutere5nYWeMR0-_EYt0rVpiKu3i28hdAEBEVlhfPK5A0dIOHEcVhZtWu7IQsN6g3xsYni-cxJwWHiVipwjH3jezrUXJs5JKEohKK6n_ap0LdqTfirN5hCxi85GbY0bHSDIKo2tWpo1tcUhjbvUFOYg9dek9IEmh7WEZfiFY1v0NNT35qpGk4-snOI1R65HiCwELNqhZqg2nTBiHMkCURVMzEhRp0hfA_2--zbTcOJ533jyIg3NFX3dw45EBtjYGhYIABIS5GjOPVjiLZ4lo4bGzDZc4rX6YAE

Request Chain 199

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEPdP-8FUhqayndupg5Jr7wQ&google_cver=1&google_push=AYg5qPInG_VSyCO8vpjRn4VRQSI23xdl2hW196-h5iJ-lrXLXSma6Fh3B47EHju_ic5sVGju7FTZXLaulT1dZypk0bobCL23y3s8Aw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=NOcVz0zFQ9hJNR2jPznWME4v0Bs&google_push=AYg5qPInG_VSyCO8vpjRn4VRQSI23xdl2hW196-h5iJ-lrXLXSma6Fh3B47EHju_ic5sVGju7FTZXLaulT1dZypk0bobCL23y3s8Aw

Request Chain 201

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELTs4wDR7QRP8EOwSv0I1Bo&google_cver=1&google_push=AYg5qPIsp-yjUSmq6zmPIqkgBBeoFhR7deuGWgB6YeZaRe4_8wNKyGxKiBnth7LB6MVi2iDtcY-BkNOLbCIkzTQBb0M_cw54WK4ZhQ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELTs4wDR7QRP8EOwSv0I1Bo&google_cver=1&google_push=AYg5qPIsp-yjUSmq6zmPIqkgBBeoFhR7deuGWgB6YeZaRe4_8wNKyGxKiBnth7LB6MVi2iDtcY-BkNOLbCIkzTQBb0M_cw54WK4ZhQ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIsp-yjUSmq6zmPIqkgBBeoFhR7deuGWgB6YeZaRe4_8wNKyGxKiBnth7LB6MVi2iDtcY-BkNOLbCIkzTQBb0M_cw54WK4ZhQ&google_hm=a4600cae1b88930dfdf375a0

Request Chain 202

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELOTe3ydonNzSPf-6a8696c&google_cver=1&google_push=AYg5qPLCsZmKwrVNF3ar3b_25vfgNxvCxhW8G4ydyaxJykrMnQ7IBjqdoWF5NHYBnJJ4wmimKe9OUsGHbozF2c4jmBB8dcLZMwyw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLCsZmKwrVNF3ar3b_25vfgNxvCxhW8G4ydyaxJykrMnQ7IBjqdoWF5NHYBnJJ4wmimKe9OUsGHbozF2c4jmBB8dcLZMwyw

Request Chain 204

https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEFd-62O6QcSP2CMN04MDkU4&google_cver=1&google_push=AYg5qPLWIJfrUwUit9QeG43XrmViGR1EoJHNnG-_J_HxFnZVtZMsWnmv1Lw-SircEDSvIA-4UiHGHwRykeS1mBseJLr1ILGIVuf0Yw HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=12&google_push=AYg5qPLWIJfrUwUit9QeG43XrmViGR1EoJHNnG-_J_HxFnZVtZMsWnmv1Lw-SircEDSvIA-4UiHGHwRykeS1mBseJLr1ILGIVuf0Yw&exu=CAESEFd-62O6QcSP2CMN04MDkU4 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=06bc9990-5f83-40ac-8b9e-f132f36a754f&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D06bc9990-5f83-40ac-8b9e-f132f36a754f%26google_push%3DAYg5qPLWIJfrUwUit9QeG43XrmViGR1EoJHNnG-_J_HxFnZVtZMsWnmv1Lw-SircEDSvIA-4UiHGHwRykeS1mBseJLr1ILGIVuf0Yw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=06bc9990-5f83-40ac-8b9e-f132f36a754f&google_push=AYg5qPLWIJfrUwUit9QeG43XrmViGR1EoJHNnG-_J_HxFnZVtZMsWnmv1Lw-SircEDSvIA-4UiHGHwRykeS1mBseJLr1ILGIVuf0Yw

Request Chain 215

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFOGW8Vm94zQFpD2HX650jA&google_cver=1&google_push=AYg5qPIWyHWqmHGQdaEhzpb7teVDUGFIeB8Q7C0ERGhjgXFBJAi5D3baYWqT8muSi2pYMLN7lgz2QRnmSJj3JJxC7q3FasXDD6Ib HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPIWyHWqmHGQdaEhzpb7teVDUGFIeB8Q7C0ERGhjgXFBJAi5D3baYWqT8muSi2pYMLN7lgz2QRnmSJj3JJxC7q3FasXDD6Ib

Request Chain 216

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEHyZ6hQnWgoHFxjzmDuI26k&google_cver=1&google_push=AYg5qPLB0zmcU1QyJ1gAKA0hfN06odKT2C5teiMhOJylCS47qqs8LXLMNJEF3UNuhThU6DRLFwhcSZcFg2c9WBXAoqbGQZK-9n1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLB0zmcU1QyJ1gAKA0hfN06odKT2C5teiMhOJylCS47qqs8LXLMNJEF3UNuhThU6DRLFwhcSZcFg2c9WBXAoqbGQZK-9n1A&google_hm=QWdIZEplR1lMMGUxSWZfYld2bi15Z0E=

Request Chain 217

https://google-sync.rutarget.ru/sync?google_gid=CAESEBHHzQYp81fKfd1xQMdvm3c&google_cver=1&google_push=AYg5qPK7PWJ76AYx32AYJOl-2FoyFwMQJkMENTp0H_oqXcyYncF2glMtuumRIIrHcga3CGqApMlmsMXGW141jxddFfexCVzTN8A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=enBtZGZXajE0S29F&google_ula=2046794&google_push=AYg5qPK7PWJ76AYx32AYJOl-2FoyFwMQJkMENTp0H_oqXcyYncF2glMtuumRIIrHcga3CGqApMlmsMXGW141jxddFfexCVzTN8A

Request Chain 219

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB9D8MtZaoNSMZRO3cFcUEE&google_cver=1&google_push=AYg5qPIP1YViuGjA9CqI3qG79CIUgnZRPiiJ7Wed4gWtNEP8Az8VG51x4N21rG-FrT8Gsv9FFsbhDUHxKCNx-h5Ct3VtPee6rC06 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIP1YViuGjA9CqI3qG79CIUgnZRPiiJ7Wed4gWtNEP8Az8VG51x4N21rG-FrT8Gsv9FFsbhDUHxKCNx-h5Ct3VtPee6rC06&google_hm=a4600cae1b88930dfdf375a0

Request Chain 220

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF0yRItzUacQd6hUvVVwXlg&google_cver=1&google_push=AYg5qPKQ5sLMEneMj_brK1ZOxmA9NyO00uAyN4YCgdNUeVXaFKY1qvOVS3oyi8C5Z8v_uIRX_af6gm1TWpJ2sIChtVKmFMeRjz53FQ HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF0yRItzUacQd6hUvVVwXlg&google_cver=1&google_push=AYg5qPKQ5sLMEneMj_brK1ZOxmA9NyO00uAyN4YCgdNUeVXaFKY1qvOVS3oyi8C5Z8v_uIRX_af6gm1TWpJ2sIChtVKmFMeRjz53FQ&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF0yRItzUacQd6hUvVVwXlg&google_cver=1&google_push=AYg5qPKQ5sLMEneMj_brK1ZOxmA9NyO00uAyN4YCgdNUeVXaFKY1qvOVS3oyi8C5Z8v_uIRX_af6gm1TWpJ2sIChtVKmFMeRjz53FQ&apid=UP2ed06e20-3ffd-11ec-931b-068311666846 HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF0yRItzUacQd6hUvVVwXlg&google_cver=1&google_push=AYg5qPKQ5sLMEneMj_brK1ZOxmA9NyO00uAyN4YCgdNUeVXaFKY1qvOVS3oyi8C5Z8v_uIRX_af6gm1TWpJ2sIChtVKmFMeRjz53FQ&apid=UP2ed06e20-3ffd-11ec-931b-068311666846&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyZWQwNmUyMC0zZmZkLTExZWMtOTMxYi0wNjgzMTE2NjY4NDY%3D&google_push=AYg5qPKQ5sLMEneMj_brK1ZOxmA9NyO00uAyN4YCgdNUeVXaFKY1qvOVS3oyi8C5Z8v_uIRX_af6gm1TWpJ2sIChtVKmFMeRjz53FQ

Request Chain 221

https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESENjyuQkBCB3SMujOWQA28-s&google_cver=1&google_push=AYg5qPLYyA_Ao_WtSGmk-1wVuiiHFd9tTme5rPy05ZS0hO_-XRmgyHfKNUt5YPgE_aEI7ZBENHftPkcGnlHKmTvX0F27QdE6km_CwQ HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=12&google_push=AYg5qPLYyA_Ao_WtSGmk-1wVuiiHFd9tTme5rPy05ZS0hO_-XRmgyHfKNUt5YPgE_aEI7ZBENHftPkcGnlHKmTvX0F27QdE6km_CwQ&exu=CAESENjyuQkBCB3SMujOWQA28-s HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=06bc9990-5f83-40ac-8b9e-f132f36a754f&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D06bc9990-5f83-40ac-8b9e-f132f36a754f%26google_push%3DAYg5qPLYyA_Ao_WtSGmk-1wVuiiHFd9tTme5rPy05ZS0hO_-XRmgyHfKNUt5YPgE_aEI7ZBENHftPkcGnlHKmTvX0F27QdE6km_CwQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=06bc9990-5f83-40ac-8b9e-f132f36a754f&google_push=AYg5qPLYyA_Ao_WtSGmk-1wVuiiHFd9tTme5rPy05ZS0hO_-XRmgyHfKNUt5YPgE_aEI7ZBENHftPkcGnlHKmTvX0F27QdE6km_CwQ

250 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 one.php Show response
facebruek.online/ 490 B
889 B 95ms
62ms Document
text/html 2606:4700:3032::ac43:beac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:beac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5583bed55b667e4e9c6d854699d22936b9226ae9519c32fd769de49168b10cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 07 Nov 2021 19:01:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeEygNMhD3mnnkyjwbJydO6w4M8%2BbwSeFk%2FzaU8IKb7sQIFs0YtNWEjzLHNJjg%2FvhZoW9Y33MeZEL56GDFT%2BzT035Q%2FpmK%2B%2FzE6EobRK9GSdc3N6FugymyBEEWlXtSbbUNLxWZZXATDZKSsIh68x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6aa8d01c391dc2a9-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 itachi.php Show response
grandnoticias.com/hokage/ 484 B
1 KB 347ms
254ms Document
text/html 2606:4700:3032::ac43:c368
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grandnoticias.com/hokage/itachi.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c368 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c31f29473ee8a586108b40f3f8ffe917d8d9637b9347ac93194a2b84037939c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://facebruek.online
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://facebruek.online/

Response headers

date: Sun, 07 Nov 2021 19:01:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBvcPmdwke%2BrQRNLNu3O20WyeF%2FmGgz4orwVcUf4rb9dKRxMuIhVwlRLfK6hOUf1CvWr3jOmWLshkPXnSSh1mKxDl2nZjmMZMEPyH0OVba4fyR2ezEoN%2BCa9tD2YO87pw52MdY7zZ%2FLupDJeqF8YGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6aa8d01d48f25c0e-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 link.php
chama.grandnoticias.com/ 69 B
410 B 286ms
267ms Document
text/html 2606:4700:3032::ac43:c368
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chama.grandnoticias.com/link.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c368 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://grandnoticias.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/

Response headers

date: Sun, 07 Nov 2021 19:01:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bWtPBLDxhjxe6RoSlRFZySTiuSYk2qOqD8UD%2BNUr0SOVJTLyawWlh%2BZEoeQ4LRjA7QvwS4Xd7vK%2BwsILlN2T8gg3OuP0HrRZZFIROTPtaQFK%2FEflPBfMdhX8SSYWAhk%2BiKa0cnj8sgYpRM2gtluWL7H3C3Yig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6aa8d01f5ec95c0e-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 /
chama.grandnoticias.com/ 140 B
438 B 159ms
157ms Document
text/html 2606:4700:3032::ac43:c368
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chama.grandnoticias.com/

Requested by

Host: chama.grandnoticias.com
URL: https://chama.grandnoticias.com/link.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c368 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://chama.grandnoticias.com/link.php

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOBDIVeDy4Mm5ljgyIqHEdrVjHWy%2BB8BdSEal3rsqq%2BzLGUlxD4%2BkSU4c1yaYYjtwpOYbKsnwaT%2Fj8zt8J5fZiwZ%2BYgbxrxVA7a%2Fuf0NhxSr3G%2F0smzgTzHYKPY%2BdEyCMEbgBAXOPcBAlUoscLRDVArnECtjrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6aa8d0211bf95c0e-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 Primary Request / Show response
grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/ 8 KB
3 KB 209ms
208ms Document
text/html 2606:4700:3032::ac43:c368
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Requested by

Host: chama.grandnoticias.com
URL: https://chama.grandnoticias.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c368 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

738c97b01d0d6e40e80d9fce57c5bc1d85c11347c1fb66edd7bca4bd2003f863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://chama.grandnoticias.com/

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-pingback: https://grandnoticias.com/xmlrpc.php
link: <https://grandnoticias.com/wp-json/>; rel="https://api.w.org/" <https://grandnoticias.com/wp-json/wp/v2/posts/54>; rel="alternate"; type="application/json" <https://grandnoticias.com/?p=54>; rel=shortlink
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4qhHSwUHH18jLMtIHWdwUohwxwp0HsIGh29My8Ay7zsfRcUgaA%2BTYOcj3KKIdZiNhaIDMB2hXNMFstWOF2UFSKhwAzSxI5qb3wjUv7%2FMHkSPQ%2B94UWaPAjmYM647%2Fu18%2B51i6cV9xsTFmbbSpth8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6aa8d0222f865c0e-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,100,100italic,300,300italic,400italic,500,500italic,700italic,700,900,900italic

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb0f63784f2277e0de02906b3363789eb045aeff0f60fcf2b70ecfa3898e3515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Nov 2021 19:01:56 GMT
server: ESF
date: Sun, 07 Nov 2021 19:01:56 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 07 Nov 2021 19:01:56 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 4 KB
3 KB 127ms
96ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ccda2bc950c23ab9d4566a96d4e86c386edc5039ebe90fb905a7cea0dce1de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FKEFKNRDP6TTVF3BTXW31DEZ
date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 126
cf-polished: origSize=3935
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"59de6717fa079a1bdca61971e7fc88e1-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 6aa8d023b9160eaf-FRA
link: <https://live.demand.supply/impl.v13.8.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v13-8-0/Z3JhbmRub3RpY2lhcy5jb20v>; rel=preload; as=script

GET
H2 200 akatsuki.js Show response
grandnoticias.com/hokage/ 68 KB
7 KB 30ms
29ms Script
application/javascript 2606:4700:3032::ac43:c368
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grandnoticias.com/hokage/akatsuki.js?ph

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c368 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f58779f4b75d17756a8cbee721424a1acf73675970810c4a35d1579e8915e55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1570247
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Apr 2021 06:04:28 GMT
server: cloudflare
etag: W/"606bf9ec-10e8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nlb9MpHVIwym7LSy9ZuSTcTfKW9%2BFzHpsBodnUYTyEU%2Bkv3vrW7h32yhM3lNHLfpYxfLcyP%2F6bjGkrBOi8bd7zU0W9cElXuRTkQpuxlYA%2FOPn5nkRogm%2BqemPHGi%2BQnhPfIolBhtPzmjXfv6vSyiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6aa8d023cc695c0e-FRA
expires: Fri, 19 Nov 2021 14:51:09 GMT

GET
H2 200 d.js Show response
waust.at/ 13 KB
7 KB 46ms
20ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2221
last-modified: Mon, 03 May 2021 17:48:25 GMT
server: cloudflare
etag: W/"60903769-3444"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EwXW%2BV%2FnCHN2rW8S3MitkiLDVqpXmHcxlf%2By0%2BtpEExLykr%2BPtfWAWftf%2BNRtS1GqIt%2BeJseaoJ4ibvYv%2F33dMJEAx8x6on0PsysudlrhHSqF%2BggoScgSKg8%2B7v1VOaJyXiLNjY"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6aa8d023ff214a56-FRA
expires: Mon, 08 Nov 2021 18:24:55 GMT

GET
H2 200 s02hd.php Show response
animesonehd.xyz/ Frame 62E7 2 KB
2 KB 83ms
48ms Document
text/html 2606:4700:3037::6815:6038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3037::6815:6038 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.32
Resource Hash: 9d71c1bde4180d8e884c9391dfe3e8bc4dba443d6fb433f2a6f075b39df44713

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.32
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeTPhFGxTMEDm7sX3tjzRLczd%2FgXl9aDXjmYargliQVDpujZ4ukTAqisKzVSvp5c2xDLBeX2UHJVS5L9ogyGBc64dlQhvqz833UpZ9wV9xGFrgCNXIZn%2FzEsBTV1DEE6PZPbdWoEiOgTM91qUYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6aa8d02408aa4de8-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,100,100italic,300,300italic,400italic,500,500italic,700italic,700,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grandnoticias.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 22:28:30 GMT
x-content-type-options: nosniff
age: 333206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 03 Nov 2022 22:28:30 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 28ms
12ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,100,100italic,300,300italic,400italic,500,500italic,700italic,700,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grandnoticias.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 18:07:16 GMT
x-content-type-options: nosniff
age: 435280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19536
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:41 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Nov 2022 18:07:16 GMT

GET
H2 200 ad_status.js Show response
m.notfollow.online/ 6 KB
2 KB 80ms
40ms Script
application/javascript 2606:4700:3033::6815:5402
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.notfollow.online/ad_status.js?domain=grandnoticias.com

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/hokage/akatsuki.js?ph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5402 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

568b503c6faed9e8d25a952033edbfe9152770d5fbe4bfa19ec7499913e5c0ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1356866
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Sep 2020 19:49:10 GMT
server: cloudflare
etag: W/"5f6903b6-16e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzwN6AIhWA%2B0VaYlBqouq5Xf90gNgODXtBaeyYpPU1pHN9lxadVR4iwOPfAHAZQpjDF8klOSfmZ7KZ2bCOLR69ARoadKLmmvVdCeQOLaJ92h%2BWqMa2zEKWZ62YgBxSLNCe3P%2BuYX0NKo4dWLbpniKcw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6aa8d02449ec05dc-FRA
expires: Mon, 22 Nov 2021 02:07:30 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 2 KB
3 KB 305ms
99ms Script
application/javascript 51.161.15.92
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fgrandnoticias.com%2Fcovid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil%2F&j=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570935.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 19:01:56 GMT
X-T: 0.55
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl3
Expires: Sun, 07 Nov 2021 19:01:55 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 30 B
146 B 315ms
105ms Script
text/javascript 67.202.94.94
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=victorxone&t=Covid-19%3A%20Pfizer%20recruta%20novos%20volunt%C3%A1rios%20para%20testar%20vacina%20no%20Brasil&c=d&x=https%3A%2F%2Fgrandnoticias.com%2Fcovid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil%2F&y=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil&a=0&v=27&r=1475
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.94 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: c1245a0e3af69ee80d93130ebc038719c0264c50950074348cccdc37d1f7ab2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2 200 impl.v13.8.0.js Show response
live.demand.supply/ 78 KB
25 KB 26ms
25ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v13.8.0.js
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13818497143a898c87482ecd2f2f5cbd343552aa4baca97a03b0a92d996d0cb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FHZE4MCSPQHV14KEHN1C00C4
date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 2095361
cf-polished: origSize=79681
cf-ray: 6aa8d0245a1b0eaf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"706e2a2e66f16a13e3d3d34ac54e03c4-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H2 200 Z3JhbmRub3RpY2lhcy5jb20v Show response
live.demand.supply/p4/v13-8-0/ 2 KB
793 B 87ms
87ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v13-8-0/Z3JhbmRub3RpY2lhcy5jb20v
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa0caa63bbbb369376da39466befbae8f549c5bfb6a304916909158be39e3ef2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6aa8d0245a1d0eaf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
195 B 49ms
31ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=128&cs=c&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:56 GMT
cf-cache-status: HIT
age: 1207851
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d0247d764e2b-FRA

GET
H2 200 impl.v14.0.0.js Show response
live.demand.supply/ 78 KB
25 KB 30ms
28ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v14.0.0.js
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FKEFKNZGD9ZVC0KK5CB35266
date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 516782
cf-polished: origSize=79681
cf-ray: 6aa8d0245a280eaf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ce85a984a9876904f1c4ef475c2ab350-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 52ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c30d18370f9a98e32532fed170e91740d061829ad369d4e881144a4d38d85918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51368
x-xss-protection: 0
server: cafe
etag: 2945723252059657024
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 19:01:56 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 42ms
18ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

6716e7c9082bd0a706128a88da56548b13172dbd0acbf72fd13d391dc6fd2ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1037 / 116 of 1000 / last-modified: 1636149938"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27044
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 07 Nov 2021 19:01:56 GMT

GET
H2 200 Z3JhbmRub3RpY2lhcy5jb20vY292aWQtMTktcGZpemVyLXJlY3J1dGEtbm92b3Mtdm9sdW50YXJpb3MtcGFyYS10ZXN0YXItdmFjaW5hLW5vLWJyYXNpbC8= Show response
live.demand.supply/p4/v14-0-0/ 3 KB
1 KB 77ms
76ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-0-0/Z3JhbmRub3RpY2lhcy5jb20vY292aWQtMTktcGZpemVyLXJlY3J1dGEtbm92b3Mtdm9sdW50YXJpb3MtcGFyYS10ZXN0YXItdmFjaW5hLW5vLWJyYXNpbC8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 458cd27c19e0b482f37691b9567a58108ba366d9c481c9f794e1b4f2e41e99f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6aa8d0245a2a0eaf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ds.2.html Show response
live.demand.supply/ 413 B
559 B 36ms
19ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJHBRWADE485X779EJG37KPW
date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 1349239
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 6aa8d0247d794e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jwplayer.js Show response
ssl.p.jwpcdn.com/player/v/8.3.5/ Frame 62E7 84 KB
27 KB 33ms
7ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.3.5/jwplayer.js
Requested by: Host: animesonehd.xyz
URL: https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c9cb69ec474efec002d6ffd967e893d22c51d9e1c9b9d0c756e56a6c08488a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://animesonehd.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
age: 977317
x-cache: HIT
content-length: 27435
via: 1.1 varnish
x-served-by: cache-fra19174-FRA
last-modified: Tue, 05 Jun 2018 19:13:42 GMT
server: AmazonS3
x-timer: S1636311717.571335,VS0,VE1
etag: "3340e38ae8e93d25650d7eea8e1ddeb2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@2/src/ Frame 62E7 2 KB
2 KB 36ms
18ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

