vuci.chaseged.com Open in urlscan Pro
2606:4700:3033::6815:3028 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vuci.chaseged.com/
Submission: On June 15 via automatic, source certstream-suspicious (June 15th 2023, 8:33:52 pm UTC) — Scanned from DE

Summary HTTP 153 Redirects Links 69 Behaviour Indicators

Summary

This website contacted 55 IPs in 9 countries across 38 domains to perform 153 HTTP transactions. The main IP is 2606:4700:3033::6815:3028, located in United States and belongs to CLOUDFLARENET, US. The main domain is vuci.chaseged.com.
TLS certificate: Issued by GTS CA 1P5 on May 22nd 2023. Valid for: 3 months.

This is the only time vuci.chaseged.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3033::6815:3028	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
10	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
10	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	75.2.45.24 75.2.45.24	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3	108.138.37.209 108.138.37.209	16509 (AMAZON-02) (AMAZON-02)
3	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	18.66.190.43 18.66.190.43	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
4	62.122.173.172 62.122.173.172	50245 (SERVEREL-AS) (SERVEREL-AS)
2	2a04:4e42:8d::84 2a04:4e42:8d::84	54113 (FASTLY) (FASTLY)
2	104.103.88.111 104.103.88.111	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	108.138.36.28 108.138.36.28	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
1 6	185.15.245.83 185.15.245.83	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
5	8.2.110.24 8.2.110.24	46636 (NATCOWEB) (NATCOWEB)
2	54.155.201.15 54.155.201.15	16509 (AMAZON-02) (AMAZON-02)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	185.15.245.82 185.15.245.82	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
5 5	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	35.157.30.16 35.157.30.16	16509 (AMAZON-02) (AMAZON-02)
1 3	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	52.211.126.31 52.211.126.31	16509 (AMAZON-02) (AMAZON-02)
1	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
3 3	18.193.96.203 18.193.96.203	16509 (AMAZON-02) (AMAZON-02)
1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
3 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1 1	23.218.164.71 23.218.164.71	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	168.119.146.39 168.119.146.39	24940 (HETZNER-AS) (HETZNER-AS)
1	80.77.87.163 80.77.87.163	46636 (NATCOWEB) (NATCOWEB)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	193.3.178.4 193.3.178.4	399668 (E-PLANNING-) (E-PLANNING-)
5	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	157.90.0.13 157.90.0.13	24940 (HETZNER-AS) (HETZNER-AS)
9	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
153	55

1 2606:4700:3033::6815:3028 (United States)

ASN13335 (CLOUDFLARENET, US)

vuci.chaseged.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.tudoreceitas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn0.tudoreceitas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.45.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad522a66075307272.awsglobalaccelerator.com

www.tudoreceitas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.37.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-37-209.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.190.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-190-43.muc50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 62.122.173.172 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 62.122.173.172.serverel.net

pub.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.103.88.111 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-88-111.deploy.static.akamaitechnologies.com

cdn-statics.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4c28f6d0256c1ac4c65f8ca25fecb54b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
67e051e465a1abde867144d8c0bc989c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-28.muc50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.15.245.83 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)

sync.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.201.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-201-15.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.15.245.82 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

api.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.30.16 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-30-16.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.93 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.126.31 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-126-31.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.96.203 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-96-203.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.205 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States)

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.164.71 (Munich, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-164-71.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 168.119.146.39 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.0.13 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.0.90.157.clients.your-server.de