Requested by

Host: animesonehd.xyz
URL: https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://animesonehd.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1499
x-jsd-version: 2.2.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19137-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6aa8d0248c074e13-FRA

GET
H2 404 logger.js
www.jwplayer.com/developers/web-player-demos/resume-playback-with-cookies/ Frame 62E7 0
0 196ms
135ms Script
text/html 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jwplayer.com/developers/web-player-demos/resume-playback-with-cookies/logger.js
Requested by: Host: animesonehd.xyz
URL: https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://animesonehd.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 jquery-1.7.1.min.js Show response
code.jquery.com/ Frame 62E7 92 KB
33 KB 29ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.7.1.min.js
Requested by: Host: animesonehd.xyz
URL: https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://animesonehd.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-16eac"
vary: Accept-Encoding
x-hw: 1636311716.dop003.fr8.t,1636311716.cds252.fr8.hn,1636311716.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33120

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
102 B 17ms
17ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FG0K7H2FB9RSN5P435HQQVNH
date: Sun, 07 Nov 2021 19:01:56 GMT
cf-cache-status: HIT
age: 2216024
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0b1ef88152c3a4cd79e0ba959cca0c64-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d0249dd34e2b-FRA

GET
H2 200 pubads_impl_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 22ms
22ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118932
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 07 Nov 2021 19:01:56 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 75 B
98 B 29ms
15ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=grandnoticias.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8f4644d830b81e4dca2226a4410da2da45113b55e9e202e75ca2bb377b45ebf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73
x-xss-protection: 0
expires: Sun, 07 Nov 2021 19:01:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/ Frame 4822 11 KB
5 KB 29ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 07 Nov 2021 18:47:13 GMT
expires: Sun, 21 Nov 2021 18:47:13 GMT
content-type: text/html; charset=UTF-8
etag: 2948287274155451234
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4905
x-xss-protection: 0
age: 883
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 grandnoticias.com_fluid_lb Show response
api.demand.supply/v14-0-0/a/ 318 B
299 B 29ms
19ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-0-0/a/grandnoticias.com_fluid_lb?&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7173225df74fe3951f6717ec3eb5ec0801f982aef757ecacacb400b106e0eb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 7069
etag: W/"13e-gyFzeDaSpDqR2f7DXhaFyByAqOA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6aa8d024feb14e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 grandnoticias.com_fluid_sq Show response
api.demand.supply/v14-0-0/a/ 317 B
299 B 34ms
23ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-0-0/a/grandnoticias.com_fluid_sq?&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5db1ebe30a081a17e50ab83db1967e94ad536451694340fbf62601b718515171

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 7069
etag: W/"13d-S+qbmLK0e5j8B0bke8jjxVj6dP8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6aa8d024feab4e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 grandnoticias.com_fluid_sq_300x250.2 Show response
api.demand.supply/v14-0-0/a/ 318 B
383 B 26ms
15ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-0-0/a/grandnoticias.com_fluid_sq_300x250.2?&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82dfb399a3b948e5a4e874dbae7ef4582f092f4297a52cb77272e66da203d58f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 7069
etag: W/"13e-eJRC0DCcDpLrIDZY3M7NlcyveVU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6aa8d024feb04e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 grandnoticias.com_fluid_sq_300x250.3 Show response
api.demand.supply/v14-0-0/a/ 318 B
298 B 26ms
17ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-0-0/a/grandnoticias.com_fluid_sq_300x250.3?&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 201bb8b9b3d747f3977a103464cbf6e2aabe3c3fac2470c056dca9a6ad9cc12e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 7069
etag: W/"13e-p7PiVBa1GkVz5Ed6fc+cGyUpyjk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6aa8d024fead4e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 grandnoticias.com_fluid_lb+sq_responsivo Show response
api.demand.supply/v14-0-0/a/ 318 B
298 B 27ms
17ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-0-0/a/grandnoticias.com_fluid_lb+sq_responsivo?&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b754214503a0192fc76ec5fb379ade64e8b90aa5450805f9a172ff04e31d468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 7069
etag: W/"13e-s41NZ8X0YemgAQll7o/niQ5qx2g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6aa8d024fea94e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 19ms
18ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FG625Q60DBMRQYAJ46KS6PVH
date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2219611
etag: W/"c0f2731a37de075020c9a8515b9bc0b3-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 6aa8d024fb330eaf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 204 grandnoticias.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 0
35 B 770ms
770ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/grandnoticias.com_auto_728x90_sticky_display_bottom?mlos=wi&mlbr=ch&mlla=en&mlbs=47&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 6aa8d024fe984e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 51ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=grandnoticias.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 52ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=grandnoticias.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 118 KB
30 KB 385ms
385ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1752086657471958&correlator=539365621573123&output=ldjh&impl=fif&eid=44754276%2C21068030&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211107&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2C9cb46b75-a358-45c3-adee-a8fe94db3a77&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ti%3D65640976-4f67-4d5e-943b-20eed8d7fde0%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D47&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636311716&dt=1636311716329&dlt=1636311716029&idt=268&frm=20&biw=1600&bih=1200&oid=2&adks=3461338630&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fcovid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil%2F&ref=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=535293571.1636311716&ga_sid=1636311716&ga_hid=299163240&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

6a11268e2d223bbf38108daf32c9ec84c81e3ce4750a98b6a87738d3bd5c131c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30512
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://grandnoticias.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A214 6 KB
4 KB 65ms
15ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 07 Nov 2021 19:01:56 GMT
expires: Mon, 07 Nov 2022 19:01:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 18ms
17ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021110201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

e64c870fac1b5b672d9d802aa7239b9f341b777225f44cd836c32a63f1c01ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13417
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 07 Nov 2021 19:01:56 GMT

GET
H2 200 grandnoticias.com_fluid_sq_300x250.2 Show response
live.demand.supply/cp/ 25 B
83 B 686ms
686ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/grandnoticias.com_fluid_sq_300x250.2?mlos=wi&mlbr=ch&mlla=en&mlbs=47&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11d0af7cee7d4e4580ea67180a733f3909a07b1cec80b9b1798eed7ab4fb387

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 6aa8d0256fa04e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25

GET
H2 200 grandnoticias.com_fluid_sq_300x250.3 Show response
live.demand.supply/cp/ 26 B
81 B 684ms
683ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/grandnoticias.com_fluid_sq_300x250.3?mlos=wi&mlbr=ch&mlla=en&mlbs=47&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53b893f8d17d83f5aa4d550d27ba39c9aba0d31416525b6f99da81b8b2f1b7c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 6aa8d0256fa14e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26

GET
H2 200 grandnoticias.com_fluid_lb+sq_responsivo Show response
live.demand.supply/cp/ 26 B
119 B 260ms
260ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/grandnoticias.com_fluid_lb+sq_responsivo?mlos=wi&mlbr=ch&mlla=en&mlbs=47&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 758e7bfc97f054eaed54d574c32fb8219168b807aa25f59ec5e017b6fe215cf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 6aa8d0256fa34e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26

GET
H2 200 grandnoticias.com_fluid_lb Show response
live.demand.supply/cp/ 26 B
81 B 685ms
684ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/grandnoticias.com_fluid_lb?mlos=wi&mlbr=ch&mlla=en&mlbs=47&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a0522928de6747740dafbf6aea2cc321a3692c551f29a973fdf6f8e03ec5c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 6aa8d0256fa54e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26

GET
H2 200 grandnoticias.com_fluid_sq Show response
live.demand.supply/cp/ 26 B
81 B 673ms
673ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/grandnoticias.com_fluid_sq?mlos=wi&mlbr=ch&mlla=en&mlbs=47&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1a82e41a01685991c7931ad67a70382436f124a79c2321cc0ebf96f1fb347a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 6aa8d0257fd24e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.3.5/ Frame 62E7 228 KB
56 KB 7ms
7ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.3.5/jwplayer.core.controls.js
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.3.5/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17c311dc9168746b614a94f651e25f73ddd6b5d6b2bce368813fb720d1e9033f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://animesonehd.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
age: 2138322
x-cache: HIT
content-length: 57438
via: 1.1 varnish
x-served-by: cache-fra19174-FRA
last-modified: Tue, 05 Jun 2018 19:13:41 GMT
server: AmazonS3
x-timer: S1636311717.757348,VS0,VE1
etag: "42ac288c3dd3c0c62a4f2b1005cc5817"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.3.5/ Frame 62E7 51 KB
16 KB 12ms
12ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.3.5/jwpsrv.js
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.3.5/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f44ac5619379731a4dd9a546101768c537a472dcbe049735c3740661a9f582d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://animesonehd.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
via: 1.1 varnish
age: 1538
x-cache: HIT
content-encoding: gzip
content-length: 16060
x-served-by: cache-fra19174-FRA
last-modified: Wed, 25 Nov 2020 15:45:24 GMT
server: AmazonS3
x-timer: S1636311717.758508,VS0,VE0
etag: "9ce4655dbc7b8410f510da753f3be441"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 related.js Show response
ssl.p.jwpcdn.com/player/plugins/related/v/6.2.4/ Frame 62E7 87 KB
21 KB 13ms
13ms Script
text/plain 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/related/v/6.2.4/related.js
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.3.5/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7f211c00704e79b4ba02e0fb222761625185ea4a179e3331626dc1f9f1740a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://animesonehd.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
age: 2138178
x-cache: HIT
content-length: 21159
via: 1.1 varnish
x-served-by: cache-fra19174-FRA
last-modified: Fri, 11 May 2018 22:34:53 GMT
server: AmazonS3
x-timer: S1636311717.758933,VS0,VE0
etag: "7bbdfe2a8a588c6df3bf256f3a486be3"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 10

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.3.5/ Frame 62E7 277 KB
79 KB 13ms
13ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.3.5/provider.hlsjs.js
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.3.5/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cea97e8d372a30aafdb69c8b22be93e9130bd4c5c6a28ef30dd05df255097f81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://animesonehd.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
age: 300743
x-cache: HIT
content-length: 80651
via: 1.1 varnish
x-served-by: cache-fra19174-FRA
last-modified: Tue, 05 Jun 2018 19:13:44 GMT
server: AmazonS3
x-timer: S1636311717.759630,VS0,VE1
etag: "233287f1f799217fc5fae80157e24418"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 playeranimesonehd.jpg
animesonehd.xyz/wp-content/uploads/2021/05/ Frame 62E7 213 KB
214 KB 320ms
19ms Image
image/jpeg 2606:4700:3037::6815:6038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://animesonehd.xyz/wp-content/uploads/2021/05/playeranimesonehd.jpg
Requested by: Host: animesonehd.xyz
URL: https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3037::6815:6038 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df66311c687794e7ef4c65648a8f4c5409ceea678ef97b6c2f123d44eea92847

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171093
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 218481
last-modified: Thu, 13 May 2021 22:03:40 GMT
server: cloudflare
etag: "609da23c-35571"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEe%2BkwPXRZYlTL0kYvmB7kHvMvsWLnYaCp1iAsMxffYnI6iPMfjSH%2B43dWhdUUaMlLLYGZD0v%2FRzOOE%2FFG7EbchEHaZaxnhhYAX%2BkCMY48KUvM9EsGSF2QLA5gSWhlFi9DgPZGd8zUA5cBBeDMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa8d0283a764de8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 282ms
94ms Script
application/javascript 51.161.15.92
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=grandnoticias.com&_ss=3bvjx265j2&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=93eg&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fgrandnoticias.com%2Fcovid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil%2F&j=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570935.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3a9f0ed8be0f6de255f01ca9fbd2094a9745f98237c900d303f4950b44625145

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 19:01:57 GMT
X-T: 0.145
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sun, 07 Nov 2021 19:01:56 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 63ms
27ms Script
application/javascript 104.18.28.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
age: 63709
etag: W/"6129520b-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6aa8d0268ea04de8-FRA
expires: Wed, 10 Nov 2021 19:01:56 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 307ms
100ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636311716557&dn=TC&iso=0&r=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil&t=Covid-19%3A%20Pfizer%20recruta%20novos%20volunt%C3%A1rios%20para%20testar%20vacina%20no%20Brasil
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 14ms
14ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=grandnoticias.com_fluid_lb%2Bsq_responsivo&pdc=0.5349497318267823&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:56 GMT
cf-cache-status: HIT
age: 1207851
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d0270b1a4e2b-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=grandnoticias.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 19:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 318ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=grandnoticias.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 19:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
13 KB 462ms
462ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1752086657471958&correlator=870802623113933&output=ldjh&impl=fif&eid=44754276%2C21068030&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211107&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2C029adf37-72fb-41ac-a10b-d0ca45aa848b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1020x280&prev_scp=ti%3D65640976-4f67-4d5e-943b-20eed8d7fde0%26bid%3D0.24%26bid-p%3Dgoogle%26bsc%3D47&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636311716&dt=1636311716620&dlt=1636311716029&idt=268&frm=20&biw=1600&bih=1200&oid=2&adxs=288&adys=908&adks=3093586772&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fcovid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil%2F&ref=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=1024x0&ga_vid=535293571.1636311716&ga_sid=1636311716&ga_hid=299163240&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

4cf774324d2412c34f24d7c6d6d80dd28c7f7e9168e9bbca6628a798bad8c936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13077
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://grandnoticias.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 72B3 6 KB
3 KB 314ms
10ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 07 Nov 2021 19:01:56 GMT
expires: Mon, 07 Nov 2022 19:01:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
73 B 14ms
14ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=5.36&b=1&r=grandnoticias.com_auto_interstitial_desktop&sy=6c14fa41-b5f4-47fe-aa5a-83aacafd81ac&ts=47&cd=2&pud=128&pus=c&pue=351&pid=28&pis=c&pie=380&ppd=88&pps=a&ppe=440&pad=63&pas=c&pae=417&pcl=283&ttc=452&tti=929&ttif=0&lca=440&lcak=ppe&lct=440&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.bing.com&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=65640976-4f67-4d5e-943b-20eed8d7fde0&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:57 GMT
cf-cache-status: HIT
age: 1207852
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d027fcf64e2b-FRA

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 314ms
100ms Script
application/javascript 208.100.17.188
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!victorxone&dn=TC&cc=1&r=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.188 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip188.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:56 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Mon, 08 Nov 2021 19:01:57 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 99ms
99ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636311716557&dn=TC&iso=0&r=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil&t=Covid-19%3A%20Pfizer%20recruta%20novos%20volunt%C3%A1rios%20para%20testar%20vacina%20no%20Brasil
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 100ms
99ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636311716557&dn=TC&iso=0&r=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil&t=Covid-19%3A%20Pfizer%20recruta%20novos%20volunt%C3%A1rios%20para%20testar%20vacina%20no%20Brasil
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 17ms
16ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=grandnoticias.com_fluid_sq_300x250.3&pdc=0.8146094083786011&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:57 GMT
cf-cache-status: HIT
age: 1207852
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d029b8aa4e2b-FRA

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 16ms
16ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=grandnoticias.com_fluid_sq_300x250.2&pdc=1.150660514831543&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:57 GMT
cf-cache-status: HIT
age: 1207852
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d029b8b14e2b-FRA

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 17ms
17ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=grandnoticias.com_fluid_lb&pdc=1.4458621740341187&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:57 GMT
cf-cache-status: HIT
age: 1207852
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d029c8b84e2b-FRA

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 17ms
14ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=grandnoticias.com_fluid_sq&pdc=1.2644306421279907&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:57 GMT
cf-cache-status: HIT
age: 1207852
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d029c8cb4e2b-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 318ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=grandnoticias.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 19:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 20ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=grandnoticias.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 19:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 417ms
415ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1752086657471958&correlator=3687234467908465&output=ldjh&impl=fif&eid=44754276%2C21068030&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211107&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2Cb58159ff-f4d5-494f-b035-5bff9acdaf90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&prev_scp=ti%3D65640976-4f67-4d5e-943b-20eed8d7fde0%26bid%3D0.65%26bid-p%3Dgoogle%26bsc%3D47&eri=1&cookie=ID%3Da894d644df3f736f-229c24a437cb009e%3AT%3D1636311716%3AS%3DALNI_Mb2yTE6S0GLo8lcIlmIQPTindxvJg&bc=31&abxe=1&lmt=1636311717&dt=1636311717080&dlt=1636311716029&idt=268&frm=20&biw=1600&bih=1200&oid=2&adxs=650&adys=225&adks=3520873266&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fcovid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil%2F&ref=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=535293571.1636311716&ga_sid=1636311716&ga_hid=299163240&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

3ea17325f649e0ed6b30e575e4286ad9994d27ba351ac281ca5b8329d019e146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11358
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://grandnoticias.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
12 KB 382ms
381ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1752086657471958&correlator=483281229112341&output=ldjh&impl=fif&eid=44754276%2C21068030&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211107&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2Ce421d919-6b52-407d-99fb-75982eca2d50&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&prev_scp=ti%3D65640976-4f67-4d5e-943b-20eed8d7fde0%26bid%3D0.7%26bid-p%3Dgoogle%26bsc%3D47&eri=1&cookie=ID%3Da894d644df3f736f-229c24a437cb009e%3AT%3D1636311716%3AS%3DALNI_Mb2yTE6S0GLo8lcIlmIQPTindxvJg&bc=31&abxe=1&lmt=1636311717&dt=1636311717098&dlt=1636311716029&idt=268&frm=20&biw=1600&bih=1200&oid=2&adxs=340&adys=225&adks=3931807766&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fcovid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil%2F&ref=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=535293571.1636311716&ga_sid=1636311716&ga_hid=299163240&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

47ad5e4be2910c10f2f783c1bc09cfbb28a2d8d3b8679e23c3bc72a75dc35759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12709
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://grandnoticias.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
27 KB 341ms
341ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1752086657471958&correlator=1593920514688452&output=ldjh&impl=fif&eid=44754276%2C21068030&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211107&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2Ca4be45ed-0d4d-4262-a55a-d70a4ef48361&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1020x100&prev_scp=ti%3D65640976-4f67-4d5e-943b-20eed8d7fde0%26bid%3D0.78%26bid-p%3Dgoogle%26bsc%3D47&eri=1&cookie=ID%3Da894d644df3f736f-229c24a437cb009e%3AT%3D1636311716%3AS%3DALNI_Mb2yTE6S0GLo8lcIlmIQPTindxvJg&bc=31&abxe=1&lmt=1636311717&dt=1636311717109&dlt=1636311716029&idt=268&frm=20&biw=1600&bih=1200&oid=2&adxs=288&adys=195&adks=2523270209&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fcovid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil%2F&ref=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=1024x0&ga_vid=535293571.1636311716&ga_sid=1636311716&ga_hid=299163240&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

fac2e0334023740db905139577ed2396b7912d03c37ebcbba5fe55c595ea27bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27549
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://grandnoticias.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 333ms
333ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1752086657471958&correlator=2508755325977465&output=ldjh&impl=fif&eid=44754276%2C21068030&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211107&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2C7f0e568c-5313-4272-b3ee-ef5cdfb24719&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&prev_scp=ti%3D65640976-4f67-4d5e-943b-20eed8d7fde0%26bid%3D0.79%26bid-p%3Dgoogle%26bsc%3D47&eri=1&cookie=ID%3Da894d644df3f736f-229c24a437cb009e%3AT%3D1636311716%3AS%3DALNI_Mb2yTE6S0GLo8lcIlmIQPTindxvJg&bc=31&abxe=1&lmt=1636311717&dt=1636311717117&dlt=1636311716029&idt=268&frm=20&biw=1600&bih=1200&oid=2&adxs=960&adys=225&adks=254945499&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fcovid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil%2F&ref=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=535293571.1636311716&ga_sid=1636311716&ga_hid=299163240&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f7aac22b5bbd8f7710346eb11670ed95c153c1eb86e0ce179a7e80a4fffc296e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11284
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://grandnoticias.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=grandnoticias.com_auto_728x90_sticky_display_bottom&ucv=005099&err=Unexpected%20end%20of%20JSON%20input&e=tce&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:57 GMT
cf-cache-status: HIT
age: 1207852
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d02a49f24e2b-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 337ms
337ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1752086657471958&correlator=851436893583036&output=ldjh&impl=fif&eid=44754276%2C21068030&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211107&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2C90f0b20a-d36f-4b6a-8fef-d484492d3873&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=ti%3D65640976-4f67-4d5e-943b-20eed8d7fde0%26bid%3D0.47%26bid-p%3Dgoogle%26bsc%3D47&eri=1&cookie=ID%3Da894d644df3f736f-229c24a437cb009e%3AT%3D1636311716%3AS%3DALNI_Mb2yTE6S0GLo8lcIlmIQPTindxvJg&bc=31&abxe=1&lmt=1636311717&dt=1636311717124&dlt=1636311716029&idt=268&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=558372742&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fcovid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil%2F&ref=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=535293571.1636311716&ga_sid=1636311716&ga_hid=299163240&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

86ab0105d9365e2c480a455d52be9514fd7d3af01287c5925f5ac0b195e71e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12174
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://grandnoticias.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame 9561 190 KB
54 KB 71ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 9561 13 KB
6 KB 63ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 9561 89 KB
28 KB 65ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-bind-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 9561 39 KB
14 KB 75ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-bind-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dec1e051f7a1ade2e7691307be4ab47d5e0edbcaf331f945c2e9b79218afd34

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 311983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13812
x-xss-protection: 0
server: sffe
date: Thu, 04 Nov 2021 04:22:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dc431b1498fb165c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Nov 2022 04:22:14 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 9561 4 KB
2 KB 70ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 9561 40 KB
13 KB 77ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9561 6 KB
767 B 316ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Nov 2021 18:52:00 GMT
server: ESF
date: Sun, 07 Nov 2021 19:01:57 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 07 Nov 2021 19:01:57 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9561 3 KB
3 KB 45ms
15ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 21:12:08 GMT
x-content-type-options: nosniff
server: cafe
age: 78589
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sun, 07 Nov 2021 21:12:08 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9561 344 B
474 B 43ms
14ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 21319
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 08 Nov 2021 13:06:38 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 9561 225 B
330 B 45ms
16ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 09:16:29 GMT
x-content-type-options: nosniff
server: cafe
age: 35128
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Mon, 08 Nov 2021 09:16:29 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9561 0
0 92ms
91ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-Wo5pSKIYZrNAYaI9u8P_aya4A2rwpqcZabT26S4Dr3VrreSDhABIJWbyiFglYKAgMAHoAGvmbieA8gBCakCCL4yBLposz7gAgCoAwHIAwqqBNQCT9D52JooOmMocEDM8NuYKnQ8bYYKG8zUFrxgXuqFfwidCPry3Kzi7CP-0PjD_rT8pTCvT6m0DiPuJTo8xtGqi80muNW2wfbo9yZzVWIE0BgA3wu5M-IHxkiTrXUYAw6QS8L4gVE8ae6IzgRTKlRSVq9fd9e1QJHOemsRyidPDpC8izpeMamVWGLsqRLC4gni392FlTVo2v-yfajF1uXoBPEMR7aFze9JgoOh8PPYKwxfTe9tcXiDlNLyxUbcyYElIBENicokfgV6oXlTXz95SZfokoOyXTxDlUk9ivtD3mpJ4MQDcCFFK2A1LMBDTN9uPHiemtcAY11b-iGl5A7vZ2WNIgFF8YWT6DNSZ8-GfrocJC6evUKSeGRF775fZAUqIArt_SxWEmY4H2-VpK5A4dsctfvNG3WPTg5k_uGF2iyK_4ROIIspZDYEf-DBG3PHe18e5cAE4PqQle8D4AQBkgUECAQYAZIFBAgFGASgBi6AB8iR2HmoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ1ulw0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi04MzY4NDAwMDMzNjkxMTIwgAoDyAsB2BMC0BUBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=bS0aKyP-Cu8&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 17ms
17ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.24&b=2&r=grandnoticias.com_fluid_lb%2Bsq_responsivo&sy=6c14fa41-b5f4-47fe-aa5a-83aacafd81ac&ts=47&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.bing.com&mlin=0&mlsi=1020x280&mlbw=4g&mlcs=NaN&mltp=65640976-4f67-4d5e-943b-20eed8d7fde0&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:57 GMT
cf-cache-status: HIT
age: 1207852
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d02a7a4c4e2b-FRA

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 99ms
99ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636311716557&dn=TC&iso=0&r=https%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3Dcovid-19%3A%2Bpfizer%2Brecruta%2Bnovos%2Bvolunt%C3%A1rios%2Bpara%2Btestar%2Bvacina%2Bno%2Bbrasil
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 css2
fonts.googleapis.com/ Frame 72B3 4 KB
708 B 306ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Nov 2021 18:47:21 GMT
server: ESF
date: Sun, 07 Nov 2021 19:01:57 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 07 Nov 2021 19:01:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3520 3 KB
653 B 295ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Nov 2021 18:46:01 GMT
server: ESF
date: Sun, 07 Nov 2021 19:01:57 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 07 Nov 2021 19:01:57 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 3520 2 KB
992 B 20ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 18:54:45 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 3520 19 KB
8 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 18:41:42 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 3520 3 KB
2 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 18:59:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3520 120 KB
37 KB 53ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 19:01:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 3520 15 KB
7 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 18:43:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3520 0
0 42ms
15ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTH0HyX9p6m6T6RV4G4CdaTN7OQgAfTUJeF1nvSt8yERwgha-_Q4wikr3RHnh-FDUwLWN1K9jtoKrSQhilQUOJXjjo3cA
Requested by: Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 5193475774055ccce470a7af02e48ef6.js Show response
www.gstatic.com/mysidia/ Frame 3520 27 KB
12 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 09:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11340
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 05:34:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 09:28:10 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 72B3 19 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8166
x-xss-protection: 0
server: cafe
etag: 3013067873597081824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 18:24:05 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 72B3 205 B
519 B 32ms
8ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 15:19:17 GMT
x-content-type-options: nosniff
age: 13360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 07 Nov 2022 15:19:17 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 72B3 604 B
689 B 149ms
126ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 07 Nov 2022 19:01:57 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5B3D 143 B
223 B 12ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 07 Nov 2021 18:37:38 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5B3D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
166 B

63ms
63ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 07 Nov 2021 19:01:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 07 Nov 2021 19:01:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 07 Nov 2021 19:01:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9221138989357440725/ Frame 9561 20 KB
21 KB 310ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9221138989357440725/downsize_200k_v1?w=400&h=209

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1893f33882001da675634d0081266cb9452dc81a8b4bd425e5244dbfefc8b0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 21:33:59 GMT
x-content-type-options: nosniff
age: 250078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20932
x-xss-protection: 0
last-modified: Fri, 24 May 2019 16:07:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 21:33:59 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8607841063099403097/ Frame 9561 5 KB
5 KB 315ms
14ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8607841063099403097/downsize_200k_v1?w=100&h=100

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3ffe9e5e9bc4a8979e7bda0b46ec14e3f68afaedc2821d8417ef6c30d5fa86c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:37:27 GMT
x-content-type-options: nosniff
age: 95070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5252
x-xss-protection: 0
last-modified: Thu, 02 Aug 2018 06:39:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Nov 2022 16:37:27 GMT

GET
DATA 200
OK truncated
/ Frame 9561 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0d140c1a41b5fc516855d35b3aab74ab4f1db554004f1509f797fba76d89f02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ww.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame 9561 44 KB
14 KB 28ms
8ms Fetch
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/ww.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

512ea2efe356559ffc497f107a88730beee6782fdfcad15d68c8f3e017269aa9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://grandnoticias.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 352361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13123
x-xss-protection: 0
server: sffe
date: Wed, 03 Nov 2021 17:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fd369686404e1b29"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Nov 2022 17:09:16 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 99ms
99ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636311716557&dn=TC&iso=0
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
BLOB 200
OK 43da1613-6858-465b-a989-81370eece270
https://grandnoticias.com/ Frame 9561 44 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://grandnoticias.com/43da1613-6858-465b-a989-81370eece270
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdb677f563ffc81ee5a25e73f8a1a5a75dc1bc98f805b7f999b9fc2b0906cd30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 45108
Content-Type: text/javascript

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 102ms
102ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636311716557&dn=TC&iso=0
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:57 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame 1D6C 190 KB
54 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 1D6C 13 KB
5 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 1D6C 89 KB
28 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 1D6C 4 KB
2 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 1D6C 40 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1D6C 3 KB
3 KB 96ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 21:12:08 GMT
x-content-type-options: nosniff
server: cafe
age: 78589
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sun, 07 Nov 2021 21:12:08 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1D6C 344 B
402 B 95ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 21319
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 08 Nov 2021 13:06:38 GMT

GET
DATA 200
OK truncated
/ Frame 1D6C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7052307fd07c1041205b93eb969be1e7891c16fc3ab6deda6614211e727224bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6843520110110630609
tpc.googlesyndication.com/simgad/ Frame 1D6C 24 KB
24 KB 94ms
10ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6843520110110630609?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlqAI21N2Bhwmt8gy0W2Vjj3IOksg

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97a40b54458cc7479bd05422c7f4d4e50f233ce0bd1363a26efe1a813933991c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 19:29:56 GMT
x-content-type-options: nosniff
age: 84721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24871
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 07:22:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Nov 2022 19:29:56 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1D6C 0
0 50ms
50ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFg6-pSKIYd-oH9GBlQexpo3gD8md3s1l5-7B8sgO7Kj9td0oEAEglZvKIWCVgoCAwAegAc6AnukByAECqQJwcxCg3ZloPuACAKgDAcgDCKoE6AJP0Mk01hgxnfH-BFE3Y2MMai-agIsS7qQTDnoKgvUomaq3uvPx74dbR9WJBH9rKhVMdIdoawfNPfp0fVJqjGhYQL5U556tEOBQL79a78y4zpBNDgh6sz3JzHDseEBH8mtET0rNKaAMmutqx9WQr0r-2wqrhLjvbGIdQc0FVfGLXrjscJQQBdAFb5sT5SFBXi2kLsMSwg6RhGvsheG8M54ZZK0IrM-3sI3JT6QFiAV3dQvTRvnPeQOhcrOtiA-oj0fcKROTNl1Yyml2kcY4dzUDgPjqkDemsB3CUe90Fd2Q1DZJjDbMPp9S_jk_YmwAyvWQDJKab0utLXVbJ6ZJeP9vsJMO33_ATec7mHXQ89jgRTXtwpxK561zxOeBEpnYFSclHzZuqAjfM4mxKg9fPPPlF8VHoPvM5_zwcy7MWVTLuToW7CKDz6AVCij13zoLhq1KeQyxHTJwcyOVfyg0FNU3-lrvWNuk3TLABLmVn_XmA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAea_-GWAqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCLq0TSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgzNjg0MDAwMzM2OTExMjCACgPICwHYEwrQFQGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=zBCyBDqu7mc&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 62ms
62ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.79&b=1&r=grandnoticias.com_fluid_sq_300x250.3&sy=6c14fa41-b5f4-47fe-aa5a-83aacafd81ac&ts=47&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.bing.com&mlin=0&mlsi=300x280&mlbw=4g&mlcs=NaN&mltp=65640976-4f67-4d5e-943b-20eed8d7fde0&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:57 GMT
cf-cache-status: HIT
age: 1207852
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d02c6edb4e2b-FRA

GET
H2 200 container.html Show response
2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D90F 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 07 Nov 2021 19:01:56 GMT
expires: Mon, 07 Nov 2022 19:01:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 31ms
31ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.78&b=1&r=grandnoticias.com_fluid_lb&sy=6c14fa41-b5f4-47fe-aa5a-83aacafd81ac&ts=47&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.bing.com&mlin=0&mlsi=1020x100&mlbw=4g&mlcs=NaN&mltp=65640976-4f67-4d5e-943b-20eed8d7fde0&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:57 GMT
cf-cache-status: HIT
age: 1207852
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d02c8f204e2b-FRA

GET
H2 200 container.html Show response
2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DD82 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 07 Nov 2021 19:01:56 GMT
expires: Mon, 07 Nov 2022 19:01:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 18ms
18ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.47&b=1&r=grandnoticias.com_auto_728x90_sticky_display_bottom&sy=6c14fa41-b5f4-47fe-aa5a-83aacafd81ac&ts=47&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.bing.com&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=65640976-4f67-4d5e-943b-20eed8d7fde0&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:57 GMT
cf-cache-status: HIT
age: 1207852
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d02c9f364e2b-FRA

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 9561 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grandnoticias.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:46:25 GMT
x-content-type-options: nosniff
age: 245732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 22:46:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 9561 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grandnoticias.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 264340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 17:36:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 9561 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grandnoticias.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:01 GMT
x-content-type-options: nosniff
age: 480596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Nov 2022 05:32:01 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame E159 190 KB
54 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame E159 13 KB
5 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame E159 89 KB
28 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame E159 4 KB
2 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame E159 40 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E159 6 KB
743 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Nov 2021 18:46:25 GMT
server: ESF
date: Sun, 07 Nov 2021 19:01:57 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 07 Nov 2021 19:01:57 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E159 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 21:12:08 GMT
x-content-type-options: nosniff
server: cafe
age: 78589
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sun, 07 Nov 2021 21:12:08 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E159 344 B
402 B 9ms
9ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 21319
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 08 Nov 2021 13:06:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E159 0
0 15ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRC4XtGNwwnv812R_FgRYIrQaydi5TrvbOmCBkUq6FiG6oEMMru6a62IUoFcX7BB-EfRfzbKt6vcB2vopx1AKc0CFXcYQ
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E159 0
0 79ms
79ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cqk2DpSKIYaS_HpSAlQe-2qsIm5KqgmCcqsbX_wiDrricvQEQASCVm8ohYJWCgIDAB6ABva2c_QPIAQmpAgi-MgS6aLM-4AIAqAMByAMKqgTUAk_Qs_v99e6zt-GqHyHiD5JMQU59I8A64otdewdALgsRDI9ZxGstnsOguOWZYFhBbGOXU0b0eqQfzmBrHzMBAPPyg-R8mFKE2fEwM0tCqmEO3Fh4vB-caj2EgFtLxmylsXJd5nFogQaL3zChedZ8XCAb6fxoNtDQlpVNnvqM8Wn1Oah-6UaLt7ynh8yUOnEnzONne13rt3vT031VRewaFgHLfxTSBaL81djibIApajhHnOqRMbJUootBkcMPto1rSXeFKbWZDs27hHLZMP8mJ7Quyj7t3UH933FdH09v5QVbc8sgEpZL8PKCtu4xuRyB1aqh0RMo4WDuQ36OnmqjQ5Xy9SSq1vQZqr6u7NETPugsY76-g1iC684_onzZi_HdtdfTK8pL9UkWO7QzsbZ9pUr6QNJVeAqrVdAp5_mxjsVEmYWhLFruysEprrJ_Vvymu3xeDSvABPWjpYj4AeAEAZIFBAgEGAGSBQQIBRgEoAYugAer0uMCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEKXBQ9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tODM2ODQwMDAzMzY5MTEyMIAKA8gLAbgTiCfYEwqIFAXQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=Pq75Zql94fs&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 23ms
23ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.7&b=1&r=grandnoticias.com_fluid_sq&sy=6c14fa41-b5f4-47fe-aa5a-83aacafd81ac&ts=47&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.bing.com&mlin=0&mlsi=300x280&mlbw=4g&mlcs=NaN&mltp=65640976-4f67-4d5e-943b-20eed8d7fde0&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:57 GMT
cf-cache-status: HIT
age: 1207852
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d02cf8624e2b-FRA

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame E414 190 KB
54 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame E414 13 KB
5 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame E414 89 KB
28 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame E414 4 KB
2 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame E414 40 KB
13 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 141990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E414 3 KB
3 KB 13ms
13ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 21:12:08 GMT
x-content-type-options: nosniff
server: cafe
age: 78589
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sun, 07 Nov 2021 21:12:08 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E414 344 B
404 B 13ms
13ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 21319
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 08 Nov 2021 13:06:38 GMT

GET
DATA 200
OK truncated
/ Frame E414 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7d9ccefe300027020dac9551dde90f08b42fae69c1d6fa56ecee751b9ab4f80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 288241817207283369
tpc.googlesyndication.com/simgad/ Frame E414 25 KB
25 KB 11ms
11ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/288241817207283369?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qn-S2kY0xarKAiotaNY0Y3fT78ytw

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39ad78adb03dea39c3b2e00fa4aadbbd5bb3f0d145934f091d9b97c4970e0c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:29:49 GMT
x-content-type-options: nosniff
age: 509528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25927
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 07:22:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Nov 2022 21:29:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E414 0
0 16ms
15ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQOCVZuGGHCTbzZiv7c1HW2XaEu9hAney67QsDEE4SYUxfPF0p_-z0scBX-jb2PIzv_anIZ8mI3Dkd_U9g5esdRM_JrA
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E414 0
0 80ms
79ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBp92pSKIYcf6HeLG7_UPnPiBsA7Jnd7NZZf4wfLIDuyo_bXdKBABIJWbyiFglYKAgMAHoAHOgJ7pAcgBAqkCcHMQoN2ZaD7gAgCoAwHIAwiqBOECT9D-Hf5R-_WSPGNHx9I2Pt4nOC0GNZpIJBOHjekfP8lqPN74TMrUDHkBeFIPq8aaFUNk1XHcferrQ0_RsJz5MTT5RTxxhgkutpetNEPf0z0oDYRzWKz03fo31mIKIa5Ji1IPELWftFkhylovEEzrO2QjPaHMFdIfzJZmK0kDQ0bTqs3Ln-N_NhJkXBuPWyoRXyOZBu2uqYabTthwXqEirGaXvd23AqUXtvro7sUsG8fs0C9n0_4ddsP6OqrAtOphCYpr-pOo71xJz1xqulgjyt-cWNrHr9f4klSUzth7KwAbl0-syqXxL98y04lLBW5AGl3x0hF9WzIgukJsO9xRVWoT5G_LMBovAXmHJfz2Y85AQpqixGBOFOHyYvRqBHAnhJuJ7mwkqSn707Up0QJF_s8oc3a1a2L6lF5OuN0DD_dTGjuDjoeHt1XLU9AHEa2Qep7Sf4rHJbCMdTENd_GNDGjABLmVn_XmA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAea_-GWAqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRD7uqUC0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MzY4NDAwMDMzNjkxMTIwgAoDyAsB2BMK0BUBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=JLZWj_5jJtg&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.65&b=2&r=grandnoticias.com_fluid_sq_300x250.2&sy=6c14fa41-b5f4-47fe-aa5a-83aacafd81ac&ts=47&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.bing.com&mlin=0&mlsi=300x280&mlbw=4g&mlcs=NaN&mltp=65640976-4f67-4d5e-943b-20eed8d7fde0&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9jb3ZpZC0xOS1wZml6ZXItcmVjcnV0YS1ub3Zvcy12b2x1bnRhcmlvcy1wYXJhLXRlc3Rhci12YWNpbmEtbm8tYnJhc2lsLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nf-request-id: 01FJMC2PDN20BKQ8CHFRNAV4P6
date: Sun, 07 Nov 2021 19:01:57 GMT
cf-cache-status: HIT
age: 1207852
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "80ae048987cfcc5e3148408e48058596-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6aa8d02d28d24e2b-FRA

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 99ms
99ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636311716557&dn=TC&iso=0
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:58 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5182667636594285729/ Frame E159 12 KB
12 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5182667636594285729/downsize_200k_v1?w=400&h=209

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d410d5223748e62d18141276e63a3c182b7f3be9be00721d9d33b144e12f022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 09:27:05 GMT
x-content-type-options: nosniff
age: 120892
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12515
x-xss-protection: 0
last-modified: Fri, 08 Feb 2019 13:07:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Nov 2022 09:27:05 GMT

GET
DATA 200
OK truncated
/ Frame E159 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E159 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3fd4f8ff11180d34d838a281353960220b1db80dd41a23e04b9721025bb51c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E159 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grandnoticias.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 08:58:25 GMT
x-content-type-options: nosniff
age: 209012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 08:58:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E159 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grandnoticias.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:46:25 GMT
x-content-type-options: nosniff
age: 245732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 22:46:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E159 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grandnoticias.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:01 GMT
x-content-type-options: nosniff
age: 480596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Nov 2022 05:32:01 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1D6C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

51ms
51ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Sun, 07 Nov 2021 19:01:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DC73 0
0 118ms
79ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGovcMEBFKuiIF0lSSpejMx9vdzezITB2uPXN_jEZT7rGBBnr4R04xtEJ2P-HBxqGugjAhU1GS9H5s5msoFTfFY-KAWI9hy8RoBZaP8lFgro8vytkaJ-IReQDGjaaN2EUruVGzc9lKG7uUQ8ZR5F-0uFI98bHl7UId2In3zVvQfdkV8dle7RypMEVq4jBi2o18TBMiFupsJNOos1zuiZe9xp9BEAB6sI9f22Ff7AeneOTsVlFtFTRpq_YkDBZ35boSmk0kqoV_eIXq5thV3XRb2zAfYSsgvK1YH3OvYEH4ZTEae6sjNAHkSnvymNy-W7vZNHCty6Kgi-UCi_fpI7HScWY7G0r6LgziC8W3OOfDyErhPnU5uFpLNKeJhijnstm-NroyylbYTZdR8OQ7M8QFH6LUmPQQJatq7Ahsyti4-6bVPM1_QmCDGsNNXJ9sXr7YoaIWDoilC_tHSjD9-ftsbmALaOKFbXB05JdcWRMVq1yOjQ-XZBauvLZhPx9DbMcbwGuOPuOl2UqtFU0tIPkV8gptFLC05mHvnP82qme4Ltqcq3SfJs62GcJnk_SXiGboMn1AHpMa_L7zMV8Wo6UX5B79DaS9cnB2of_9zB_KdtZIusP9MLvyE8rjrJBwjUlMWNZcacuUBofrPeMXl0bBv7ziNO8y3QsBhh9NbUZrzf-9PyhctK99Ma4WM5GAJCErJbXFXF1RmiiXkRWF1ZwFy5fAERKiuisKmLS95sBLm9vAfU5MVnxXl_gd5lh-lqVFO2FvAs4y4UyJzdQX01WT4jjdO6eqhvt5xC42MrGlBroEBm1AMVJMHXXU4cWtCcym5FgK0ttWDnx7nhI_pulQWn8GiXWqXoKoGkD1qdMFPjurQO0qLvQDPeiFOGXyKi1GhK5jnjzzENvl6aqfUSUdtQDbdfo0TVRe-CkoxeH06ulbKxpBk8OOz6jJT_Y-DIKzHk39dDOT6JaYyyhmOQFmDgemuKnXX9rcXi2WNOWQzg7p5oBx-GAjvFLJEca8hO7M_l1ff3c26p1Zcoe2No0p4uZAUfcwm8nuMvK1X46SVjW9DDSintxb6SLKeACPqdjlJ2HQXCRwT7JSP5RM49sDw5VNDwK--mvbpwOy4Af626JMxdySLqcLEOPELqSjNBg3L_CsquJIkXy4b-wZxiGHcHX2WVYnwfeIoRn2KH0HCv_PA87AABCoxleui9EHUIoIlytGlza6TZxn2Xw_PdhDn48l16hqDQvu2jOBS2_0wPVmelVW99UtsqN8Xr2B1mbZnmYnMAWRatngotUjjs1w82nPZYBqPjpyikdZfiq-7b5BkEJS&sai=AMfl-YT8F49hCR4Z6pfk6B2RtnbeN-GIijX6JojdBw_shg4b3HSVQHR4_VMmLA&sig=Cg0ArKJSzMSa3L1JRJFIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: facebruek.online
URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 07 Nov 2021 19:01:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DC73 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame DC73 32 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/m_js_controller_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cbfc3e0135220f040908a4787b396a23aca9b8d066d5e536d34817e08b48d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13288
x-xss-protection: 0
server: cafe
etag: 2897995046565320897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 18:59:43 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame DC73 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 18:59:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC73 120 KB
37 KB 326ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 19:01:58 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame DC73 15 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 18:43:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DC73 0
0 14ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6MxqJGvOKiPnx0E-FrtHZRPUbOOwcoe_iC6g2WCvY7pXCPxX8OOUeP9RJqGi3XNsLCzpxXCLVE03vDlSUdYh0K2Y2Yw
Requested by: Host: facebruek.online
URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame DC73 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 18:41:42 GMT

GET
H2 200 728x90-transform-work-german.png
s0.2mdn.net/5406241/ Frame DC73 12 KB
12 KB 57ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5406241/728x90-transform-work-german.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29cd2f8d75de5ae2066492eea0760392ba73bdd72dbb543460b861f634cb7069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 07:38:45 GMT
x-content-type-options: nosniff
age: 40993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11850
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 17:56:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 07:38:45 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A977 624 B
344 B 25ms
18ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj7lau3ATAB&v=APEucNWUKPEmPXjRdzz8wDpcjbmnqZtCL1st7ZpYUyNAOvL-24PgJax46IwDOcnqcGKXOW-NvWlCBVfA6e8uk73SuyC3AHWGcq5sb9NnUEMakZsacv_wAqoJeg6xqVLgAQKFUfkMbwiPyfjeYc1OWcXNxvZA_7kY6FLcXJsTTCIWh-0wvvRFiPlDBlwnuRWDOZHiB9C0vUSeD4N-O6jm5JfoIOxuJPn1pQ