s.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	tudoreceitas.com cdn.tudoreceitas.com cdn0.tudoreceitas.com www.tudoreceitas.com — Cisco Umbrella Rank: 328444	445 KB
22	googlesyndication.com 4c28f6d0256c1ac4c65f8ca25fecb54b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 67e051e465a1abde867144d8c0bc989c.safeframe.googlesyndication.com	122 KB
17	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 stats.g.doubleclick.net — Cisco Umbrella Rank: 124 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 pubads.g.doubleclick.net — Cisco Umbrella Rank: 417	328 KB
12	theadex.com 1 redirects dmp.theadex.com — Cisco Umbrella Rank: 19252 api.theadex.com — Cisco Umbrella Rank: 16412	19 KB
12	admanmedia.com pub.admanmedia.com — Cisco Umbrella Rank: 41847 cdn-statics.admanmedia.com — Cisco Umbrella Rank: 189975 sync.admanmedia.com — Cisco Umbrella Rank: 6821 cs.admanmedia.com — Cisco Umbrella Rank: 1103	53 KB
8	pubmatic.com 8 redirects image6.pubmatic.com — Cisco Umbrella Rank: 822 image8.pubmatic.com — Cisco Umbrella Rank: 737 image2.pubmatic.com — Cisco Umbrella Rank: 1020 image4.pubmatic.com — Cisco Umbrella Rank: 1216	3 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	3 KB
6	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 543 token.rubiconproject.com — Cisco Umbrella Rank: 656 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1134 eus.rubiconproject.com — Cisco Umbrella Rank: 639	2 KB
6	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 949 trc.taboola.com — Cisco Umbrella Rank: 650 trc-events.taboola.com — Cisco Umbrella Rank: 1937	209 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	110 KB
5	richaudience.com 1 redirects sync.richaudience.com — Cisco Umbrella Rank: 2090 s.richaudience.com — Cisco Umbrella Rank: 35064	1 KB
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 495 fonts.googleapis.com — Cisco Umbrella Rank: 80	575 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1019 bcp.crwdcntrl.net — Cisco Umbrella Rank: 952	24 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 742 gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114	7 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 357 aax.amazon-adsystem.com — Cisco Umbrella Rank: 444	62 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	1 KB
3	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1588 ssbsync.smartadserver.com — Cisco Umbrella Rank: 867	391 B
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 249 secure.adnxs.com — Cisco Umbrella Rank: 476	3 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3325 log.pinterest.com — Cisco Umbrella Rank: 4504	19 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 583	60 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 785	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 778	708 B
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1303 ups.analytics.yahoo.com — Cisco Umbrella Rank: 340	855 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	2 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 4938	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 375	531 B
2	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1145 sync.mathtag.com — Cisco Umbrella Rank: 566	861 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 635	1 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1964 feed.pghub.io — Cisco Umbrella Rank: 2174	6 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	21 KB
1	gstatic.com fonts.gstatic.com csi.gstatic.com Failed	34 KB
1	e-planning.net sync.e-planning.net — Cisco Umbrella Rank: 6141	105 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 426	99 B
1	acuityplatform.com ums.acuityplatform.com — Cisco Umbrella Rank: 1501	27 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	17 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 434	1 KB
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1137	344 B
1	chaseged.com vuci.chaseged.com	15 KB
153	38

	Domain	Requested by
17	cdn.tudoreceitas.com	vuci.chaseged.com cdn.tudoreceitas.com
11	tpc.googlesyndication.com	vuci.chaseged.com cdn.ampproject.org securepubads.g.doubleclick.net tpc.googlesyndication.com
10	cdn0.tudoreceitas.com	vuci.chaseged.com
10	securepubads.g.doubleclick.net	vuci.chaseged.com securepubads.g.doubleclick.net cdn-statics.admanmedia.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	api.theadex.com	dmp.theadex.com api.theadex.com
6	dmp.theadex.com	1 redirects cdn-statics.admanmedia.com vuci.chaseged.com api.theadex.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	cm.g.doubleclick.net	5 redirects
5	sync.admanmedia.com	cdn-statics.admanmedia.com sync.admanmedia.com
4	sync.richaudience.com	1 redirects sync.admanmedia.com
4	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
4	pub.admanmedia.com	cdn.tudoreceitas.com vuci.chaseged.com cdn-statics.admanmedia.com
3	trc-events.taboola.com
3	image8.pubmatic.com	3 redirects
3	x.bidswitch.net	3 redirects
3	imasdk.googleapis.com	cdn-statics.admanmedia.com imasdk.googleapis.com
3	fastlane.rubiconproject.com	cdn.tudoreceitas.com
3	c.amazon-adsystem.com	vuci.chaseged.com c.amazon-adsystem.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.tudoreceitas.com static.criteo.net
2	www.google.com	tpc.googlesyndication.com
2	image2.pubmatic.com	2 redirects
2	sync.search.spotxchange.com	1 redirects sync.admanmedia.com
2	sync-tm.everesttech.net	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.smartadserver.com	1 redirects api.theadex.com
2	ads.creative-serving.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	match.adsrvr.org	api.theadex.com sync.admanmedia.com
2	c1.adform.net	2 redirects
2	ib.adnxs.com	2 redirects
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	tags.crwdcntrl.net	cdn-statics.admanmedia.com sync.admanmedia.com
2	cdn-statics.admanmedia.com	pub.admanmedia.com cdn-statics.admanmedia.com
2	assets.pinterest.com	cdn.tudoreceitas.com assets.pinterest.com
2	cdn.taboola.com	vuci.chaseged.com cdn.taboola.com
2	www.google-analytics.com	vuci.chaseged.com www.google-analytics.com
1	trc.taboola.com	cdn.taboola.com
1	mug.criteo.com
1	67e051e465a1abde867144d8c0bc989c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s.richaudience.com	imasdk.googleapis.com
1	log.pinterest.com	vuci.chaseged.com
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	ssbsync.smartadserver.com	sync.admanmedia.com
1	sync.e-planning.net	sync.admanmedia.com
1	idsync.rlcdn.com	sync.admanmedia.com
1	cs.admanmedia.com	sync.admanmedia.com
1	eus.rubiconproject.com	sync.admanmedia.com
1	secure-assets.rubiconproject.com	1 redirects
1	ums.acuityplatform.com	sync.admanmedia.com
1	image4.pubmatic.com	1 redirects
1	sync.mathtag.com	sync.admanmedia.com
1	secure.adnxs.com	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	id5-sync.com	api.theadex.com
1	ups.analytics.yahoo.com	api.theadex.com
1	cms.analytics.yahoo.com	1 redirects
1	ps.eyeota.net	api.theadex.com
1	token.rubiconproject.com	api.theadex.com
1	pixel.mathtag.com	api.theadex.com
1	feed.pghub.io	pghub.io
1	pghub.io	cdn-statics.admanmedia.com
1	4c28f6d0256c1ac4c65f8ca25fecb54b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bidder.criteo.com	cdn.tudoreceitas.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.tudoreceitas.com	vuci.chaseged.com
1	vuci.chaseged.com
0	csi.gstatic.com Failed	imasdk.googleapis.com
153	72