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 07 Nov 2021 19:01:58 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DD82 12 KB
9 KB 40ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRwJUooAAbQHktxO4_GHtwa4Dq3gU443x68XN1Hss03L401uqhavv2NC5WISxxJAm5M7590CHT-gsP1xoK85BN_do82Zp_Qaz-IQBaLi_Cl70w-mngt5oJfMJ3soBRQ0GCung2BwULOLAVZxO2FvNw08zPEg&dbm_d=AKAmf-CgcBL-lv7z9eyH2U1kQQ1n-9z_IU3pHv6APzjufywTiGHiiJLdVlh4MLUH3JRap92MYGFaVImij44UIYTv8vAua8TeGcZ5of3XzYMnwd5pNXCoa1XY69uPg-pKzhnw4V1sdoWKX87kr5sN7bGIcJ3JV2_IC00DOXOjxLdfxIIeuPu8HwbrE4AjdzC_hioqVDCdvzlGbTsQ_snVbpEw2CKF1_4lzjTr5hhEf9n5KHZHA6AF59YBNtSsHB4Z8rgi3yOrOxFVpSgmYhREaIP0CDUmYykY_ZsCbNl5fHNmOdaLgsfKMGKMwwCafkHwacUnnjvRehZrjHdRDKs76JW267_QRfzErpCteJZgLBzswSZNwrSnKSkYZPrXgDAaxdcH1WrLPdMAk6H2q0QjJcXuYUP2rvPj_cJJFhs2Dy9HVwYrzX4CDlkgyO3nHjXCcsfIhPPqBuTdZwATbYH7MK_MCO_GyMI-s5MHsbZm4p5e4lGLhiUXLRKM1qHRP_yMg3uwkV7owCtv9tYmvAtETf2ZTKOFAmHaR9sdDMHAIi8rE5ewV3fiB89oNLyLXcYhGngxkzCkAWfvgpbeo0fjld0cSoPAo3_xAh17HJ7A5b9Zjbd9Tz072l9ki-iIvuNMoKxuYO37k42f-e6iynqps9Sy2pTxrDfhiFtNMRpgMsbHtCxyfyTV6O96TW0XZG2N8CG85ExIYm2_hY-JIP-B_jjF66r6RbPxTK08GQE9MCFhgCcdu5wa1h4xxU79gPD_qV6uRwuuwmLHRqbpmldRKsVZIzkMvZ-Km034ARgo9LrTnyOvZjhu8XtxfWrsKTsMog2Gysj-wm9IyoM-3c0YzMaOCjESGgg0UUuT_foHHCPJL7RTTRrjBu_rdBXOXsNHYWEVAbjLMQ3pZu8L3gQlnHSPgebNtBft5e6tB-F9j2RKEQ3QMzzpYzQB96kFPb9zSpUZwy1GRJ2wucDD1OT4n3DOsNJqYWpSGtcBQjYNaN_6YjeLP-xVR0tFegidkyU_NMUyOPB3AYPm0GxIdzco_7QUcoa8Uvj2tU97o5Xp9gUP2zUsIm_MFGYU_pAxWi7kh4-M-6LfDv5fX8Vdi8sHizmMxxGrjJziNvQOqoh9j81Q6xm8dOKbQeCOoTN_W0PX7H0FN3dthTjyO9U-8K2LagqBZUET7HOfkc8evOSe4B9g3vyZDvOFwCfEBWtNhdAHPUVH6C1KgjE47SH08ceZLEq0_LEGTs9eRVklVUBmesOdfHffUPGFBXIwJcg86TDqDAg6up3oXM-XlFe2Wr3YRiO-pEMda1jlCKIbJBD5lr_KkseM3XSfBf0fBWSHXOdnjdfAv5Pxb0Cwe2012Ptn6dCJnS0RhS-bMho0ktlOa7OAFd84vtrarR47sNKvEotA5Hsnb0nAi-DUO_b39heozxzv6Xx-4osn7m7wJ2RwkA2wmgt2oqIBpj_euLb7NxZcRHDvsCymcE8E2HpI00hSJha6_NMgXxb-P27GRcuDPWA2flxo2K-sMGEgS_AdyFPBHV5KCALk0eGFE4ywBTz4JvOyeqnmtLl6PLgjWYwpZQzoN4qrnOUyKLd01I8FqxWjbtvlsJV4scyqoZBaP685eqPmSYG_A-OnI6_A7qVNhR5-rFGhtu-f_cFGx3gHaibitEAh43pI6aO0Dl5FWhBVqIBj2LlsDPEOgMSIMVhB5kJFuM1gBknviSJlZ_CfceuuQFp0mWZH1uEBLwOBnvRMLnqlkSS8XvY6lI-RvYHrzbdPFRtVxE5FR0sJSZGiSGnCf5kkYjVCXz0bSVZVlNYxYJXGogVpfPLhFn6YxKPt5QxXdDQ0zAcMI1MZ4QXeO1D1PQ3cehNmwE5e3wtu07vfMrfPso2MgQuL7bAqNd0Tmr9whYuhl1rl_YHxBP7RUXxCnTq7CfWRCQzlqDewYDYSZjQnDhKdfY3CNWrAf_Vd1HO0NhAl_HTBLPPmJvrQZGVbYsrUmgNBguxCcP9uNDanHyyNH3WLQGOMxxi0PKEtCjof3EemOyykY5PA9YbBYZWlblynX9HQvnzuyy4jX6y8pE97lxm3xZZBr6-qF1oQyiZQA6vtuq7sTVZpTMKN9wsgoY9sCyMI7L9cNpWDME3iOBhYsj-IRPPRUV69c5MR012MhZxXEhLopTK_Ee49jOoRGZN6c5dC1T7mB_-0NTYSmDZ-EnL0e2sNGad7nB-pQBS1mJ7NtQY-7UtBAGVHjrHboseJIeWnaCHFmpr6e1aKTLj-XJETvIY3RNtbqacN4H_Urq-RkbUXolLDIZkuSrCNEWSR-22S25qcj3JBsIpuR8bQBcpI6zh8Ck8pDNvJ2U955zfuMpqRwGplzmZvkK1YiHKx30IaVPnfH7MMo5y9Wh2tR9krHzw_gOUnENONcWJTkIfdkmTUTPjgHlNEfpc2ORbAuhESX_Lx4pa1jrw9Cf2WHUSfXi9JcN4C78szH0pRmiCvzTaMdvDP_CaJWkhuyDXtImS72mp_lahlWjHOvXUVxlRzTDv49hEp0-m36mxmaiSyc081_t786MjP3k178kZwv4JGeTYJJELZKAwUL8nSnW5YxlwwYHtW_dAcX-eXbfbpP4f7aaeBSxsdW6TQqnZri4QP4R4a7CidzegzzeBB4LZSfQE30rsPfRKKh40K5IwlsAQiw-T4YICnHYAEXArBKhgjyD58Ezl1mFKfdrKZXO_VGfvA47hilUZQzLfieX0-U2hh1S6ovbQwTrpLK91IHKLkMvwtxNS_KV-LkVDe00WNuoyKZMUNMKBj4yHPDBIDB33UmCDTCisbGhG31yzEvmghoNSfOf37HacNGhftO1fWzDupF5fBlayjF1np1KVc9FB0PqUj3tFHngDU6Z_df6IqRUky6ei8Cv9SxqvjP3LKQA07SQ&cid=CAASEuRozj1Y4i2eJaOGxsw2XOK1-g&rfl=1%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e38ac057739ddebf7097bc16d6752c72af3894c648698d9f985ebbcdd041c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9429
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DD82 42 B
173 B 43ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ALNj_0vw0ZkW-jSQYlATMJ2bP076PsAVg8lofrp8wG2n_7ugr7FDEnOYv6Dl7dyvOXFsc6iD_okXiJD48UoBiDH5azFmR82izAiGkDKm_GbgR2pcQ

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/820761/57728794/xbbe/creative/ Frame DD82 237 KB
80 KB 142ms
58ms Script
application/javascript 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/820761/57728794/xbbe/creative/adj?p=APEucNXYE4Kt7zvIpJD3n1MNN4v2Go2vwM0OH0_Aw3cc6aY-wlJfThg&d=CnkAoCZ_4KuF5GXkrECrvdoz1_oOoZH_Ri_TP0k4DzZmEaH9lH--B74En5D51KH1-2EIx-ayTDHp8nlzAoFr6DhDRDCP3xyiATRxbkdJvTyvliNSvN-KbJtAd1wTx5I_z1iEqY7GhkeougkD8O2S_Erzc9rlKrgjlmM7EqkUAKAmf-ATQmkUSBzimHrczLX-1pDRIxMYAgWiCeKi1kJrksjpaLPjxTxeVi6IzldwTNqk2M69DpA1arCKf8qWwWwEsEW2ZRRBXrwL_WYjxstfgK_5zK2gd6k3Mn7SI_YPgSsT_2fZl0KNA-HXpTLV8DCLRmxsntfSliFCzWV1JIkFbSAbtuWcjGVwO1vfZLs6c2oCLiqYKr2kwo62zuPp6jjeFFXFyf0jo4AobERpa1HwqU2mr4eIORYaJWi3tgrTPTszj891nM4Y8DDI4wfoG4rru1xcm09UR6xa6N2ImdC1ciI90qpNwJgKGOwZW7eIj4DwcoVAXFLhpBBnOAIgubqZdfdv1gjYq1O_A88r97K5tl15zz7wsSa9UBhHxAUh7bkSUiNOdQnxB-DoMtYhgLCSUAcAwmmpIiV7uT2Dms0kiyZN_StxPqLUbjaMdM7IvTLXsv5l5Xl4SALRH0L00oP0Xu8NZWdkCN_r9k_spztfk7lmx5V64pu-6u9OGqWYEVpNy3kgabvMutS4Qk6FZ2Uz3ErlredLQqvj04WsUKTcBO7XYcvv84hYBGmP5w3B1-t_AMhexqvK7nzB_MSyQjtuVx502MPIAqr5FhwXV4iHZGUgV2rgR6uwLhBHGTmrc15oZUTRFF_0zjYsiAxjdG63fWVlILgtjX1vPd-PzKbg-32xOUeTCVZGuHJ9m8JDJxy7Lya3gZyLFP1vwgGjjozytZUXiMPmzWJTVNhNzGuOQwCdEAys6IpNthjflLiLcaajuxFH69i4tVIeujIXD5oCiyvYxbZMyR6C2O0Yw1dlDcTfwi-T8oRFpsNPG9NFeOjqJCxYomHKeDRdrgOzgc35wQihIDMBe2C5xvSBnnWUYFMCVGKidThd2dovuyNu08iCTLZ6Sxbod40v1P5Hc-92ln9tlPnNClXT6veMv9Zntj0zGknqOKP6RGIEycbwGcjVgRxPpUw1oMmehFRYF16bLM02gPnwcGafE2VqXDu4hKXhCC_P4Mf3Ki0mHmrbipY1sVSmtjbuA0aGfU9QpAJEj6Zi7s-zHFFezqAN_1234gsQol5AIftgigothTuA3Jo0a3OWAdVqNXXKBj9gFkuAxCBCPT0mww5LVBpNerSci4_hIRYfRF3H_81IDSdjA2BqFTdRnfl4853l9itQwwHCV-jitQjQPZeEvIgK8PJBb0ZlhvPqPonsBsVdHkdvvxw_4n3-FQKx0lx0RrghtiU3OpNkMTErvsfYopgvmo_y99qIt999zw5bIWueF5t5zwblGjMnfeasFejFh0fTCGV9a4rk1aWBBlqAg2f_O4poepKAbkzFj5RkPwc31rMpe2Ae17geNY8PpejVWjUnLwPU_NtDNLAuE3DBfrJUOhnAlIKig8mYZCvL8MIKzsPR7KjOcYBg_IY3NdoMsksK5sPDPrmDjDWOaDoTte3Qv2ZHzt-ty-8TGlv7Wxp6bPd7Ktmq3ZLWacNPk3yH43x6agN0POQ4Iiv6_JnEM_m5ptMdGSEg2poG-akgIVuAK4ktg7cv2T9qc_vavvLvu0pgIc2IckjbBhVNAJa9h9TObrnmqoOegyQX-YAQJqz3h3ZwOfULESK0P3TS33CM2L3Pm8tsZ_8GkqopjzZ2sqvkGIkHUEiPZQJqpcyO6xQlTo6PA5BqWB-SzYpUN8g7gmEMVILJV2GIjdmrOFgRSuaBPrl0Hiv4C4QbKkxYN6M8VRzvG0f5hQ1HtACBcJUk5vCSWMQr77DdkKSoMWEofhV7Rq20hld96YMuanD2rnFtIf7qFynzXxNafhmtV-qb4Fw_y3Tx5BJBxbmTMD3RWhDkfEESO5CljxOwsYSQD01iyMlxF9l-CYK0ASQagIZeCR0vOvHlfjqgp0udXTKcouGx13GdPAlcfUF1GJTmwJsMpIqM-rjykRB5oMtzu8Hb0Dv7AfkRrEVo0Zs4FWSKOS-Fp2PViwlVPyunz09iO7-DPVyXgYCIf60M85ySHsjt4mv_ZGxGQt8Qf4ICWebp-VY3M3x9ShBhOzIvpZNAaZVtG9zLTniHofMc0HTx7AmrCZElJN_V8Z4nSfjF2iFM9dIsaW4B_Ux4j_ptNmMwj3UqJea_vAdz4y84l2OU3igRzER4vztotPEJhzOHz7VAtlSI_ih5z5U8jDSFoXOwmDk1FdVBV8We091btYtylOJwKfbj2Ag4iUMV63ojVTcd4-Lf0F8E3h5lgRD8IqDlBVliRxag2FAmOKUqEOaYmIGbzi72IGipMDz5GUtz1Zb1hfYrvZAOEOMu7-EbdypynACVav-amowiw0Y_I3ffMgx3FrMwirSw-nHrAm8oIKtmZu_rwnaRJV1awqkTdzVz2oLz7rUosgD-sUbap9YRAiKlv4na4B_4H8rTittXitVY48CyUAvai0pW_z5d2luXChEjLLXJwZXkO8g685JmftezuXUi6xkm_zIQ4RDN9AGYQEd4rQJaEtMWw5N-sJNyWcNC8gUALFJKRNWnqGEzl-3BUA0gZ2Kbmgj22czmzLyPEoDJKs_SRxuRygGDdpuxan1mfdn5PyedOxo6mmfLvAt3cq-o6f13CGyA9A2rMdIKPXckmPJC_ey-jr4NrQhOGV1ynLRWNvH45u91FbPLtUfVMUATqSA1TWcY32dSN7epupJlY5t9CWjyeUr54s2k2AwhxPiwh6MRiQdkFK0VZtaHyq2rB_AfY6O1Gl1fD3xuZAoOLUR5faC888ok4LrIh6VbeJtpxk-o_6kZlqj83lQK6AJ8Re0zj7ySyNyMR5Ov4pRW6ipxoOgl48X6RAEf1f2DDg7Z9o-T-UIoG3YnWRbpU1L0GfUXLZjhtCBmiyF5ScBrtj7KQq5xANM6TTkHKKM5nYGkb1WjkmNptgJ7jT8FFcpVc8rxoF4qbNQ--VLi2tDd3EkTF1_yHBZfrhUmcdUG6agJjr8ypd66iFJCLEJODRXrxt9cNUYrSIA1KY6Y-21v4uLSpF5k8ov2Uz4XFuRenbUQwVetoSmSWH6yHjOpTWWuXnZqt34tr0i-rJPS9NVfnRxC77MSjEt9FHehxz_OZLTsdQXFSESUj_iagZeXgQcjGhWJkjwWmdEc7K9Lc3CuXeuTkgvB-8UCU1UM6auU-PuVvwUBYwZ1UuJwp97RMTHZXJDHTKYbFPFZ_e8n2C0oxNFHaDu_5xcm9FKV62nEODYsncfqN5nJQj7vDZutere5nYWeMR0-_EYt0rVpiKu3i28hdAEBEVlhfPK5A0dIOHEcVhZtWu7IQsN6g3xsYni-cxJwWHiVipwjH3jezrUXJs5JKEohKK6n_ap0LdqTfirN5hCxi85GbY0bHSDIKo2tWpo1tcUhjbvUFOYg9dek9IEmh7WEZfiFY1v0NNT35qpGk4-snOI1R65HiCwELNqhZqg2nTBiHMkCURVMzEhRp0hfA_2--zbTcOJ533jyIg3NFX3dw45EBtjYGhYIABIS5GjOPVjiLZ4lo4bGzDZc4rX6YAE
Requested by: Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 60ba7bfbf047d0adf1304f62330fa0192e5d9a3ec75af55a9a1f15e56820fd27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
content-encoding: gzip
x-server-name: app17.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame DD82 3 KB
2 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 18:59:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD82 120 KB
37 KB 325ms
33ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 19:01:58 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame DD82 15 KB
7 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 18:43:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DD82 0
0 14ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5wmEcleNMJNn55pkgBsIvXYRO0fpbg8wWtgAEq1Tu_OT4XyXbwLqQmaMNT4u_TKMSrxXGhlRSk0TLMDaOym2z9Vv0mQ
Requested by: Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 6843520110110630609
tpc.googlesyndication.com/simgad/ Frame 1D6C 24 KB
24 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6843520110110630609?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlqAI21N2Bhwmt8gy0W2Vjj3IOksg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97a40b54458cc7479bd05422c7f4d4e50f233ce0bd1363a26efe1a813933991c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 19:29:56 GMT
x-content-type-options: nosniff
age: 84722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24871
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 07:22:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Nov 2022 19:29:56 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1D6C 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 21:12:08 GMT
x-content-type-options: nosniff
server: cafe
age: 78590
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sun, 07 Nov 2021 21:12:08 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1D6C 344 B
416 B 7ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 21320
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 08 Nov 2021 13:06:38 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E414
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

110ms
110ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/
Protocol: H2
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Sun, 07 Nov 2021 19:01:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E159 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 21:12:08 GMT
x-content-type-options: nosniff
server: cafe
age: 78590
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sun, 07 Nov 2021 21:12:08 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E159 344 B
412 B 7ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 21320
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 08 Nov 2021 13:06:38 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E414 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 21:12:08 GMT
x-content-type-options: nosniff
server: cafe
age: 78590
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sun, 07 Nov 2021 21:12:08 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E414 344 B
412 B 6ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 21320
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 08 Nov 2021 13:06:38 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1FA6 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 383068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DD82 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRwJUooAAbQHktxO4_GHtwa4Dq3gU443x68XN1Hss03L401uqhavv2NC5WISxxJAm5M7590CHT-gsP1xoK85BN_do82Zp_Qaz-IQBaLi_Cl70w-mngt5oJfMJ3soBRQ0GCung2BwULOLAVZxO2FvNw08zPEg&dbm_d=AKAmf-CgcBL-lv7z9eyH2U1kQQ1n-9z_IU3pHv6APzjufywTiGHiiJLdVlh4MLUH3JRap92MYGFaVImij44UIYTv8vAua8TeGcZ5of3XzYMnwd5pNXCoa1XY69uPg-pKzhnw4V1sdoWKX87kr5sN7bGIcJ3JV2_IC00DOXOjxLdfxIIeuPu8HwbrE4AjdzC_hioqVDCdvzlGbTsQ_snVbpEw2CKF1_4lzjTr5hhEf9n5KHZHA6AF59YBNtSsHB4Z8rgi3yOrOxFVpSgmYhREaIP0CDUmYykY_ZsCbNl5fHNmOdaLgsfKMGKMwwCafkHwacUnnjvRehZrjHdRDKs76JW267_QRfzErpCteJZgLBzswSZNwrSnKSkYZPrXgDAaxdcH1WrLPdMAk6H2q0QjJcXuYUP2rvPj_cJJFhs2Dy9HVwYrzX4CDlkgyO3nHjXCcsfIhPPqBuTdZwATbYH7MK_MCO_GyMI-s5MHsbZm4p5e4lGLhiUXLRKM1qHRP_yMg3uwkV7owCtv9tYmvAtETf2ZTKOFAmHaR9sdDMHAIi8rE5ewV3fiB89oNLyLXcYhGngxkzCkAWfvgpbeo0fjld0cSoPAo3_xAh17HJ7A5b9Zjbd9Tz072l9ki-iIvuNMoKxuYO37k42f-e6iynqps9Sy2pTxrDfhiFtNMRpgMsbHtCxyfyTV6O96TW0XZG2N8CG85ExIYm2_hY-JIP-B_jjF66r6RbPxTK08GQE9MCFhgCcdu5wa1h4xxU79gPD_qV6uRwuuwmLHRqbpmldRKsVZIzkMvZ-Km034ARgo9LrTnyOvZjhu8XtxfWrsKTsMog2Gysj-wm9IyoM-3c0YzMaOCjESGgg0UUuT_foHHCPJL7RTTRrjBu_rdBXOXsNHYWEVAbjLMQ3pZu8L3gQlnHSPgebNtBft5e6tB-F9j2RKEQ3QMzzpYzQB96kFPb9zSpUZwy1GRJ2wucDD1OT4n3DOsNJqYWpSGtcBQjYNaN_6YjeLP-xVR0tFegidkyU_NMUyOPB3AYPm0GxIdzco_7QUcoa8Uvj2tU97o5Xp9gUP2zUsIm_MFGYU_pAxWi7kh4-M-6LfDv5fX8Vdi8sHizmMxxGrjJziNvQOqoh9j81Q6xm8dOKbQeCOoTN_W0PX7H0FN3dthTjyO9U-8K2LagqBZUET7HOfkc8evOSe4B9g3vyZDvOFwCfEBWtNhdAHPUVH6C1KgjE47SH08ceZLEq0_LEGTs9eRVklVUBmesOdfHffUPGFBXIwJcg86TDqDAg6up3oXM-XlFe2Wr3YRiO-pEMda1jlCKIbJBD5lr_KkseM3XSfBf0fBWSHXOdnjdfAv5Pxb0Cwe2012Ptn6dCJnS0RhS-bMho0ktlOa7OAFd84vtrarR47sNKvEotA5Hsnb0nAi-DUO_b39heozxzv6Xx-4osn7m7wJ2RwkA2wmgt2oqIBpj_euLb7NxZcRHDvsCymcE8E2HpI00hSJha6_NMgXxb-P27GRcuDPWA2flxo2K-sMGEgS_AdyFPBHV5KCALk0eGFE4ywBTz4JvOyeqnmtLl6PLgjWYwpZQzoN4qrnOUyKLd01I8FqxWjbtvlsJV4scyqoZBaP685eqPmSYG_A-OnI6_A7qVNhR5-rFGhtu-f_cFGx3gHaibitEAh43pI6aO0Dl5FWhBVqIBj2LlsDPEOgMSIMVhB5kJFuM1gBknviSJlZ_CfceuuQFp0mWZH1uEBLwOBnvRMLnqlkSS8XvY6lI-RvYHrzbdPFRtVxE5FR0sJSZGiSGnCf5kkYjVCXz0bSVZVlNYxYJXGogVpfPLhFn6YxKPt5QxXdDQ0zAcMI1MZ4QXeO1D1PQ3cehNmwE5e3wtu07vfMrfPso2MgQuL7bAqNd0Tmr9whYuhl1rl_YHxBP7RUXxCnTq7CfWRCQzlqDewYDYSZjQnDhKdfY3CNWrAf_Vd1HO0NhAl_HTBLPPmJvrQZGVbYsrUmgNBguxCcP9uNDanHyyNH3WLQGOMxxi0PKEtCjof3EemOyykY5PA9YbBYZWlblynX9HQvnzuyy4jX6y8pE97lxm3xZZBr6-qF1oQyiZQA6vtuq7sTVZpTMKN9wsgoY9sCyMI7L9cNpWDME3iOBhYsj-IRPPRUV69c5MR012MhZxXEhLopTK_Ee49jOoRGZN6c5dC1T7mB_-0NTYSmDZ-EnL0e2sNGad7nB-pQBS1mJ7NtQY-7UtBAGVHjrHboseJIeWnaCHFmpr6e1aKTLj-XJETvIY3RNtbqacN4H_Urq-RkbUXolLDIZkuSrCNEWSR-22S25qcj3JBsIpuR8bQBcpI6zh8Ck8pDNvJ2U955zfuMpqRwGplzmZvkK1YiHKx30IaVPnfH7MMo5y9Wh2tR9krHzw_gOUnENONcWJTkIfdkmTUTPjgHlNEfpc2ORbAuhESX_Lx4pa1jrw9Cf2WHUSfXi9JcN4C78szH0pRmiCvzTaMdvDP_CaJWkhuyDXtImS72mp_lahlWjHOvXUVxlRzTDv49hEp0-m36mxmaiSyc081_t786MjP3k178kZwv4JGeTYJJELZKAwUL8nSnW5YxlwwYHtW_dAcX-eXbfbpP4f7aaeBSxsdW6TQqnZri4QP4R4a7CidzegzzeBB4LZSfQE30rsPfRKKh40K5IwlsAQiw-T4YICnHYAEXArBKhgjyD58Ezl1mFKfdrKZXO_VGfvA47hilUZQzLfieX0-U2hh1S6ovbQwTrpLK91IHKLkMvwtxNS_KV-LkVDe00WNuoyKZMUNMKBj4yHPDBIDB33UmCDTCisbGhG31yzEvmghoNSfOf37HacNGhftO1fWzDupF5fBlayjF1np1KVc9FB0PqUj3tFHngDU6Z_df6IqRUky6ei8Cv9SxqvjP3LKQA07SQ&cid=CAASEuRozj1Y4i2eJaOGxsw2XOK1-g&rfl=1%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A977
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdOmUrL5W5d6W0lLpk_7Uk&google_cver=1