This site contains links to these domains. Also see Links.

Domain
www.tudoreceitas.com
www.facebook.com
twitter.com
wa.me
www.instagram.com
www.youtube.com
www.pinterest.com
www.linktomedia.com

Subject Issuer	Validity	Valid
chaseged.com GTS CA 1P5	`2023-05-22` - `2023-08-20`	3 months	crt.sh
1885190603.rsc.cdn77.org R3	`2023-05-29` - `2023-08-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
1533073095.rsc.cdn77.org R3	`2023-05-29` - `2023-08-27`	3 months	crt.sh
tudoreceitas.com Amazon RSA 2048 M01	`2023-02-13` - `2023-10-06`	8 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2023-04-20` - `2024-05-21`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
dmp.theadex.com R3	`2023-04-24` - `2023-07-23`	3 months	crt.sh
api.theadex.com R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
*.acuityplatform.com Go Daddy Secure Certificate Authority - G2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.e-planning.net R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://vuci.chaseged.com/
Frame ID: 946D4EDEA87088363B49CBDA24FF8B77
Requests: 76 HTTP requests in this frame

Frame: https://4c28f6d0256c1ac4c65f8ca25fecb54b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1395F6172B59A4E65646B033949982AB
Requests: 1 HTTP requests in this frame

Frame: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Frame ID: E872089542A1D551CC3D46249EA6986F
Requests: 19 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fvuci.chaseged.com%2F&owner=P%26G&bp_id=adman&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js
Frame ID: D8EE35DB363D82B9F93B2F932A4146C0
Requests: 1 HTTP requests in this frame

Frame: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Frame ID: AB56F15B34B670FA517DAEE454AF43BB
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Frame ID: 1CED78A0E717820945F1F1EA92CB9031
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs
Frame ID: 8F76CEF57AE9734B3A9980C2B313EC35
Requests: 17 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Frame ID: 197D8D6B3D6C8F1398B8ABE69C2FB953
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B265985574AFFC378B28C518460FB772
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BE47EE81F4683CFF11F0A6475F9CEAD1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 92BC97FDDDCBFE7D2AABC6E4302F5601
Requests: 2 HTTP requests in this frame

Frame: https://67e051e465a1abde867144d8c0bc989c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BD49C0034EA1109ED0A83F88B85ECDEA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 678FC41E9C160A35EC335066DA562A0B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F77842D7CBF1A176B990D4A00E82B802
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vuci.chaseged.com
Frame ID: EB4C74D937B37CF43D5B678B1BBBBF8A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cebola caramelizada para hambúrguer - RÁPIDA E PRÁTICA!