43 B
1014 B

41ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdOmUrL5W5d6W0lLpk_7Uk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj7lau3ATAB&v=APEucNWUKPEmPXjRdzz8wDpcjbmnqZtCL1st7ZpYUyNAOvL-24PgJax46IwDOcnqcGKXOW-NvWlCBVfA6e8uk73SuyC3AHWGcq5sb9NnUEMakZsacv_wAqoJeg6xqVLgAQKFUfkMbwiPyfjeYc1OWcXNxvZA_7kY6FLcXJsTTCIWh-0wvvRFiPlDBlwnuRWDOZHiB9C0vUSeD4N-O6jm5JfoIOxuJPn1pQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 19:01:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 07 Nov 2021 19:01:58 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdOmUrL5W5d6W0lLpk_7Uk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A977
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYgipl2q1z-4YN0dYXVK3gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdOmUrL5W5d6W0lLpk_7Uk&google_cver=1

43 B
894 B

18ms
18ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdOmUrL5W5d6W0lLpk_7Uk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj7lau3ATAB&v=APEucNWUKPEmPXjRdzz8wDpcjbmnqZtCL1st7ZpYUyNAOvL-24PgJax46IwDOcnqcGKXOW-NvWlCBVfA6e8uk73SuyC3AHWGcq5sb9NnUEMakZsacv_wAqoJeg6xqVLgAQKFUfkMbwiPyfjeYc1OWcXNxvZA_7kY6FLcXJsTTCIWh-0wvvRFiPlDBlwnuRWDOZHiB9C0vUSeD4N-O6jm5JfoIOxuJPn1pQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 19:01:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 07 Nov 2021 19:01:58 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIdOmUrL5W5d6W0lLpk_7Uk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame A977
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDtJnVy-DGlJ9Q4mDktYRVk&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDtJnVy-DGlJ9Q4mDktYRVk%26google_cver%3D1

43 B
1 KB

41ms
41ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDtJnVy-DGlJ9Q4mDktYRVk%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj7lau3ATAB&v=APEucNWUKPEmPXjRdzz8wDpcjbmnqZtCL1st7ZpYUyNAOvL-24PgJax46IwDOcnqcGKXOW-NvWlCBVfA6e8uk73SuyC3AHWGcq5sb9NnUEMakZsacv_wAqoJeg6xqVLgAQKFUfkMbwiPyfjeYc1OWcXNxvZA_7kY6FLcXJsTTCIWh-0wvvRFiPlDBlwnuRWDOZHiB9C0vUSeD4N-O6jm5JfoIOxuJPn1pQ

Protocol

HTTP/1.1

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 19:01:58 GMT
X-Proxy-Origin: 78.47.208.27; 78.47.208.27; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c88287f2-68f3-4926-9c05-89084bf70d63
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 19:01:58 GMT
X-Proxy-Origin: 78.47.208.27; 78.47.208.27; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f582a493-fb99-4163-a5ca-ee2eedfb3f90
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDtJnVy-DGlJ9Q4mDktYRVk%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A977
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg2MTU1NzkwODQyNTE4MzM4

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg2MTU1NzkwODQyNTE4MzM4

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 19:01:58 GMT
X-Proxy-Origin: 78.47.208.27; 78.47.208.27; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0861cc12-5317-40e7-bb41-de16a585f31f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg2MTU1NzkwODQyNTE4MzM4
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FC48 1 KB
863 B 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 07 Nov 2021 18:26:41 GMT
expires: Mon, 08 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 2117
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 10FF 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 383068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame DD82
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/820761/57728794/xbbe/creative/adj?p=APEucNXYE4Kt7zvIpJD3n1MNN4v2Go2vwM0OH0_Aw3cc6aY-wlJfThg&d=CnkAoCZ_4KuF5GXkrECrvdoz1_oOoZH_Ri_TP0k4DzZmEaH9lH--B74En5D51KH1...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXYE4Kt7zvIpJD3n1MNN4v2Go2vwM0OH0_Aw3cc6aY-wlJfThg&d=CnkAoCZ_4KuF5GXkrECrvdoz1_oOoZH_Ri_TP0k4DzZmEaH9lH--B74En5D51KH1-2EIx-ayTDHp8nlzAoFr6DhDR...

59 KB
20 KB

88ms
46ms

Script
text/javascript

64.233.166.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXYE4Kt7zvIpJD3n1MNN4v2Go2vwM0OH0_Aw3cc6aY-wlJfThg&d=CnkAoCZ_4KuF5GXkrECrvdoz1_oOoZH_Ri_TP0k4DzZmEaH9lH--B74En5D51KH1-2EIx-ayTDHp8nlzAoFr6DhDRDCP3xyiATRxbkdJvTyvliNSvN-KbJtAd1wTx5I_z1iEqY7GhkeougkD8O2S_Erzc9rlKrgjlmM7EqkUAKAmf-ATQmkUSBzimHrczLX-1pDRIxMYAgWiCeKi1kJrksjpaLPjxTxeVi6IzldwTNqk2M69DpA1arCKf8qWwWwEsEW2ZRRBXrwL_WYjxstfgK_5zK2gd6k3Mn7SI_YPgSsT_2fZl0KNA-HXpTLV8DCLRmxsntfSliFCzWV1JIkFbSAbtuWcjGVwO1vfZLs6c2oCLiqYKr2kwo62zuPp6jjeFFXFyf0jo4AobERpa1HwqU2mr4eIORYaJWi3tgrTPTszj891nM4Y8DDI4wfoG4rru1xcm09UR6xa6N2ImdC1ciI90qpNwJgKGOwZW7eIj4DwcoVAXFLhpBBnOAIgubqZdfdv1gjYq1O_A88r97K5tl15zz7wsSa9UBhHxAUh7bkSUiNOdQnxB-DoMtYhgLCSUAcAwmmpIiV7uT2Dms0kiyZN_StxPqLUbjaMdM7IvTLXsv5l5Xl4SALRH0L00oP0Xu8NZWdkCN_r9k_spztfk7lmx5V64pu-6u9OGqWYEVpNy3kgabvMutS4Qk6FZ2Uz3ErlredLQqvj04WsUKTcBO7XYcvv84hYBGmP5w3B1-t_AMhexqvK7nzB_MSyQjtuVx502MPIAqr5FhwXV4iHZGUgV2rgR6uwLhBHGTmrc15oZUTRFF_0zjYsiAxjdG63fWVlILgtjX1vPd-PzKbg-32xOUeTCVZGuHJ9m8JDJxy7Lya3gZyLFP1vwgGjjozytZUXiMPmzWJTVNhNzGuOQwCdEAys6IpNthjflLiLcaajuxFH69i4tVIeujIXD5oCiyvYxbZMyR6C2O0Yw1dlDcTfwi-T8oRFpsNPG9NFeOjqJCxYomHKeDRdrgOzgc35wQihIDMBe2C5xvSBnnWUYFMCVGKidThd2dovuyNu08iCTLZ6Sxbod40v1P5Hc-92ln9tlPnNClXT6veMv9Zntj0zGknqOKP6RGIEycbwGcjVgRxPpUw1oMmehFRYF16bLM02gPnwcGafE2VqXDu4hKXhCC_P4Mf3Ki0mHmrbipY1sVSmtjbuA0aGfU9QpAJEj6Zi7s-zHFFezqAN_1234gsQol5AIftgigothTuA3Jo0a3OWAdVqNXXKBj9gFkuAxCBCPT0mww5LVBpNerSci4_hIRYfRF3H_81IDSdjA2BqFTdRnfl4853l9itQwwHCV-jitQjQPZeEvIgK8PJBb0ZlhvPqPonsBsVdHkdvvxw_4n3-FQKx0lx0RrghtiU3OpNkMTErvsfYopgvmo_y99qIt999zw5bIWueF5t5zwblGjMnfeasFejFh0fTCGV9a4rk1aWBBlqAg2f_O4poepKAbkzFj5RkPwc31rMpe2Ae17geNY8PpejVWjUnLwPU_NtDNLAuE3DBfrJUOhnAlIKig8mYZCvL8MIKzsPR7KjOcYBg_IY3NdoMsksK5sPDPrmDjDWOaDoTte3Qv2ZHzt-ty-8TGlv7Wxp6bPd7Ktmq3ZLWacNPk3yH43x6agN0POQ4Iiv6_JnEM_m5ptMdGSEg2poG-akgIVuAK4ktg7cv2T9qc_vavvLvu0pgIc2IckjbBhVNAJa9h9TObrnmqoOegyQX-YAQJqz3h3ZwOfULESK0P3TS33CM2L3Pm8tsZ_8GkqopjzZ2sqvkGIkHUEiPZQJqpcyO6xQlTo6PA5BqWB-SzYpUN8g7gmEMVILJV2GIjdmrOFgRSuaBPrl0Hiv4C4QbKkxYN6M8VRzvG0f5hQ1HtACBcJUk5vCSWMQr77DdkKSoMWEofhV7Rq20hld96YMuanD2rnFtIf7qFynzXxNafhmtV-qb4Fw_y3Tx5BJBxbmTMD3RWhDkfEESO5CljxOwsYSQD01iyMlxF9l-CYK0ASQagIZeCR0vOvHlfjqgp0udXTKcouGx13GdPAlcfUF1GJTmwJsMpIqM-rjykRB5oMtzu8Hb0Dv7AfkRrEVo0Zs4FWSKOS-Fp2PViwlVPyunz09iO7-DPVyXgYCIf60M85ySHsjt4mv_ZGxGQt8Qf4ICWebp-VY3M3x9ShBhOzIvpZNAaZVtG9zLTniHofMc0HTx7AmrCZElJN_V8Z4nSfjF2iFM9dIsaW4B_Ux4j_ptNmMwj3UqJea_vAdz4y84l2OU3igRzER4vztotPEJhzOHz7VAtlSI_ih5z5U8jDSFoXOwmDk1FdVBV8We091btYtylOJwKfbj2Ag4iUMV63ojVTcd4-Lf0F8E3h5lgRD8IqDlBVliRxag2FAmOKUqEOaYmIGbzi72IGipMDz5GUtz1Zb1hfYrvZAOEOMu7-EbdypynACVav-amowiw0Y_I3ffMgx3FrMwirSw-nHrAm8oIKtmZu_rwnaRJV1awqkTdzVz2oLz7rUosgD-sUbap9YRAiKlv4na4B_4H8rTittXitVY48CyUAvai0pW_z5d2luXChEjLLXJwZXkO8g685JmftezuXUi6xkm_zIQ4RDN9AGYQEd4rQJaEtMWw5N-sJNyWcNC8gUALFJKRNWnqGEzl-3BUA0gZ2Kbmgj22czmzLyPEoDJKs_SRxuRygGDdpuxan1mfdn5PyedOxo6mmfLvAt3cq-o6f13CGyA9A2rMdIKPXckmPJC_ey-jr4NrQhOGV1ynLRWNvH45u91FbPLtUfVMUATqSA1TWcY32dSN7epupJlY5t9CWjyeUr54s2k2AwhxPiwh6MRiQdkFK0VZtaHyq2rB_AfY6O1Gl1fD3xuZAoOLUR5faC888ok4LrIh6VbeJtpxk-o_6kZlqj83lQK6AJ8Re0zj7ySyNyMR5Ov4pRW6ipxoOgl48X6RAEf1f2DDg7Z9o-T-UIoG3YnWRbpU1L0GfUXLZjhtCBmiyF5ScBrtj7KQq5xANM6TTkHKKM5nYGkb1WjkmNptgJ7jT8FFcpVc8rxoF4qbNQ--VLi2tDd3EkTF1_yHBZfrhUmcdUG6agJjr8ypd66iFJCLEJODRXrxt9cNUYrSIA1KY6Y-21v4uLSpF5k8ov2Uz4XFuRenbUQwVetoSmSWH6yHjOpTWWuXnZqt34tr0i-rJPS9NVfnRxC77MSjEt9FHehxz_OZLTsdQXFSESUj_iagZeXgQcjGhWJkjwWmdEc7K9Lc3CuXeuTkgvB-8UCU1UM6auU-PuVvwUBYwZ1UuJwp97RMTHZXJDHTKYbFPFZ_e8n2C0oxNFHaDu_5xcm9FKV62nEODYsncfqN5nJQj7vDZutere5nYWeMR0-_EYt0rVpiKu3i28hdAEBEVlhfPK5A0dIOHEcVhZtWu7IQsN6g3xsYni-cxJwWHiVipwjH3jezrUXJs5JKEohKK6n_ap0LdqTfirN5hCxi85GbY0bHSDIKo2tWpo1tcUhjbvUFOYg9dek9IEmh7WEZfiFY1v0NNT35qpGk4-snOI1R65HiCwELNqhZqg2nTBiHMkCURVMzEhRp0hfA_2--zbTcOJ533jyIg3NFX3dw45EBtjYGhYIABIS5GjOPVjiLZ4lo4bGzDZc4rX6YAE

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

64.233.166.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f156.1e100.net

Software

cafe /

Resource Hash

bc99c36dc9cd3182ec256a1d72f91927790cc42a5c4f6fdd5cd38656403f5256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19993
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXYE4Kt7zvIpJD3n1MNN4v2Go2vwM0OH0_Aw3cc6aY-wlJfThg&d=CnkAoCZ_4KuF5GXkrECrvdoz1_oOoZH_Ri_TP0k4DzZmEaH9lH--B74En5D51KH1-2EIx-ayTDHp8nlzAoFr6DhDRDCP3xyiATRxbkdJvTyvliNSvN-KbJtAd1wTx5I_z1iEqY7GhkeougkD8O2S_Erzc9rlKrgjlmM7EqkUAKAmf-ATQmkUSBzimHrczLX-1pDRIxMYAgWiCeKi1kJrksjpaLPjxTxeVi6IzldwTNqk2M69DpA1arCKf8qWwWwEsEW2ZRRBXrwL_WYjxstfgK_5zK2gd6k3Mn7SI_YPgSsT_2fZl0KNA-HXpTLV8DCLRmxsntfSliFCzWV1JIkFbSAbtuWcjGVwO1vfZLs6c2oCLiqYKr2kwo62zuPp6jjeFFXFyf0jo4AobERpa1HwqU2mr4eIORYaJWi3tgrTPTszj891nM4Y8DDI4wfoG4rru1xcm09UR6xa6N2ImdC1ciI90qpNwJgKGOwZW7eIj4DwcoVAXFLhpBBnOAIgubqZdfdv1gjYq1O_A88r97K5tl15zz7wsSa9UBhHxAUh7bkSUiNOdQnxB-DoMtYhgLCSUAcAwmmpIiV7uT2Dms0kiyZN_StxPqLUbjaMdM7IvTLXsv5l5Xl4SALRH0L00oP0Xu8NZWdkCN_r9k_spztfk7lmx5V64pu-6u9OGqWYEVpNy3kgabvMutS4Qk6FZ2Uz3ErlredLQqvj04WsUKTcBO7XYcvv84hYBGmP5w3B1-t_AMhexqvK7nzB_MSyQjtuVx502MPIAqr5FhwXV4iHZGUgV2rgR6uwLhBHGTmrc15oZUTRFF_0zjYsiAxjdG63fWVlILgtjX1vPd-PzKbg-32xOUeTCVZGuHJ9m8JDJxy7Lya3gZyLFP1vwgGjjozytZUXiMPmzWJTVNhNzGuOQwCdEAys6IpNthjflLiLcaajuxFH69i4tVIeujIXD5oCiyvYxbZMyR6C2O0Yw1dlDcTfwi-T8oRFpsNPG9NFeOjqJCxYomHKeDRdrgOzgc35wQihIDMBe2C5xvSBnnWUYFMCVGKidThd2dovuyNu08iCTLZ6Sxbod40v1P5Hc-92ln9tlPnNClXT6veMv9Zntj0zGknqOKP6RGIEycbwGcjVgRxPpUw1oMmehFRYF16bLM02gPnwcGafE2VqXDu4hKXhCC_P4Mf3Ki0mHmrbipY1sVSmtjbuA0aGfU9QpAJEj6Zi7s-zHFFezqAN_1234gsQol5AIftgigothTuA3Jo0a3OWAdVqNXXKBj9gFkuAxCBCPT0mww5LVBpNerSci4_hIRYfRF3H_81IDSdjA2BqFTdRnfl4853l9itQwwHCV-jitQjQPZeEvIgK8PJBb0ZlhvPqPonsBsVdHkdvvxw_4n3-FQKx0lx0RrghtiU3OpNkMTErvsfYopgvmo_y99qIt999zw5bIWueF5t5zwblGjMnfeasFejFh0fTCGV9a4rk1aWBBlqAg2f_O4poepKAbkzFj5RkPwc31rMpe2Ae17geNY8PpejVWjUnLwPU_NtDNLAuE3DBfrJUOhnAlIKig8mYZCvL8MIKzsPR7KjOcYBg_IY3NdoMsksK5sPDPrmDjDWOaDoTte3Qv2ZHzt-ty-8TGlv7Wxp6bPd7Ktmq3ZLWacNPk3yH43x6agN0POQ4Iiv6_JnEM_m5ptMdGSEg2poG-akgIVuAK4ktg7cv2T9qc_vavvLvu0pgIc2IckjbBhVNAJa9h9TObrnmqoOegyQX-YAQJqz3h3ZwOfULESK0P3TS33CM2L3Pm8tsZ_8GkqopjzZ2sqvkGIkHUEiPZQJqpcyO6xQlTo6PA5BqWB-SzYpUN8g7gmEMVILJV2GIjdmrOFgRSuaBPrl0Hiv4C4QbKkxYN6M8VRzvG0f5hQ1HtACBcJUk5vCSWMQr77DdkKSoMWEofhV7Rq20hld96YMuanD2rnFtIf7qFynzXxNafhmtV-qb4Fw_y3Tx5BJBxbmTMD3RWhDkfEESO5CljxOwsYSQD01iyMlxF9l-CYK0ASQagIZeCR0vOvHlfjqgp0udXTKcouGx13GdPAlcfUF1GJTmwJsMpIqM-rjykRB5oMtzu8Hb0Dv7AfkRrEVo0Zs4FWSKOS-Fp2PViwlVPyunz09iO7-DPVyXgYCIf60M85ySHsjt4mv_ZGxGQt8Qf4ICWebp-VY3M3x9ShBhOzIvpZNAaZVtG9zLTniHofMc0HTx7AmrCZElJN_V8Z4nSfjF2iFM9dIsaW4B_Ux4j_ptNmMwj3UqJea_vAdz4y84l2OU3igRzER4vztotPEJhzOHz7VAtlSI_ih5z5U8jDSFoXOwmDk1FdVBV8We091btYtylOJwKfbj2Ag4iUMV63ojVTcd4-Lf0F8E3h5lgRD8IqDlBVliRxag2FAmOKUqEOaYmIGbzi72IGipMDz5GUtz1Zb1hfYrvZAOEOMu7-EbdypynACVav-amowiw0Y_I3ffMgx3FrMwirSw-nHrAm8oIKtmZu_rwnaRJV1awqkTdzVz2oLz7rUosgD-sUbap9YRAiKlv4na4B_4H8rTittXitVY48CyUAvai0pW_z5d2luXChEjLLXJwZXkO8g685JmftezuXUi6xkm_zIQ4RDN9AGYQEd4rQJaEtMWw5N-sJNyWcNC8gUALFJKRNWnqGEzl-3BUA0gZ2Kbmgj22czmzLyPEoDJKs_SRxuRygGDdpuxan1mfdn5PyedOxo6mmfLvAt3cq-o6f13CGyA9A2rMdIKPXckmPJC_ey-jr4NrQhOGV1ynLRWNvH45u91FbPLtUfVMUATqSA1TWcY32dSN7epupJlY5t9CWjyeUr54s2k2AwhxPiwh6MRiQdkFK0VZtaHyq2rB_AfY6O1Gl1fD3xuZAoOLUR5faC888ok4LrIh6VbeJtpxk-o_6kZlqj83lQK6AJ8Re0zj7ySyNyMR5Ov4pRW6ipxoOgl48X6RAEf1f2DDg7Z9o-T-UIoG3YnWRbpU1L0GfUXLZjhtCBmiyF5ScBrtj7KQq5xANM6TTkHKKM5nYGkb1WjkmNptgJ7jT8FFcpVc8rxoF4qbNQ--VLi2tDd3EkTF1_yHBZfrhUmcdUG6agJjr8ypd66iFJCLEJODRXrxt9cNUYrSIA1KY6Y-21v4uLSpF5k8ov2Uz4XFuRenbUQwVetoSmSWH6yHjOpTWWuXnZqt34tr0i-rJPS9NVfnRxC77MSjEt9FHehxz_OZLTsdQXFSESUj_iagZeXgQcjGhWJkjwWmdEc7K9Lc3CuXeuTkgvB-8UCU1UM6auU-PuVvwUBYwZ1UuJwp97RMTHZXJDHTKYbFPFZ_e8n2C0oxNFHaDu_5xcm9FKV62nEODYsncfqN5nJQj7vDZutere5nYWeMR0-_EYt0rVpiKu3i28hdAEBEVlhfPK5A0dIOHEcVhZtWu7IQsN6g3xsYni-cxJwWHiVipwjH3jezrUXJs5JKEohKK6n_ap0LdqTfirN5hCxi85GbY0bHSDIKo2tWpo1tcUhjbvUFOYg9dek9IEmh7WEZfiFY1v0NNT35qpGk4-snOI1R65HiCwELNqhZqg2nTBiHMkCURVMzEhRp0hfA_2--zbTcOJ533jyIg3NFX3dw45EBtjYGhYIABIS5GjOPVjiLZ4lo4bGzDZc4rX6YAE
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame FC52 80 KB
21 KB 44ms
7ms Script
application/javascript 2600:9000:223f:d800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:55:08 GMT
content-encoding: gzip
age: 6912411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: lYcioUm3NAqykq0QmJstAaVeMdNVLysxzrQtWzHT24crTbkbSaCQTw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DD82 43 B
215 B 318ms
99ms Image
image/gif 52.73.22.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=820761&asId=db4e9058-1171-a62a-e33f-3152d47f187e&tv=%7Bc:tjgqzZ,pingTime:-3,time:58,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:21%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:58,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sO6Fd7T+11%7C12%7C13%7C1411%7C15%7C16%7C1711%7C1712%7C18*.820761-57728794%7C181%7C182%7C19%7C1a,idMap:18*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.22.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-22-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DD82 43 B
216 B 315ms
98ms Image
image/gif 52.73.22.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=820761&asId=db4e9058-1171-a62a-e33f-3152d47f187e&tv=%7Bc:tjgqA0,pingTime:-6,time:59,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:59,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sO6Fd7T+11%7C12%7C13%7C1411%7C15%7C16%7C1711%7C1712%7C18*.820761-57728794%7C181%7C182%7C19%7C1a,idMap:18*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:grandnoticias.com*&br=c
Requested by: Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.22.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-22-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame FC48 70 B
265 B 123ms
43ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGCbcnvWXo1PS1POoda1YHE&google_cver=1&google_push=AYg5qPIO9aMinT53CYnwvCw4bzi2jLXYTT0QEeOOMry2KzldxWNhAHk9nqVpanoDQboKs8LOOccK3oWJjJKV1Wt5zOk8awiyUcJJfQ
Requested by: Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC48
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEPdP-8FUhqayndupg5Jr7wQ&google_cver=1&google_push=AYg5qPInG_VSyCO8vpjRn4VRQSI23xdl2hW196-h5iJ-lrXLXSma6Fh3B47EHju_ic5sVGju7FTZXLaulT1dZyp...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=NOcVz0zFQ9hJNR2jPznWME4v0Bs&google_push=AYg5qPInG_VSyCO8vpjRn4VRQSI23xdl2hW196-h5iJ-lrXLXSma6Fh3B47EHju_ic5sVGju7FTZXLaulT1dZy...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=NOcVz0zFQ9hJNR2jPznWME4v0Bs&google_push=AYg5qPInG_VSyCO8vpjRn4VRQSI23xdl2hW196-h5iJ-lrXLXSma6Fh3B47EHju_ic5sVGju7FTZXLaulT1dZypk0bobCL23y3s8Aw

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=NOcVz0zFQ9hJNR2jPznWME4v0Bs&google_push=AYg5qPInG_VSyCO8vpjRn4VRQSI23xdl2hW196-h5iJ-lrXLXSma6Fh3B47EHju_ic5sVGju7FTZXLaulT1dZypk0bobCL23y3s8Aw
Date: Sun, 07 Nov 2021 19:01:58 GMT
Connection: keep-alive
Content-Length: 244
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame FC48 0
478 B 58ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPL-hEBc3BgA1wEc61I30eLpix821YkDw_S5T_B050p_qq38RkFq2eMZO_w0-orc25RZ_equWdbo_eViSYX46BocdBhAfzZz1Q%26google_hm%3D%5BUID%5D&google_gid=CAESEFZW_wjsR_27BgNjfLWbxTM&google_cver=1

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 19:01:58 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame FC48
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELTs4wDR7QRP8EOwSv0I1Bo&google_cver=1&google_push=AYg5qPIsp-yjUSmq6zmPIqkgBBeoFhR7deuGWgB6YeZaRe4_8wNKyGxKiBnth7LB6MVi2iDtcY-BkNOLbCIkzTQBb...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELTs4wDR7QRP8EOwSv0I1Bo&google_cver=1&google_push=AYg5qPIsp-yjUSmq6zmPIqkgBBeoFhR7deuGWgB6YeZaRe4_8wNKyGxKiBnth7LB6MVi2iDtcY-BkNOLbCIkzTQBb...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIsp-yjUSmq6zmPIqkgBBeoFhR7deuGWgB6YeZaRe4_8wNKyGxKiBnth7LB6MVi2iDtcY-BkNOLbCIkzTQBb0M_cw54WK4ZhQ&google_hm=a4600cae1b88930dfdf3...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC48
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELOTe3ydonNzSPf-6a8696c&google_cver=1&google_push=AYg5qPLCsZmKwrVNF3ar3b_25vfgNxvCxhW8G4ydyaxJykrMnQ7IBjqdoWF5NHYBnJJ4wmimKe9OUsGHbozF2c4j...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLCsZmKwrVNF3ar3b_25vfgNxvCxhW8G4ydyaxJykrMnQ7IBjqdoWF5NHYBnJJ4wmimKe9OUsGHbozF2c4jmBB8dcLZMwyw

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLCsZmKwrVNF3ar3b_25vfgNxvCxhW8G4ydyaxJykrMnQ7IBjqdoWF5NHYBnJJ4wmimKe9OUsGHbozF2c4jmBB8dcLZMwyw

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 07 Nov 2021 19:01:58 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0745.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLCsZmKwrVNF3ar3b_25vfgNxvCxhW8G4ydyaxJykrMnQ7IBjqdoWF5NHYBnJJ4wmimKe9OUsGHbozF2c4jmBB8dcLZMwyw
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: B17qzhvhCNLQHEK-ZX1iR-DrGGxFEiFUV2xVc_0YHi-JMqW_N3ntXQ==

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame FC48 42 B
233 B 277ms
86ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEP386GCPlYjJ5JN2usm2dP0&google_cver=1&google_push=AYg5qPI2vaZzVWgIT-JSNgIiuiQtxuIYl3jLKojjXZOnOJ2i3tbBPdK4ItVu_uFLlCm1XDOhYwShVxFOlsDlc3xsLg0g6mk_gh7QCw
Requested by: Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 19:01:58 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC48
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEFd-62O6QcSP2CMN04MDkU4&google_cver=1&google_push=AYg5qPLWIJfrUwUit9QeG43XrmViGR1EoJHNnG-_J_HxFnZVtZMsWnmv1Lw-SircEDSvIA-4UiHGHwRykeS1mBseJ...
https://sm.rtb.mts.ru/match/second?ssp=12&google_push=AYg5qPLWIJfrUwUit9QeG43XrmViGR1EoJHNnG-_J_HxFnZVtZMsWnmv1Lw-SircEDSvIA-4UiHGHwRykeS1mBseJLr1ILGIVuf0Yw&exu=CAESEFd-62O6QcSP2CMN04MDkU4
https://tech.rtb.mts.ru/?dsp_uid=06bc9990-5f83-40ac-8b9e-f132f36a754f&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D06bc9990-5f83-40ac-8b9e-f132f36a754f%26g...
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=06bc9990-5f83-40ac-8b9e-f132f36a754f&google_push=AYg5qPLWIJfrUwUit9QeG43XrmViGR1EoJHNnG-_J_HxFnZVtZMsWnmv1Lw-SircEDSvIA-4UiHGHwRykeS1mBse...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=06bc9990-5f83-40ac-8b9e-f132f36a754f&google_push=AYg5qPLWIJfrUwUit9QeG43XrmViGR1EoJHNnG-_J_HxFnZVtZMsWnmv1Lw-SircEDSvIA-4UiHGHwRykeS1mBseJLr1ILGIVuf0Yw

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 07 Nov 2021 19:01:58 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=06bc9990-5f83-40ac-8b9e-f132f36a754f&google_push=AYg5qPLWIJfrUwUit9QeG43XrmViGR1EoJHNnG-_J_HxFnZVtZMsWnmv1Lw-SircEDSvIA-4UiHGHwRykeS1mBseJLr1ILGIVuf0Yw
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FC48 0
12 B 15ms
15ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JfLd1spVCNNbMO6qaEYdLgwi7A3elYf0HTCCL_YO0GqR2silltGXr4R2u5tu_QgZANxkyys6g

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1FA6 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 15:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 15:05:23 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DD82 43 B
215 B 311ms
102ms Image
image/gif 52.73.22.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=820761&asId=db4e9058-1171-a62a-e33f-3152d47f187e&tv=%7Bc:tjgqA9,pingTime:-2,time:68,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:393,beZ:395,mfA:396,cmA:398,inA:398,inZ:403,prA:403,prZ:409,si:416,poA:417,poZ:439,cmZ:439,mfZ:439,loA:452,loZ:455,ltA:462,ltZ:462%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:21%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:68,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sO6Fd7T+11%7C12%7C13%7C1411%7C15%7C16%7C1711%7C1712%7C18*.820761-57728794%7C181%7C182%7C19%7C1a,idMap:18*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,sinceFw:45,readyFired:false%7D&br=c
Requested by: Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.22.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-22-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js Show response
pagead2.googlesyndication.com/bg/ Frame 10FF 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 22:38:58 GMT

GET
DATA 200
OK truncated
/ Frame DC73 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d7d10f9ef64901b685f04e43694d77a8b86f774ac00e9569c890b6d043483cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame DD82 169 KB
59 KB 327ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
Origin: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 15:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 15:14:54 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame DD82 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/820761/57728794/xbbe/creative/adj?p=APEucNXYE4Kt7zvIpJD3n1MNN4v2Go2vwM0OH0_Aw3cc6aY-wlJfThg&d=CnkAoCZ_4KuF5GXkrECrvdoz1_oOoZH_Ri_TP0k4DzZmEaH9lH--B74En5D51KH1-2EIx-ayTDHp8nlzAoFr6DhDRDCP3xyiATRxbkdJvTyvliNSvN-KbJtAd1wTx5I_z1iEqY7GhkeougkD8O2S_Erzc9rlKrgjlmM7EqkUAKAmf-ATQmkUSBzimHrczLX-1pDRIxMYAgWiCeKi1kJrksjpaLPjxTxeVi6IzldwTNqk2M69DpA1arCKf8qWwWwEsEW2ZRRBXrwL_WYjxstfgK_5zK2gd6k3Mn7SI_YPgSsT_2fZl0KNA-HXpTLV8DCLRmxsntfSliFCzWV1JIkFbSAbtuWcjGVwO1vfZLs6c2oCLiqYKr2kwo62zuPp6jjeFFXFyf0jo4AobERpa1HwqU2mr4eIORYaJWi3tgrTPTszj891nM4Y8DDI4wfoG4rru1xcm09UR6xa6N2ImdC1ciI90qpNwJgKGOwZW7eIj4DwcoVAXFLhpBBnOAIgubqZdfdv1gjYq1O_A88r97K5tl15zz7wsSa9UBhHxAUh7bkSUiNOdQnxB-DoMtYhgLCSUAcAwmmpIiV7uT2Dms0kiyZN_StxPqLUbjaMdM7IvTLXsv5l5Xl4SALRH0L00oP0Xu8NZWdkCN_r9k_spztfk7lmx5V64pu-6u9OGqWYEVpNy3kgabvMutS4Qk6FZ2Uz3ErlredLQqvj04WsUKTcBO7XYcvv84hYBGmP5w3B1-t_AMhexqvK7nzB_MSyQjtuVx502MPIAqr5FhwXV4iHZGUgV2rgR6uwLhBHGTmrc15oZUTRFF_0zjYsiAxjdG63fWVlILgtjX1vPd-PzKbg-32xOUeTCVZGuHJ9m8JDJxy7Lya3gZyLFP1vwgGjjozytZUXiMPmzWJTVNhNzGuOQwCdEAys6IpNthjflLiLcaajuxFH69i4tVIeujIXD5oCiyvYxbZMyR6C2O0Yw1dlDcTfwi-T8oRFpsNPG9NFeOjqJCxYomHKeDRdrgOzgc35wQihIDMBe2C5xvSBnnWUYFMCVGKidThd2dovuyNu08iCTLZ6Sxbod40v1P5Hc-92ln9tlPnNClXT6veMv9Zntj0zGknqOKP6RGIEycbwGcjVgRxPpUw1oMmehFRYF16bLM02gPnwcGafE2VqXDu4hKXhCC_P4Mf3Ki0mHmrbipY1sVSmtjbuA0aGfU9QpAJEj6Zi7s-zHFFezqAN_1234gsQol5AIftgigothTuA3Jo0a3OWAdVqNXXKBj9gFkuAxCBCPT0mww5LVBpNerSci4_hIRYfRF3H_81IDSdjA2BqFTdRnfl4853l9itQwwHCV-jitQjQPZeEvIgK8PJBb0ZlhvPqPonsBsVdHkdvvxw_4n3-FQKx0lx0RrghtiU3OpNkMTErvsfYopgvmo_y99qIt999zw5bIWueF5t5zwblGjMnfeasFejFh0fTCGV9a4rk1aWBBlqAg2f_O4poepKAbkzFj5RkPwc31rMpe2Ae17geNY8PpejVWjUnLwPU_NtDNLAuE3DBfrJUOhnAlIKig8mYZCvL8MIKzsPR7KjOcYBg_IY3NdoMsksK5sPDPrmDjDWOaDoTte3Qv2ZHzt-ty-8TGlv7Wxp6bPd7Ktmq3ZLWacNPk3yH43x6agN0POQ4Iiv6_JnEM_m5ptMdGSEg2poG-akgIVuAK4ktg7cv2T9qc_vavvLvu0pgIc2IckjbBhVNAJa9h9TObrnmqoOegyQX-YAQJqz3h3ZwOfULESK0P3TS33CM2L3Pm8tsZ_8GkqopjzZ2sqvkGIkHUEiPZQJqpcyO6xQlTo6PA5BqWB-SzYpUN8g7gmEMVILJV2GIjdmrOFgRSuaBPrl0Hiv4C4QbKkxYN6M8VRzvG0f5hQ1HtACBcJUk5vCSWMQr77DdkKSoMWEofhV7Rq20hld96YMuanD2rnFtIf7qFynzXxNafhmtV-qb4Fw_y3Tx5BJBxbmTMD3RWhDkfEESO5CljxOwsYSQD01iyMlxF9l-CYK0ASQagIZeCR0vOvHlfjqgp0udXTKcouGx13GdPAlcfUF1GJTmwJsMpIqM-rjykRB5oMtzu8Hb0Dv7AfkRrEVo0Zs4FWSKOS-Fp2PViwlVPyunz09iO7-DPVyXgYCIf60M85ySHsjt4mv_ZGxGQt8Qf4ICWebp-VY3M3x9ShBhOzIvpZNAaZVtG9zLTniHofMc0HTx7AmrCZElJN_V8Z4nSfjF2iFM9dIsaW4B_Ux4j_ptNmMwj3UqJea_vAdz4y84l2OU3igRzER4vztotPEJhzOHz7VAtlSI_ih5z5U8jDSFoXOwmDk1FdVBV8We091btYtylOJwKfbj2Ag4iUMV63ojVTcd4-Lf0F8E3h5lgRD8IqDlBVliRxag2FAmOKUqEOaYmIGbzi72IGipMDz5GUtz1Zb1hfYrvZAOEOMu7-EbdypynACVav-amowiw0Y_I3ffMgx3FrMwirSw-nHrAm8oIKtmZu_rwnaRJV1awqkTdzVz2oLz7rUosgD-sUbap9YRAiKlv4na4B_4H8rTittXitVY48CyUAvai0pW_z5d2luXChEjLLXJwZXkO8g685JmftezuXUi6xkm_zIQ4RDN9AGYQEd4rQJaEtMWw5N-sJNyWcNC8gUALFJKRNWnqGEzl-3BUA0gZ2Kbmgj22czmzLyPEoDJKs_SRxuRygGDdpuxan1mfdn5PyedOxo6mmfLvAt3cq-o6f13CGyA9A2rMdIKPXckmPJC_ey-jr4NrQhOGV1ynLRWNvH45u91FbPLtUfVMUATqSA1TWcY32dSN7epupJlY5t9CWjyeUr54s2k2AwhxPiwh6MRiQdkFK0VZtaHyq2rB_AfY6O1Gl1fD3xuZAoOLUR5faC888ok4LrIh6VbeJtpxk-o_6kZlqj83lQK6AJ8Re0zj7ySyNyMR5Ov4pRW6ipxoOgl48X6RAEf1f2DDg7Z9o-T-UIoG3YnWRbpU1L0GfUXLZjhtCBmiyF5ScBrtj7KQq5xANM6TTkHKKM5nYGkb1WjkmNptgJ7jT8FFcpVc8rxoF4qbNQ--VLi2tDd3EkTF1_yHBZfrhUmcdUG6agJjr8ypd66iFJCLEJODRXrxt9cNUYrSIA1KY6Y-21v4uLSpF5k8ov2Uz4XFuRenbUQwVetoSmSWH6yHjOpTWWuXnZqt34tr0i-rJPS9NVfnRxC77MSjEt9FHehxz_OZLTsdQXFSESUj_iagZeXgQcjGhWJkjwWmdEc7K9Lc3CuXeuTkgvB-8UCU1UM6auU-PuVvwUBYwZ1UuJwp97RMTHZXJDHTKYbFPFZ_e8n2C0oxNFHaDu_5xcm9FKV62nEODYsncfqN5nJQj7vDZutere5nYWeMR0-_EYt0rVpiKu3i28hdAEBEVlhfPK5A0dIOHEcVhZtWu7IQsN6g3xsYni-cxJwWHiVipwjH3jezrUXJs5JKEohKK6n_ap0LdqTfirN5hCxi85GbY0bHSDIKo2tWpo1tcUhjbvUFOYg9dek9IEmh7WEZfiFY1v0NNT35qpGk4-snOI1R65HiCwELNqhZqg2nTBiHMkCURVMzEhRp0hfA_2--zbTcOJ533jyIg3NFX3dw45EBtjYGhYIABIS5GjOPVjiLZ4lo4bGzDZc4rX6YAE&adsafe_url=https%3A%2F%2Fgrandnoticias.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:db4e9058-1171-a62a-e33f-3152d47f187e,c:tjgqzo,sl:outOfView,em:true,fr:false,thd:1,mn:app17ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:forwrd1,nbld:0,mtim:3,fm:sO6Fd7T+11%7C12%7C13%7C1411%7C15%7C16%7C1711%7C1712%7C18*.820761-57728794%7C181%7C182%7C19%7C1a,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:22,oid:2e858299-3ffd-11ec-bbc5-0289e6fd96ae,v:19.8.263,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 18:58:23 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame DD82 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 19:00:42 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 44AF 1 KB
783 B 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 07 Nov 2021 18:26:41 GMT
expires: Mon, 08 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 2117
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DD82 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de9db2d860dcc50a57ed9cb2edb2cc8891a1c89bc51979018d713b2293271564

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44AF
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFOGW8Vm94zQFpD2HX650jA&google_cver=1&google_push=AYg5qPIWyHWqmHGQdaEhzpb7teVDUGFIeB8Q7C0ERGhjgXFBJAi5D3baYWqT8muSi2pYMLN7lgz2Q...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPIWyHWqmHGQdaEhzpb7teVDUGFIeB8Q7C0ERGhjgXFBJAi5D3baYWqT8muSi2pYMLN7lgz2QRnmSJj3JJxC7q3FasXDD6Ib

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPIWyHWqmHGQdaEhzpb7teVDUGFIeB8Q7C0ERGhjgXFBJAi5D3baYWqT8muSi2pYMLN7lgz2QRnmSJj3JJxC7q3FasXDD6Ib

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 07 Nov 2021 19:01:59 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPIWyHWqmHGQdaEhzpb7teVDUGFIeB8Q7C0ERGhjgXFBJAi5D3baYWqT8muSi2pYMLN7lgz2QRnmSJj3JJxC7q3FasXDD6Ib
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: qFDPv9ZYtRaQcscpUysAAA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44AF
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEHyZ6hQnWgoHFxjzmDuI26k&google_cver=1&google_push=AYg5qPLB0zmcU1QyJ1gAKA0hfN06odKT2C5teiMhOJylCS47qqs8LXLMNJEF3UNuhThU6...
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLB0zmcU1QyJ1gAKA0hfN06odKT2C5teiMhOJylCS47qqs8LXLMNJEF3UNuhThU6DRLFwhcSZcFg2c9WBXAoqbGQZK-9n1A&google_hm=QWdIZEplR1lMMGUxSWZfYld2...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLB0zmcU1QyJ1gAKA0hfN06odKT2C5teiMhOJylCS47qqs8LXLMNJEF3UNuhThU6DRLFwhcSZcFg2c9WBXAoqbGQZK-9n1A&google_hm=QWdIZEplR1lMMGUxSWZfYld2bi15Z0E=

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLB0zmcU1QyJ1gAKA0hfN06odKT2C5teiMhOJylCS47qqs8LXLMNJEF3UNuhThU6DRLFwhcSZcFg2c9WBXAoqbGQZK-9n1A&google_hm=QWdIZEplR1lMMGUxSWZfYld2bi15Z0E=
Date: Sun, 07 Nov 2021 19:01:58 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44AF
Redirect Chain

https://google-sync.rutarget.ru/sync?google_gid=CAESEBHHzQYp81fKfd1xQMdvm3c&google_cver=1&google_push=AYg5qPK7PWJ76AYx32AYJOl-2FoyFwMQJkMENTp0H_oqXcyYncF2glMtuumRIIrHcga3CGqApMlmsMXGW141jxddFfexCVz...
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=enBtZGZXajE0S29F&google_ula=2046794&google_push=AYg5qPK7PWJ76AYx32AYJOl-2FoyFwMQJkMENTp0H_oqXcyYncF2glMtuumRIIrHcga3CGqApMlmsMXGW1...