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

153
Requests

88 %
HTTPS

33 %
IPv6

38
Domains

72
Subdomains

55
IPs

9
Countries

2132 kB
Transfer

6207 kB
Size

49
Cookies

69 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tudoreceitas.com/receitas-de-pao-e-bolos-16/
Title: Pão e bolos

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-sobremesas-17/
Title: Sobremesas

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-carne-10/
Title: Carne

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-aves-e-caca-11/
Title: Aves e caça

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-peixe-12/
Title: Peixe

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-frutos-do-mar-13/
Title: Frutos do mar

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-legumes-8/
Title: Legumes

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-verduras-7/
Title: Verduras

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-arroz-e-cereais-9/
Title: Arroz e cereais

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-massas-5/
Title: Massas

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-saladas-4/
Title: Saladas

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-sopas-6/
Title: Sopas

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-ovos-e-laticinios-18/
Title: Ovos e laticínios

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-aperitivos-e-petiscos-1/
Title: Aperitivos e petiscos

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-molhos-e-acompanhamentos-14/
Title: Molhos e acompanhamentos

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-coqueteis-e-bebidas-15/
Title: Coquetéis e bebidas

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-comida-de-panela-19/
Title: Comida de panela

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/conselhos-de-cozinha-6146/
Title: Conselhos de cozinha

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://www.tudoreceitas.com/receita-de-cebola-caramelizada-para-hamburguer-7720.html

Search URL Search Domain Scan URL

URL: https://twitter.com/share?original_referer=https://www.tudoreceitas.com/receita-de-cebola-caramelizada-para-hamburguer-7720.html&text=Receita%20de%20Cebola%20caramelizada%20para%20hamb%C3%BArguer&url=https://www.tudoreceitas.com/receita-de-cebola-caramelizada-para-hamburguer-7720.html&via=TudoReceitasCom

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Receita%20de%20Cebola%20caramelizada%20para%20hamb%C3%BArguer%20-%20https://www.tudoreceitas.com/receita-de-cebola-caramelizada-para-hamburguer-7720.html

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-cebola-caramelizada-para-hamburguer-7720.html?print=1

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/ajax/download/id_post/7720

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-molhos-para-carne-5920/
Title: Molhos para carne

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-cebola-caramelizada-para-hamburguer-7720.html#comentarios
Title: Avaliação: 4,5 (31 votos)

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/cozinheiro/2.html

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-para-hamburguer-2274.html
Title: Molho para hambúrguer

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-de-queijo-para-carne-5257.html
Title: Molho de queijo para carne

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-barbecue-rapido-1293.html
Title: Molho barbecue rápido

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-de-cebola-2140.html
Title: Molho de cebola

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-de-cebola-para-carne-5291.html
Title: Molho de cebola para carne

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-bearnaise-original-3019.html
Title: Molho béarnaise original

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-molho-para-salada-6191/
Title: Molho para salada

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-molhos-para-macarrao-5929/
Title: Molhos para macarrão

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-molho-de-iogurte-5898/
Title: Molho de iogurte

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-molhos-doces-5916/
Title: Molhos doces

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-polenta-6185/
Title: Polenta

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receitas-de-dips-5854/
Title: Dips

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-tartaro-simples-1227.html
Title: Molho tártaro simples

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-vinagrete-simples-para-churrasco-6344.html
Title: Vinagrete simples para churrasco

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-maionese-caseira-feita-no-liquidificador-8649.html
Title: Maionese caseira feita no liquidificador

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-farofa-simples-195.html
Title: Farofa simples

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-verde-simples-5732.html
Title: Molho verde simples

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-barbecue-caseiro-1207.html
Title: Molho barbecue caseiro

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-pirao-de-peixe-simples-1832.html
Title: Pirão de peixe simples

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-creme-de-alho-com-creme-de-leite-1211.html
Title: Creme de alho com creme de leite

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-de-cogumelo-para-carne-9577.html
Title: Molho de cogumelo para carne

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/artigo-20-receitas-de-molhos-para-carne-7802.html
Title: 20 receitas de molhos para carne

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-para-carne-de-panela-5283.html
Title: Molho para carne de panela

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-ferrugem-pratico-e-rapido-10294.html
Title: Molho ferrugem prático e rápido

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-de-ameixa-para-lombo-8839.html
Title: Molho de ameixa para lombo

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-de-tangerina-para-carne-2545.html
Title: Molho de tangerina para carne

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-molho-de-cogumelos-sem-creme-de-leite-3773.html
Title: Molho de cogumelos sem creme de leite

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-chutney-de-maca-3697.html
Title: Chutney de maçã

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/index/politicadeprivacidad
Title: política de privacidade

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/cdn-cgi/l/email-protection#afc6c1c9c0efc3c6c1c4dbc0c2cacbc6ce81c1cadb
Title: [email protected]

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-aneis-de-cebola-empanada-7730.html
Title: https://www.tudoreceitas.com/receita-de-aneis-de-cebola-empanada-7730.html

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/receita-de-cebola-caramelizada-para-hamburguer-7720.html#top
Title: Voltar ao topo da página

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TudoReceitascom

Search URL Search Domain Scan URL

URL: https://twitter.com/TudoReceitasCom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/TudoReceitas

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Tudoreceitas?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/tudoreceitas

Search URL Search Domain Scan URL

URL: https://www.linktomedia.com/

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/quem-somos
Title: Quem somos

Search URL Search Domain Scan URL

URL: https://www.linktomedia.com/?pt#Contacto
Title: Fale conosco

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/index/terminosycondiciones
Title: Termos e Condições

Search URL Search Domain Scan URL

URL: https://www.tudoreceitas.com/index/politicadecookies
Title: Política de cookies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://dmp.theadex.com/trace.js?adex_consent=1 HTTP 303
https://dmp.theadex.com/trace.js?adex_consent=1&axd_sc=4331002421003060253

Request Chain 64

https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D1%26axd_fuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fapi.theadex.com%252Fcollector%252Fv1%252Fd%252F1609%252F6436%252Fi%252F2.gif%253Fc%253D4331002421003060253%2526axd_pid%253D1%2526axd_fuid%253D%2524UID HTTP 302
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=1&axd_fuid=4442903917983723270

Request Chain 65

https://c1.adform.net/serving/cookie/match/?party=1010&adx_id=1609 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1010&adx_id=1609 HTTP 302
https://dmp.theadex.com/d/1609/i/2.gif?axd_pid=2&axd_fuid=6004779720798193230

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_sc&google_nid=theadex_dmp&google_cm&axd_cuid=1609&c=4331002421003060253 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=theadex_dmp&google_cm=&axd_cuid=1609&c=4331002421003060253&google_tc= HTTP 302
https://dmp.theadex.com/d/cm.gif?axd_pid=8&axd_fuid=CAESELDtQKY2r-5KSdUzR8qgVSI&google_cver=1&axd_cuid=1609&c=4331002421003060253

Request Chain 70

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D21%26axd_fuid%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D21%26axd_fuid%3D%23PM_USER_ID&rdf=1 HTTP 302
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=21&axd_fuid=5BB60568-9372-4971-A6FB-12EA78815736

Request Chain 71

https://ads.creative-serving.com/cm?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D26%26axd_fuid%3D%24%7BUUID%7D HTTP 302
https://ads.creative-serving.com/ul_cb/cm?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D26%26axd_fuid%3D%24%7BUUID%7D HTTP 302
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=26&axd_fuid=18da25d6-d36d-4258-ac6f-8af885b9c147

Request Chain 72

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D59%26axd_fuid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=59&axd_fuid=[sas_uid]&cklb=1

Request Chain 73

https://dpm.demdex.net/ibs:dpid=110947&dpuuid=4331002421003060253&redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D97%26axd_fuid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=110947&dpuuid=4331002421003060253&redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D97%26axd_fuid%3D%24%7BDD_UUID%7D HTTP 302
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=97&axd_fuid=10320744860855373541616485431209150292

Request Chain 75

https://cms.analytics.yahoo.com/cms?partner_id=ADEX&axd_cuid=1609 HTTP 302
https://ups.analytics.yahoo.com/ups/58676/cms?partner_id=ADEX&axd_cuid=1609

Request Chain 77

https://sync-tm.everesttech.net/upi/pid/34ZMEAI0?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D303%26axd_fuid%3D%24%7BTM_USER_ID%7D%20 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/34ZMEAI0?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D303%26axd_fuid%3D%24%7BTM_USER_ID%7D%20&_test=ZIt1qgASGJlHRwBa HTTP 302
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=303&axd_fuid=ZIt1qgASGJlHRwBa%20&_test=ZIt1qgASGJlHRwBa