170 B
188 B

148ms
148ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=enBtZGZXajE0S29F&google_ula=2046794&google_push=AYg5qPK7PWJ76AYx32AYJOl-2FoyFwMQJkMENTp0H_oqXcyYncF2glMtuumRIIrHcga3CGqApMlmsMXGW141jxddFfexCVzTN8A

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=enBtZGZXajE0S29F&google_ula=2046794&google_push=AYg5qPK7PWJ76AYx32AYJOl-2FoyFwMQJkMENTp0H_oqXcyYncF2glMtuumRIIrHcga3CGqApMlmsMXGW141jxddFfexCVzTN8A
Date: Sun, 07 Nov 2021 19:01:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 44AF 42 B
233 B 257ms
83ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEGSV0jlcSvFz53BSup1eVr4&google_cver=1&google_push=AYg5qPLVN6DrC-16N0vLaMW1DilzvTYDHXSstZiaMbeztA5EgMPPb_hFRpNjeQ-E9aeJN4mFbW6EBJWSRcfMPORGS3q6EEnLR5o
Requested by: Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 19:01:58 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44AF
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB9D8MtZaoNSMZRO3cFcUEE&google_cver=1&google_push=AYg5qPIP1YViuGjA9CqI3qG79CIUgnZRPiiJ7Wed4gWtNEP8Az8VG51x4N21rG-FrT8Gsv9FFsbhDUHxKCNx-h5Ct...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIP1YViuGjA9CqI3qG79CIUgnZRPiiJ7Wed4gWtNEP8Az8VG51x4N21rG-FrT8Gsv9FFsbhDUHxKCNx-h5Ct3VtPee6rC06&google_hm=a4600cae1b88930dfdf375a0

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIP1YViuGjA9CqI3qG79CIUgnZRPiiJ7Wed4gWtNEP8Az8VG51x4N21rG-FrT8Gsv9FFsbhDUHxKCNx-h5Ct3VtPee6rC06&google_hm=a4600cae1b88930dfdf375a0

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 07 Nov 2021 19:01:58 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIP1YViuGjA9CqI3qG79CIUgnZRPiiJ7Wed4gWtNEP8Az8VG51x4N21rG-FrT8Gsv9FFsbhDUHxKCNx-h5Ct3VtPee6rC06&google_hm=a4600cae1b88930dfdf375a0
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44AF
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF0yRItzUacQd6hUvVVwXlg&google_cver=1&google_push=AYg5qPKQ5sLMEneMj_brK1ZOxmA9NyO00uAyN4YCgdNUeVXaFKY1qvOV...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF0yRItzUacQd6hUvVVwXlg&google_cver=1&google_push=AYg5qPKQ5sLMEneMj_brK1ZOxmA9NyO00uAyN4YCgdNUeVXaFKY1qvOV...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF0yRItzUacQd6hUvVVwXlg&google_cver=1&google_push=AYg5qPKQ5sLMEneMj_brK1ZOxmA9NyO00uAyN4YCgdNUeVXaFKY1qv...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEF0yRItzUacQd6hUvVVwXlg&google_cver=1&google_push=AYg5qPKQ5sLMEneMj_brK1ZOxmA9NyO00uAyN4YCgdNUeVXaFKY1qv...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyZWQwNmUyMC0zZmZkLTExZWMtOTMxYi0wNjgzMTE2NjY4NDY%3D&google_push=AYg5qPKQ5sLMEneMj_brK1ZOxmA9NyO00uAyN4YCgdNUeVXaFKY1qvOVS3oyi8C5Z8...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyZWQwNmUyMC0zZmZkLTExZWMtOTMxYi0wNjgzMTE2NjY4NDY%3D&google_push=AYg5qPKQ5sLMEneMj_brK1ZOxmA9NyO00uAyN4YCgdNUeVXaFKY1qvOVS3oyi8C5Z8v_uIRX_af6gm1TWpJ2sIChtVKmFMeRjz53FQ

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyZWQwNmUyMC0zZmZkLTExZWMtOTMxYi0wNjgzMTE2NjY4NDY%3D&google_push=AYg5qPKQ5sLMEneMj_brK1ZOxmA9NyO00uAyN4YCgdNUeVXaFKY1qvOVS3oyi8C5Z8v_uIRX_af6gm1TWpJ2sIChtVKmFMeRjz53FQ
date: Sun, 07 Nov 2021 19:01:58 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44AF
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESENjyuQkBCB3SMujOWQA28-s&google_cver=1&google_push=AYg5qPLYyA_Ao_WtSGmk-1wVuiiHFd9tTme5rPy05ZS0hO_-XRmgyHfKNUt5YPgE_aEI7ZBENHftPkcGnlHKmTvX0...
https://sm.rtb.mts.ru/match/second?ssp=12&google_push=AYg5qPLYyA_Ao_WtSGmk-1wVuiiHFd9tTme5rPy05ZS0hO_-XRmgyHfKNUt5YPgE_aEI7ZBENHftPkcGnlHKmTvX0F27QdE6km_CwQ&exu=CAESENjyuQkBCB3SMujOWQA28-s
https://tech.rtb.mts.ru/?dsp_uid=06bc9990-5f83-40ac-8b9e-f132f36a754f&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D06bc9990-5f83-40ac-8b9e-f132f36a754f%26g...
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=06bc9990-5f83-40ac-8b9e-f132f36a754f&google_push=AYg5qPLYyA_Ao_WtSGmk-1wVuiiHFd9tTme5rPy05ZS0hO_-XRmgyHfKNUt5YPgE_aEI7ZBENHftPkcGnlHKmTvX...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=06bc9990-5f83-40ac-8b9e-f132f36a754f&google_push=AYg5qPLYyA_Ao_WtSGmk-1wVuiiHFd9tTme5rPy05ZS0hO_-XRmgyHfKNUt5YPgE_aEI7ZBENHftPkcGnlHKmTvX0F27QdE6km_CwQ

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 07 Nov 2021 19:01:58 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=06bc9990-5f83-40ac-8b9e-f132f36a754f&google_push=AYg5qPLYyA_Ao_WtSGmk-1wVuiiHFd9tTme5rPy05ZS0hO_-XRmgyHfKNUt5YPgE_aEI7ZBENHftPkcGnlHKmTvX0F27QdE6km_CwQ
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 44AF 0
12 B 15ms
14ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LoGNhOlhsBPXFoHncr7O0981ZTb1wGzLbFJzZ1-VZfkMrfaf1wQjdn1Q0NHUxxF2N4GoVjVIU

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FA6 0
58 B 42ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3zU1pSKIYcC4IJ6f7_UP_9WDkA8AAAAAOAHgBAI&bg=!tLelt_PNAAYH3anuB907ACkAdvg8WvWn7XNZ9QVmmclCCdvLp4P9cWrvLDCbOVj5BsJqGMsr2DFbsAIAAAD0UgAAAApoAQeZA0lYzDnUus9KXs2byMDhXbsyRQsIHM6tfZk9_HKhlQORi9riltuXZ1rIRgnEGRZC_aDzMB0xboxouFsSulJHKPRBN_InnsYTWUm4hWqZdPJ4YOKemRYzavQg5Nx4SBXIRiK4uLnGNfBvZx2RSTrJz2obDp004qPRCoaMK4jMkB70a8El_I7fwRBmXa-uUZ3VF32jzDjJNsSgaA9uCKbFRfurBhsNobTq4luRcxKUBq6O1O__ayflYo7RQWTUzEZZVOSFFVfLg8UdvHNOwahAkYSNxTrnCarsdiz4Hwgz6VYdpAUWhgbHbGvPlMVH1jLOAfT0j4aPv4caw9f3mYHmY_JRFJiUBmb3PZVt-tsBMoD2XoteIyQF1QJWuHaerVvFQlBnT35Rc5XMIrXRlbM0iYc6ZxjYnG0BIW-vv7X8q6i2jud6caDLkev2iNMWHJ6TpsJ5EhtNf0jZ_67MxzxyPcBNZnPjBjHn1kSVpTqX6WdUujqZhj0QGejHSNO7Eem4_x4eo7DFSWfYjudQ_nCxQMwe4dmLwNzXkiuomXRcAjoFEaJY6TP3w_rTMgZlOp7fPaXdx8N1GQ4g0kuK5Ko7E8jmV6tA2T88ksUUCyfu4cAkfjKtorvD30xLPev9YFDsO6ynYyi1jDeBjggQ2vOy80DWISBWEoezCJqx4Vgajgm-rQamGshOZhaAWUTMER8tmmLGzCh6Nf3jTSYULF0ZHxrOjxZxKdPzMUzt-QIhkkZc06BVCtjwwmkhRJiz_hmD0yaMg8Dbn9_rEL6J85EGrfI40UMv-Qj6Gd6NTaMMettD41YmAw6DC9WKpkevgLAyv5SOySRaw80AOR5thehv_0DhIsHFGC97SwgcLFr_SNJm_KQEcy9jcm3wh1sWXOofWERtYwJEoYHeYmSAewAZawev5KOu0LEUoeXKmxoSe2KfBR-W7aMKn2fSP_ukcgMSIBvJwhxKWOl_Wdkdp9-iBe39Q6N9Ddmw2urDcdcuZhBlZMitzoBQERcTZAl9C2L0scypSWCDUFgJVuZDfNU85hgYe5Sw3tYgzHKx5zapqFl7i5CmwNidvBBDhkIwlKYGVPpj5FPcJSsU9YsrevssRkLjoOOH0qdtvFqD

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10FF 0
56 B 43ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bq2q7piKIYfXcA8Hw-gb82aGgBQAAAAA4AeAEAg&bg=!HB-lH1vNAAYH3anuB907ACkAdvg8WlaBWEDNNJjNkAraKLiAZeF_UUr6MGrWHwdZ79nHpi7_03lAEgIAAADpUgAAAAtoAQcKAIGXax6pT9ghPWYVK7wTsnIzvmmC3t3kY6beUZqwpPAjn_5_WqRr1_OGiEB8Ch5Hkl_O3lSyC70xLc3Jg35KPL4M3KLabXcyMY3bdW0bFMOICZyQxAPbZWuAK5TM4iS9j6spB4mxVuqb2Izid4wHhGMgxVSDmc48lEAXoqYAiPbi12yZAu1II1bKkLhyPVp4lb5AK84VzlS7mGt-5NpNXQaEYAmIMKSEgv8AW6lfEwi2tK8HzYJzDhu0THJw0NUuU23sKoxZEwnjZLt-e66r9t0G_KdZbNiY7_2bsx6btPEsvFyu_4iY-Q8gjE6i8iwMniqhNnIPpzIiO6_iU963D2EUfQxa_iIQp_IlrEVQsQ2IejlqBgu1_GJALZ6ADRx213RgjtokqWYO8UH4u_iaPRRgh4kduHq7CnEa1Wu80_ebiURTg7MeIA2olSuYH-3VbvwMptDy17PAL-lvDhItmV8I5fOYMkNbpYMOx-KyquaT3WW7y7QyDdNpYgzBEuHddc_VwmYrGUFT69uHDbGn-BeKRNPwyWspBZ_8l5FKif50dZNBXAvgh5Ts7nRqqFJ2jcScpPO-uzkR0xLKa2HrZ_HJmV-YLwcI7Nl-pzLXHXGuOGWVxJ9Hg4_ycElt62UDdqgGWq-IuQfbh3myweCQAvcJE_JznB4qPcYyTm0QLN6shVbMQIwRv29wZ1eLqNPO3htTFN4e8Je3iI7j2yTc-xIpHC_5Fg1pWbMAwshza5slUXRdryafHVEzDX4y9QWM6Ill3LtpGFzc9qK3HzKSSRpcHyD_8ybILysWmpJ8YmIaVJ5pAhVgepDzBZTOKsD_LYlFJ36q4GbooymVNfcAdWq_UxoMiYBioIaMvLdjubH6XFvRI5NeN50Bq5UXv8hil9y5fkzVdr4M9LSZFpfC0cUU3kqlsFrsmuSPQDwrWwWrpx2Y90WP-HggnTNJSgEjggAUDUckxkpg9m4abjPhIWoHHhLq-n1wT5DZZ-RmQTkN7_TSIM49wmXyhWIcpJC9axgq5LhT3cUYsquYgjxWHn9q1t3Pb2FWa_jpJCjiF-49cs2rXmvmkeB0oAo-GnhS3_U6JEwtZYDfqB69JCRaRr3By429fQv2RxpqENkSux4Nz9vUaYZ-rh6jsyFw7YGF_AzZdrV9GHoOZ6ghdDXOvn-NZA

Requested by

Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DD82 43 B
215 B 100ms
100ms Image
image/gif 52.73.22.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=820761&asId=db4e9058-1171-a62a-e33f-3152d47f187e&tv=%7Bc:tjgqFT,pingTime:-10,time:424,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1636311718301%7C%7Cbd8e12e273ac814ad9c74d124d1bbb88%7C%7C9ceebc4ad83ababb94d4029b4dca4e66%7C%7C17259f055d616576a06bb2830a5f3472%7C%7C15af086acf25bec00b905038ec28af08%7C%7C5bf32020ef7926947eb86f8c39893220%7C%7C2f82a2c872851fce73a1913cd7767528%7C%7C635aecc0ebae3baa23b42e67e684ab0a%7C%7C1629390669%7D
Requested by: Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.22.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-22-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9561 42 B
110 B 84ms
84ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPk-ra4oLl5zRN6WiZ1u1bo4Kig1ZxomdOdM6GuCIeUQFl_IzCA-IaDxvu4NUrrEPCifz1eLWJornGSsPWw8G7WT2qTSFb9L_THPVjmn_n03ZNWWdBtCyNTBBVsO_BCijDAVNNlS_WBQ89&sai=AMfl-YTZmMo77vXnaRwqtnhGbiXfwn4XMlwbGvB7zEEK0OIRT-gejD5F2X6F15F-9HMShmQRa6baHh2XvcK5Ep6KRZBFtg_bG-xpASk9tvsQ_KkrBqR5d1-6PUJxvmbCWZA&sig=Cg0ArKJSzIoWJZyjKiWoEAE&id=ampim&o=290,505&d=1020,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=144&tls=1144&g=100&h=100&tt=1144&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3093586772

Requested by

Host: grandnoticias.com
URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 728x90.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61924367/20211013081459116/ Frame EA3F 46 KB
16 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61924367/20211013081459116/728x90.html?e=69&leftOffset=0&topOffset=0&c=rhPKLxPmMK&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49556f75c5d2a75fee824d7041c1e42b07cf5c21f66e88b3b48d2d933a2bd713

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 16409
date: Sun, 07 Nov 2021 19:01:58 GMT
expires: Mon, 08 Nov 2021 19:01:58 GMT
cache-control: public, max-age=86400
last-modified: Wed, 13 Oct 2021 15:14:59 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DD82 0
23 B 57ms
42ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlTGV6rqIV4IxobmAqhyO4VToLPL6hHysdqpzJZ_029tGdeG5NiDxfqZhoM3br7pUZei68trvs39MKfHTgk9Dgfg1Mz9X3j33BV8fnVUTGgKpnf2-zM2MxqePfNe3jTUO2sFYZeP_VQpjT9U5VQ3rQEgfnFw&sai=AMfl-YQKd8KZPPBPx-OGevB6gHMQtD2VqbJz1MUfINQQ6wmP4OfuFxFPqQz_X1D4ij0gzldb4TBJX6gXOb5sHAdX42XDRRGKh0Tnv0I&sig=Cg0ArKJSzIljCXXhw8bEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=358&cbvp=1&cstd=352&cisv=r20211103.42663&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 19:01:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 m
secure-gg.imrworldwide.com/cgi-bin/ Frame DD82 0
297 B 134ms
34ms Image
text/plain 54.246.208.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn298945&cr=159762225&ce=N773418.3116036AFFIPERFDE-773418&pc=316775236&ci=nlsnci1193&am=1&at=view&rt=banner&st=image&gdpr=&gdpr_consent=&r=3182051916&C78=G1,DCM&uoo=0
Requested by: Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.208.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-208-35.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DD82 43 B
215 B 99ms
99ms Image
image/gif 52.73.22.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=820761&asId=db4e9058-1171-a62a-e33f-3152d47f187e&tv=%7Bc:tjgqIm,time:577,type:e,im:%7Bpci:%7Btdr:506%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:577,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B570~0%5D,as:%5B570~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:103,fm:sO6Fd7T+11%7C12%7C13%7C1411%7C15%7C16%7C1711%7C1712%7C18*.820761-57728794%7C181%7C182%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: 2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
URL: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.22.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-22-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:58 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame EA3F 118 KB
40 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61924367/20211013081459116/728x90.html?e=69&leftOffset=0&topOffset=0&c=rhPKLxPmMK&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61924367/20211013081459116/728x90.html?e=69&leftOffset=0&topOffset=0&c=rhPKLxPmMK&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 15:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 15:17:46 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame EA3F 60 KB
24 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61924367/20211013081459116/728x90.html?e=69&leftOffset=0&topOffset=0&c=rhPKLxPmMK&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61924367/20211013081459116/728x90.html?e=69&leftOffset=0&topOffset=0&c=rhPKLxPmMK&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Nov 2021 19:01:58 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DD82 0
23 B 42ms
41ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlTGV6rqIV4IxobmAqhyO4VToLPL6hHysdqpzJZ_029tGdeG5NiDxfqZhoM3br7pUZei68trvs39MKfHTgk9Dgfg1Mz9X3j33BV8fnVUTGgKpnf2-zM2MxqePfNe3jTUO2sFYZeP_VQpjT9U5VQ3rQEgfnFw&sai=AMfl-YQKd8KZPPBPx-OGevB6gHMQtD2VqbJz1MUfINQQ6wmP4OfuFxFPqQz_X1D4ij0gzldb4TBJX6gXOb5sHAdX42XDRRGKh0Tnv0I&sig=Cg0ArKJSzIljCXXhw8bEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=411&vt=11&dtpt=53&dett=3&cstd=352&cisv=r20211103.42663&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 19:01:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EA3F 7 KB
6 KB 40ms
20ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04bade427ed6038af0356fd358681b5434c6e9bcb4a842558e6b29bcf990901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 19:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5283
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 21ms
21ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

572bc64a1994436005d028920b85413d74893fbd31cf8a963fbc1e5245896bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 19:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9205
x-xss-protection: 0

GET
H2 200 OnAir-Light.woff
s0.2mdn.net/creatives/assets/4140742/ Frame EA3F 47 KB
47 KB 8ms
8ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13bd57daeae4ac228a38b69192328985424585894d8eadb4cdddf490356f4872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61924367/20211013081459116/728x90.html?e=69&leftOffset=0&topOffset=0&c=rhPKLxPmMK&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:58:09 GMT
x-content-type-options: nosniff
age: 229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48448
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 08:02:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Nov 2021 19:13:09 GMT

GET
H2 200 OnAir-Bold.woff
s0.2mdn.net/creatives/assets/4140742/ Frame EA3F 48 KB
48 KB 11ms
10ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4c07430eaa8ecb3adb6ffc0b09adf5d5fce88f386c247b1163120751d25414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61924367/20211013081459116/728x90.html?e=69&leftOffset=0&topOffset=0&c=rhPKLxPmMK&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:58:07 GMT
x-content-type-options: nosniff
age: 231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49468
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 08:02:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Nov 2021 19:13:07 GMT

GET
H2 200 60005582_20211014071532603_IMG_flight04_neu.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame EA3F 111 KB
111 KB 14ms
13ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211014071532603_IMG_flight04_neu.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79513e01a6c85ddda69db1d8376a69db1a77e3b9808738ab596de57b9f707846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61924367/20211013081459116/728x90.html?e=69&leftOffset=0&topOffset=0&c=rhPKLxPmMK&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 17:16:21 GMT
x-content-type-options: nosniff
age: 6337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113546
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 14:15:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 17:16:21 GMT

GET
H2 200 Stoerer-2x_flight03.png
s0.2mdn.net/creatives/assets/4206591/ Frame EA3F 44 KB
44 KB 12ms
11ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4206591/Stoerer-2x_flight03.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ac782a1877e995aa98899666bfbcd6018d2d17e5d3e2685290c2c749b51adfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61924367/20211013081459116/728x90.html?e=69&leftOffset=0&topOffset=0&c=rhPKLxPmMK&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:58:05 GMT
x-content-type-options: nosniff
age: 233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45217
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 09:04:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Nov 2021 19:13:05 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame EA3F 43 B
609 B 34ms
9ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_REA_HAV_14105_PV&mediacode=26626666_4307561_316775236_159762225_-0&ref=26626666_4307561_316775236_159762225_-0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Wetzlar, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 19:01:58 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H2 200 Erupt-Bubble_Spritesheet.png
s0.2mdn.net/creatives/assets/4161357/ Frame EA3F 154 KB
154 KB 18ms
18ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4161357/Erupt-Bubble_Spritesheet.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

594b8d496a6296d9193215c0319c947e4298a4ac59b7b68cccdba2730e8b79ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61924367/20211013081459116/728x90.html?e=69&leftOffset=0&topOffset=0&c=rhPKLxPmMK&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 18:58:10 GMT
x-content-type-options: nosniff
age: 228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157284
x-xss-protection: 0
last-modified: Mon, 17 May 2021 08:20:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Nov 2021 19:13:10 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EA3F 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 07 Nov 2021 19:01:59 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 07 Nov 2021 19:01:59 GMT

GET
H2 200 0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js Show response
pagead2.googlesyndication.com/bg/ Frame B96B 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 22:38:58 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 03AB 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 07 Nov 2021 18:32:09 GMT
expires: Mon, 07 Nov 2022 18:32:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0EA8 783 B
999 B 16ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9f4a1db3b8d23c76e86282e418cb84ff648692de379ea116d04a8a4488761abd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-URNE495UNTyzhPpahyoLbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 07 Nov 2021 19:01:59 GMT
date: Sun, 07 Nov 2021 19:01:59 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-URNE495UNTyzhPpahyoLbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0EA8 0
0 56ms
55ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110201&jk=1752086657471958&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js Show response
pagead2.googlesyndication.com/bg/ Frame 03AB 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 22:38:58 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1D6C 42 B
108 B 50ms
50ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5QEY3oVxsGKPUDDfa5rQiu-bG0er69YwVqr0Gl4tzbWgJxJYhaqNx6hOj36unbcKt6g34hTqLopcM9TIdJVajjBZAvFF9gS9h0VbAQAYVBXNyDuCfZ4WrfN5nyJLU91g0ujD2ruJ9wPrt&sai=AMfl-YSNzaLNC0rOvxr3p210VKPGD5YmdXvtduk_a1vGBatZeykyPSKHUjqVfdRNKaQE1VYolNoWOtUHwxr4jhyQxiLHQWew7vSnElsmgUtT_kkk0MJO3-NsgbjIctb-&sig=Cg0ArKJSzBqX7naIs6qxEAE&cid=CAASF-RodG1jtMk6A1sZWF3nR0eaIbbRJFTg&id=ampim&o=960,325&d=300,280&ss=1600,1200&bs=1600,1200&mcvt=1037&mtos=0,0,1037,1037,1037&tos=0,0,1037,0,0&tfs=154&tls=1191&g=100&h=100&tt=1191&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=254945499

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E159 42 B
108 B 78ms
78ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshOZIuez9pYkidPgO4OVa3_o9184cSKIBkYdwtpAT05Gk1VrXIV9XePN7-9wviJhgSWFdjK04RKSUg7hIs8w9iKF1dJl0M1JL_KphbIKWhN5o-IvaLGA&sai=AMfl-YTMuhtkcep-kCKz50jcuWU2WOf6r9lt4rvCCXBi2d5jBXJVtEnufNFIWk2yxeZGPDCwUYOdzfaK99_6MzH6SgUWJLa0ncy_rupYRoH5_gpfKDBO29n1dULOh6KT&sig=Cg0ArKJSzDnGwk27kW_JEAE&cid=CAASF-Ro75mZIub752IiO6opaBn3PymKFKRp&id=ampim&o=340,325&d=300,280&ss=1600,1200&bs=1600,1200&mcvt=1009&mtos=0,0,1009,1009,1009&tos=0,0,1009,0,0&tfs=145&tls=1154&g=100&h=100&tt=1154&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E414 42 B
108 B 79ms
79ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbrPD43-ko3huVXd-FnG4qTX6SZJ0RBGLB4GkVNGCN0HXhj83Y2wvQGVwK50lnIq8Hm4F3YF5kEMkkfv96viuv4AO3RQ5kSJaUiHRD_swL6F5rjMw_2BdEtqQ4xEKZFRqh3cYcN-M2uNjU&sai=AMfl-YRw2mG3_XD7u4I0cU6mpKaSKJkLQ0UOTJQ2ND607vgQ1sGLlVwKfIXBnQnGPcBcBDRKgoDsone_vEUmnRP907KDIHWhycca4YLIZILuEXagHiRCof_EtGVNk6Vr&sig=Cg0ArKJSzJQ7QlmAmmgMEAE&cid=CAASF-RopT2KdgwegtPoPNTPZGyYbAh6fnEK&id=ampim&o=650,325&d=300,280&ss=1600,1200&bs=1600,1200&mcvt=1017&mtos=0,0,1017,1017,1017&tos=0,0,1017,0,0&tfs=136&tls=1153&g=100&h=100&tt=1153&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3520873266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110201&jk=1752086657471958&bg=!Q0ClQATNAAYH3anuB907ACkAdvg8WtCKbhwczsW3VMEZKMOh9XiZd5eYVuBNxhc8aDE_-_O5qZXQDwIAAACpUgAAAApoAQcKABX6iG5JEXNRQKMgNt-6rrjpWwyvusqZAsnrmh2fvn1VvkEv2kWCWVWym2ojUGIfRAvaZfiXp_mE48iL2UA89iWJznLZByR__0yNyUZKi5TH7j5b79phZBcjrQCKamGfamw4_YikmQiJ3UHRZLt-b5CfVTAmQAjs6NgjA7H6Mvl8mniF0lNYehe-6O33UN18ZS4EKBDmj3XeUWsMIHtI1v061YV3NTe4KuGNisd9Inog7WpVVu8CsAPwbYMYbpqm3amn9f2tWxxT1DG5Cblf1UvRlCGSFy-C-1MJ_qYiC7gdsSm4p16s_XvqjOlDPVumNT5_7yftaVVzW8MF1YUDs5xab6F57eMTQdUXDmY_W00uCgOgAQsqfSPIZvykqLayqU9LvZ-XY8oOh_0dGGSrHP57vNuwbnolzZppOWVs8WI4C9wl8RL6F2CzGCZLK1F7b3nsJhiLbgYL_2SBY1vBXyBbpM7aDTLlQO-yfJzwT4RTlYcyLNSKPuoz2_soUHegKkYAaqbJ4GEfHmUDqQGELh01xpmzNAWle7SbQ2y091eoLWdeifqPMPJNQJNyC6TFTEfKCw1F2yN6KFdGS-f6ziilDgSBUSEyWrIkNoDBM0ly2FBl8hO33yTzr2w0Z_x9q2UzfzVMTVRw73gELpcnXaAhVpRFFzJRbdq3bjtUi36S_6XZJZeze0PUBpqKH-5gIuEFj2pl9RGrFqJFpm0fsEkDmgq2WXpDo0kh1Hd0W2xCZdh4Aa191Txf3nbPIHIzR5uTMA_B-3AOK1Ao1Tx4fLYKhVPULzeBNRiCUdJUSvuE-gaCMKW7QGLceJg4H_bwPDRgZsh1GtMIKBm-Am58EulT9ACyeaLEKv3AMYJjogSMYG0wQRfrmn27rnBJFp0eFi1xHo8kMZYvK_qT1WKvzn90RLG3JU1IzmojaNMbUZtwrYkKfbsCrqGuDm_iydsKsYes5l4AbQCN5SVxQVbp_DfZbw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://grandnoticias.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DC73 42 B
174 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvk1wBW6M-6X9BiimNy-OC9a5ff8JV6V2r1Dv5vRrktJKKD0X3KJjsUAORORTyW3ywdE9KlsUIsmqHbM36gwu2ZWLeMbeCo9Kr3pUWdL2gI1ok4lZKU0dQRu8rZEfkRF6Tz9GSiOpMCdwhbtv8lRoV4DMgGkzxfY3Tn7coxShQKRrJepOGQdKM&sai=AMfl-YS8GcijHbGcAnu00Ly1zc3tnAgloh3azcDKfhkB4DQNkmwUarxdyO1PIh2gR4L-jH9o7K4n_QIBnKCK1kUE-hS4AV8X9bFnyOvhr2GL9uwdlBI5iCGy6zY2UgEr&sig=Cg0ArKJSzE5oGRa6iwbQEAE&id=lidar2&mcvt=1000&p=195,290,285,1018&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2523270209&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636311717657&rpt=398&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DD82 42 B
108 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIGzJ0thj39BJxMhBodpGuhu7zYzrvndzSQCNk5GZdyZN30RfIjfC0tEkqNYWS4VcK5hLAA4w_msAe8yK755k10YH07ubkFdh6PZ9A&sai=AMfl-YT9ca1Cf95IIYa_6V03WQs83i5obY6OJyZ9bxTRmXfaLte_RXyJ4Sjj6_HkAVvKAzoDo1prREbJEICX2gA7PFtSQNRCDt5o-z4C1nhoXasSdmD6mkcG_9-V4EtX&sig=Cg0ArKJSzGPf3k2YVFssEAE&cid=CAASEuRozj1Y4i2eJaOGxsw2XOK1-g&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=558372742&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636311717484&rpt=662&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DD82 43 B
215 B 100ms
98ms Image
image/gif 52.73.22.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=820761&asId=db4e9058-1171-a62a-e33f-3152d47f187e&tv=%7Bc:tjgrbq,pingTime:1,time:2379,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:21%7D,%7Bpiv:100,vs:i,r:,t:1376%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1003,o:1376,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1370~0,1~100%5D,as:%5B1371~728.90%5D%7D%7D,%7Bsl:i,t:1376,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:101,fm:sO6Fd7T+11%7C12%7C13%7C1411%7C15%7C16%7C1711%7C1712%7C18*.820761-57728794%7C181%7C182%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.22.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-22-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:02:00 GMT
x-server-name: dt46.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DD82 43 B
215 B 101ms
100ms Image
image/gif 52.73.22.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=820761&asId=db4e9058-1171-a62a-e33f-3152d47f187e&tv=%7Bc:tjgrbs,pingTime:1,time:2381,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:21%7D,%7Bpiv:100,vs:i,r:,t:1376%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1005,o:1376,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1370~0,1~100%5D,as:%5B1371~728.90%5D%7D%7D,%7Bsl:i,t:1376,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:101,fm:sO6Fd7T+11%7C12%7C13%7C1411%7C15%7C16%7C1711%7C1712%7C18*.820761-57728794%7C181%7C182%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.22.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-22-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:02:00 GMT
x-server-name: dt50.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DD82 43 B
215 B 100ms
99ms Image
image/gif 52.73.22.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=820761&asId=db4e9058-1171-a62a-e33f-3152d47f187e&tv=%7Bc:tjgrbt,pingTime:1,time:2382,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:21%7D,%7Bpiv:100,vs:i,r:,t:1376%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1006,o:1376,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1370~0,1~100%5D,as:%5B1371~728.90%5D%7D%7D,%7Bsl:i,t:1376,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:101,fm:sO6Fd7T+11%7C12%7C13%7C1411%7C15%7C16%7C1711%7C1712%7C18*.820761-57728794%7C181%7C182%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:forwrd1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.22.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-22-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 19:02:00 GMT
x-server-name: dt49.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIsp-yjUSmq6zmPIqkgBBeoFhR7deuGWgB6YeZaRe4_8wNKyGxKiBnth7LB6MVi2iDtcY-BkNOLbCIkzTQBb0M_cw54WK4ZhQ&google_hm=a4600cae1b88930dfdf375a0

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
grandnoticias.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: p3p6fan3jom25c7u5qdtg0neke
grandnoticias.com/	1970-01-19 22:46:15	Name: bfbc917d86aa477d0559a52cc63e738a Value: 0
chama.grandnoticias.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: t0s10s3gbnh3bd8mrnmrhicptu
live.demand.supply/	1970-01-20 16:03:03	Name: demandSupplyTi Value: 65640976-4f67-4d5e-943b-20eed8d7fde0
.www.jwplayer.com/	1969-12-31 23:59:59	Name: __cfruid Value: 67bc8350f1272d8f53ae0ed30c0e83bd790441a0-1636311716
.dtscout.com/	1970-01-19 22:31:56	Name: m Value: 1
.dtscout.com/	1970-01-19 22:32:09	Name: b Value: 1
.dtscout.com/	1970-01-19 22:32:06	Name: oa Value: 1
.dtscout.com/	1970-01-20 00:55:51	Name: df Value: 1636311716
.doubleclick.net/	1970-01-19 22:31:55	Name: DSID Value: NO_DATA
.grandnoticias.com/	1970-01-20 07:53:27	Name: __gads Value: ID=a894d644df3f736f:T=1636311716:S=ALNI_MYiEGn7T4Rghr2Ab3wvOKjGQnpvkw
.doubleclick.net/	1970-01-20 07:53:27	Name: IDE Value: AHWqTUmVG2ZZXSe_rxdeNtvjbHlpNhNYKmm5N7jeFjRHNoS4FgnIL6x3qSnhv5RoEUQ
.casalemedia.com/	1970-01-20 07:17:27	Name: CMID Value: YYgipl2q1z-4YN0dYXVK3gAA
.casalemedia.com/	1970-01-20 00:41:27	Name: CMPS Value: 3176
.casalemedia.com/	1970-01-20 00:41:27	Name: CMPRO Value: 1155
.casalemedia.com/	1970-01-19 22:33:18	Name: CMST Value: YYgipmGIIqYA
.casalemedia.com/	1970-01-20 07:17:27	Name: CMRUM3 Value: 2d618822a62760CAESEIdOmUrL5W5d6W0lLpk_7Uk
.adnxs.com/	1970-01-20 00:41:27	Name: uuid2 Value: 486155790842518338
.adnxs.com/	1970-01-20 00:41:27	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>xqjn3r!@wnfH8K6pQK`!5=E<*L5?%LYe'-PF?Z2qRf609g/mJCW/Zlh!BDC16#`0_:%nugO%v4VB%nm?0)rbn`
.lijit.com/	1970-01-20 07:17:27	Name: ljt_reader Value: a4600cae1b88930dfdf375a0
.mts.ru/	1970-01-20 07:04:30	Name: dspid Value: 06bc9990-5f83-40ac-8b9e-f132f36a754f
.mts.ru/	1970-01-23 12:55:51	Name: mts_id Value: 118b2673-76ad-4d2f-aa47-ef58d469e5fc
.mts.ru/	1970-01-23 12:55:51	Name: mts_id_last_sync Value: 1636311718
.advertising.com/	1970-01-20 07:18:54	Name: APID Value: UP2ed06e20-3ffd-11ec-931b-068311666846
sync.srv.stackadapt.com/	1970-01-20 07:17:27	Name: sa-user-id Value: s%3A0-34e715cf-4cc5-43d8-4935-1da33f39d630.%2BQhhe33iSzcUOaU8gwRCw0gEGsnBTT1dkH8HsTyP7sg
.srv.stackadapt.com/	1970-01-20 07:17:27	Name: sa-user-id-v2 Value: s%3A0-34e715cf-4cc5-43d8-4935-1da33f39d630%24ip%2478.47.208.27.lC2WYtdcXjPfVTbts92oqSv39xoJIZPHeOcn0IqJjZI
.yahoo.com/	1970-01-20 07:17:49	Name: A3 Value: d=AQABBKYiiGECEC9sE8ohL0nvXn2BmOD2VEIFEgEBAQF0iWGSYQAAAAAA_eMAAA&S=AQAAAgK-gginntLQ2MECvlhITNc
.analytics.yahoo.com/	1970-01-20 07:18:54	Name: IDSYNC Value: 18wq~21ej
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP2ed06e20-3ffd-11ec-931b-068311666846
.yahoo.com/	1970-01-19 22:33:18	Name: APIDTS Value: 1636311718
.rutarget.ru/	1970-01-20 02:51:03	Name: userId Value: zpmdfWj14KoE
.o2online.de/	1970-01-19 22:41:56	Name: webShopPV Value: ?partnerId=O2_DSP_REA_HAV_14105_PV&mediacode=26626666_4307561_316775236_159762225_-0&ref=26626666_4307561_316775236_159762225_-0
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:03:45	Name: bcookie Value: "v=2&9bd1d044-bdf2-4d9d-8ad2-f64c3ba77c2a"
.linkedin.com/	1970-01-20 15:58:56	Name: li_gc Value: MTswOzE2MzYzMTE3MTg7MjswMjELh+tzAWTkT8Q0K1iQKhvXdtVtrEJDLP98I8Jnfdl6Og==
.linkedin.com/	1970-01-19 22:33:18	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2261:u=1:x=1:i=1636311719:t=1636398119:v=2:sig=AQHAdu6yPJklDy6tdFQi5lwf6NnOmnzA"

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.jwplayer.com/developers/web-player-demos/resume-playback-with-cookies/logger.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/ Message: The resource https://live.demand.supply/impl.v13.8.0.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://grandnoticias.com/covid-19-pfizer-recruta-novos-voluntarios-para-testar-vacina-no-brasil/ Message: The resource https://live.demand.supply/p4/v13-8-0/Z3JhbmRub3RpY2lhcy5jb20v was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2c5fa425ace64cb550c733379164ec14.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
animesonehd.xyz
ap.lijit.com
api.demand.supply
bid.g.doubleclick.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.tynt.com
chama.grandnoticias.com
cm.g.doubleclick.net
code.jquery.com
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
facebruek.online
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
google-sync.rutarget.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grandnoticias.com
ib.adnxs.com
ic.tynt.com
live.demand.supply
m.notfollow.online
match.adsrvr.org
pagead2.googlesyndication.com
pixel.advertising.com
portal.o2online.de
px.ads.linkedin.com
rtb2-useast.e-volution.ai
s.ad.smaato.net
s0.2mdn.net
secure-gg.imrworldwide.com
securepubads.g.doubleclick.net
sm.rtb.mts.ru
ssl.p.jwpcdn.com
ssp.adriver.ru
static.adsafeprotected.com
sync.go.sonobi.com
sync.srv.stackadapt.com
t.dtscout.com
tech.rtb.mts.ru
tpc.googlesyndication.com
ups.analytics.yahoo.com
waust.at
whos.amung.us
www.google.com
www.googletagservices.com
www.gstatic.com
www.jwplayer.com
cm.g.doubleclick.net
104.18.28.199
142.250.185.226
142.250.186.130
142.250.186.162
15.197.193.217
174.137.133.49
178.162.133.149
185.33.221.50
2.18.234.21
2001:4de0:ac18::1:a:2a
208.100.17.182
208.100.17.188
213.87.44.187
217.66.147.170
2600:9000:223f:d800:8:48e:53c0:93a1
2600:9000:2240:d800:1b:5138:8a40:93a1
2606:2c40::c73c:671d
2606:4700:20::681a:507
2606:4700:3032::ac43:beac
2606:4700:3032::ac43:c368
2606:4700:3033::6815:5402
2606:4700:3037::6815:6038
2606:4700::6810:5514
2606:4700::6810:8516
2620:119:50e1:101::6cae:b25
2a00:1450:4001:801::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a04:4e42:200::626
3.126.56.137
34.250.155.46
51.161.15.92
52.73.22.104
54.246.208.35
54.87.192.123
54.93.162.63
64.233.166.156
67.202.94.94
72.251.249.13
80.64.106.147
81.222.128.215
82.113.101.132
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13818497143a898c87482ecd2f2f5cbd343552aa4baca97a03b0a92d996d0cb4
13bd57daeae4ac228a38b69192328985424585894d8eadb4cdddf490356f4872
17c311dc9168746b614a94f651e25f73ddd6b5d6b2bce368813fb720d1e9033f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1893f33882001da675634d0081266cb9452dc81a8b4bd425e5244dbfefc8b0a3
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1d410d5223748e62d18141276e63a3c182b7f3be9be00721d9d33b144e12f022
201bb8b9b3d747f3977a103464cbf6e2aabe3c3fac2470c056dca9a6ad9cc12e
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
29cd2f8d75de5ae2066492eea0760392ba73bdd72dbb543460b861f634cb7069
2ac782a1877e995aa98899666bfbcd6018d2d17e5d3e2685290c2c749b51adfc
2c4c07430eaa8ecb3adb6ffc0b09adf5d5fce88f386c247b1163120751d25414
2c9cb69ec474efec002d6ffd967e893d22c51d9e1c9b9d0c756e56a6c08488a2
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d7d10f9ef64901b685f04e43694d77a8b86f774ac00e9569c890b6d043483cb
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
2dec1e051f7a1ade2e7691307be4ab47d5e0edbcaf331f945c2e9b79218afd34
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
3a9f0ed8be0f6de255f01ca9fbd2094a9745f98237c900d303f4950b44625145
3c31f29473ee8a586108b40f3f8ffe917d8d9637b9347ac93194a2b84037939c
3ea17325f649e0ed6b30e575e4286ad9994d27ba351ac281ca5b8329d019e146
458cd27c19e0b482f37691b9567a58108ba366d9c481c9f794e1b4f2e41e99f1
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d
47ad5e4be2910c10f2f783c1bc09cfbb28a2d8d3b8679e23c3bc72a75dc35759
49556f75c5d2a75fee824d7041c1e42b07cf5c21f66e88b3b48d2d933a2bd713
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4cf774324d2412c34f24d7c6d6d80dd28c7f7e9168e9bbca6628a798bad8c936
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e38ac057739ddebf7097bc16d6752c72af3894c648698d9f985ebbcdd041c98
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
512ea2efe356559ffc497f107a88730beee6782fdfcad15d68c8f3e017269aa9
53b893f8d17d83f5aa4d550d27ba39c9aba0d31416525b6f99da81b8b2f1b7c6
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5583bed55b667e4e9c6d854699d22936b9226ae9519c32fd769de49168b10cd9
568b503c6faed9e8d25a952033edbfe9152770d5fbe4bfa19ec7499913e5c0ba
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
572bc64a1994436005d028920b85413d74893fbd31cf8a963fbc1e5245896bfd
594b8d496a6296d9193215c0319c947e4298a4ac59b7b68cccdba2730e8b79ed
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5db1ebe30a081a17e50ab83db1967e94ad536451694340fbf62601b718515171
60ba7bfbf047d0adf1304f62330fa0192e5d9a3ec75af55a9a1f15e56820fd27
6716e7c9082bd0a706128a88da56548b13172dbd0acbf72fd13d391dc6fd2ba0
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6a11268e2d223bbf38108daf32c9ec84c81e3ce4750a98b6a87738d3bd5c131c
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
7052307fd07c1041205b93eb969be1e7891c16fc3ab6deda6614211e727224bc
738c97b01d0d6e40e80d9fce57c5bc1d85c11347c1fb66edd7bca4bd2003f863
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
758e7bfc97f054eaed54d574c32fb8219168b807aa25f59ec5e017b6fe215cf9
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
79513e01a6c85ddda69db1d8376a69db1a77e3b9808738ab596de57b9f707846
82dfb399a3b948e5a4e874dbae7ef4582f092f4297a52cb77272e66da203d58f
85ccda2bc950c23ab9d4566a96d4e86c386edc5039ebe90fb905a7cea0dce1de
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
86ab0105d9365e2c480a455d52be9514fd7d3af01287c5925f5ac0b195e71e73
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89a0522928de6747740dafbf6aea2cc321a3692c551f29a973fdf6f8e03ec5c1
8b754214503a0192fc76ec5fb379ade64e8b90aa5450805f9a172ff04e31d468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f1a82e41a01685991c7931ad67a70382436f124a79c2321cc0ebf96f1fb347a
8f4644d830b81e4dca2226a4410da2da45113b55e9e202e75ca2bb377b45ebf2
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
97a40b54458cc7479bd05422c7f4d4e50f233ce0bd1363a26efe1a813933991c
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cbfc3e0135220f040908a4787b396a23aca9b8d066d5e536d34817e08b48d4e
9d71c1bde4180d8e884c9391dfe3e8bc4dba443d6fb433f2a6f075b39df44713
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9f4a1db3b8d23c76e86282e418cb84ff648692de379ea116d04a8a4488761abd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3fd4f8ff11180d34d838a281353960220b1db80dd41a23e04b9721025bb51c2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
aa0caa63bbbb369376da39466befbae8f549c5bfb6a304916909158be39e3ef2
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b04bade427ed6038af0356fd358681b5434c6e9bcb4a842558e6b29bcf990901
b0d140c1a41b5fc516855d35b3aab74ab4f1db554004f1509f797fba76d89f02
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b3ffe9e5e9bc4a8979e7bda0b46ec14e3f68afaedc2821d8417ef6c30d5fa86c
b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1
bb0f63784f2277e0de02906b3363789eb045aeff0f60fcf2b70ecfa3898e3515
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc99c36dc9cd3182ec256a1d72f91927790cc42a5c4f6fdd5cd38656403f5256
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
c11d0af7cee7d4e4580ea67180a733f3909a07b1cec80b9b1798eed7ab4fb387
c1245a0e3af69ee80d93130ebc038719c0264c50950074348cccdc37d1f7ab2b
c30d18370f9a98e32532fed170e91740d061829ad369d4e881144a4d38d85918
c39ad78adb03dea39c3b2e00fa4aadbbd5bb3f0d145934f091d9b97c4970e0c8
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
cea97e8d372a30aafdb69c8b22be93e9130bd4c5c6a28ef30dd05df255097f81
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7f211c00704e79b4ba02e0fb222761625185ea4a179e3331626dc1f9f1740a7
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de9db2d860dcc50a57ed9cb2edb2cc8891a1c89bc51979018d713b2293271564
df66311c687794e7ef4c65648a8f4c5409ceea678ef97b6c2f123d44eea92847
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e64c870fac1b5b672d9d802aa7239b9f341b777225f44cd836c32a63f1c01ce4
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f44ac5619379731a4dd9a546101768c537a472dcbe049735c3740661a9f582d7
f58779f4b75d17756a8cbee721424a1acf73675970810c4a35d1579e8915e55d
f7173225df74fe3951f6717ec3eb5ec0801f982aef757ecacacb400b106e0eb6
f7aac22b5bbd8f7710346eb11670ed95c153c1eb86e0ce179a7e80a4fffc296e
f7d9ccefe300027020dac9551dde90f08b42fae69c1d6fa56ecee751b9ab4f80
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
fac2e0334023740db905139577ed2396b7912d03c37ebcbba5fe55c595ea27bb
fdb677f563ffc81ee5a25e73f8a1a5a75dc1bc98f805b7f999b9fc2b0906cd30

grandnoticias.com Open in urlscan Pro 2606:4700:3032::ac43:c368 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

250 Requests

93 %HTTPS

48 %IPv6

40 Domains

55 Subdomains

41 IPs

7 Countries

2625 kBTransfer

6240 kBSize

36 Cookies

3 Outgoing links

Page URL History

Redirected requests

250 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

grandnoticias.com Open in urlscan Pro
2606:4700:3032::ac43:c368 Public Scan

Screenshot
Live screenshot

Full Image

250
Requests

93 %
HTTPS

48 %
IPv6

40
Domains

55
Subdomains

41
IPs

7
Countries

2625 kB
Transfer

6240 kB
Size

36
Cookies

250 HTTP transactions
9 data transactions