Request Chain 81

https://x.bidswitch.net/sync?ssp=adman&user_id=77aee83e-3091-42ce-8526-69daad0bff74 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=adman&user_id=77aee83e-3091-42ce-8526-69daad0bff74 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adman&bsw_param=0bbfa3dd-7a5f-4d59-8904-1bdee5add80a&google_hm=MGJiZmEzZGQtN2E1Zi00ZDU5LTg5MDQtMWJkZWU1YWRkODBh HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJDTBV0jpQrEnjxRWfAcsIs&google_cver=1&ssp=adman&bsw_param=0bbfa3dd-7a5f-4d59-8904-1bdee5add80a HTTP 302
https://sync.admanmedia.com/bidswitch.gif?puid=0bbfa3dd-7a5f-4d59-8904-1bdee5add80a&redir=[RED]

Request Chain 82

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.admanmedia.com%2Fappnexus.gif%3Fpuid%3D%24UID HTTP 302
https://sync.admanmedia.com/appnexus.gif?puid=4442903917983723270

Request Chain 85

https://sync.search.spotxchange.com/partner?adv_id=8561&uid=BUYER_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8561&uid=BUYER_USER_ID&__user_check__=1&sync_id=ed5b3fb0-0bbb-11ee-9b6b-130dfa940206

Request Chain 86

https://image8.pubmatic.com/AdServer/ImgSync?p=157362&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157362%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.admanmedia.com%252Fpub.gif%253Fpuid%253D%2523PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUJCNjA1NjgtOTM3Mi00OTcxLUE2RkItMTJFQTc4ODE1NzM2&gdpr=-1&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHrZgkFF7J-lY9bKbGoRzew&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=157362&pmc=1&pr=https%3A%2F%2Fsync.admanmedia.com%2Fpub.gif%3Fpuid%3D5BB60568-9372-4971-A6FB-12EA78815736 HTTP 302
https://sync.admanmedia.com/pub.gif?puid=5BB60568-9372-4971-A6FB-12EA78815736

Request Chain 88

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onefortyproof&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=onefortyproof&endpoint=eu

Request Chain 89

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=sZn9xIbZzF&consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2F71da423e3fcc7c87e88ac913d505141d.gif%3Fpuid%3D[PDID] HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=%5BGDPR_CONSENT%5D&referrer=https%3A%2F%2Fsync.admanmedia.com%2F

Request Chain 150

https://gum.criteo.com/sid/json?origin=publishertag&domain=chaseged.com&sn=ChromeSyncframe&so=0&topUrl=vuci.chaseged.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=K41jhHw0UGNveTNwQjBSNis1VE42ck9FaGlrRk04bnNnbzlvZnY4QUhwbDV2Ly90RFRtTzQ2cUpmODdlUU9OamZUaUl2V2NJd0o3MUZDY0p1V2g1akJXaGlnUG5MaTBqOHF4ek1OSG1zaThuL2hTZTVZOUlsN0ZnMzBVelZRcFl5WlU4bjFWVUN6UWZac2VhWDkrSVhLTFlydEw0QWlRVnN0ZS9EOE1xYllqeTZqdHFiVXBXZ3RyaEFuZVpqRkZ5a3VSN2owRFAwejlaUjZBSFdodXpJZDNXTWpIU2pjTmtLUE1pNnBhMVpNbEt0K1YwcVZrSGo5UlBxWXYxclpoMFF1bnVzb0NNTjQ1b1FnMGdyZ0VOL3JhNUJYZz09fA&cppv=2

153 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vuci.chaseged.com/ 82 KB
15 KB 132ms
83ms Document
text/html 2606:4700:3033::6815:3028
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3028 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e74cc412cd042cdac7353d983b71351c92164853926cca0ed406589f2064b8a2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d7d9700af582c55-FRA
content-encoding: br
content-type: text/html
date: Thu, 15 Jun 2023 20:33:45 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URtIKO0jnGA9eUisruX0CvettFmAg7VvKsJWZpw708cTkgLmfx2vZdQc4RsiOuNatX5lir5yO3M4I8FVTjp%2BGa43sEZOdv57twIJXQLDfwy%2BWfnOQio3dl1MkCxt2oaYSMUslUapSPnHzFIAIa3AZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-ywbcurl: from Redis cache https://www.tudoreceitas.com/receita-de-cebola-caramelizada-para-hamburguer-7720.html

GET
H2 200 css_recetasgratis_97.css
cdn.tudoreceitas.com/css/ 111 KB
19 KB 120ms
14ms Stylesheet
text/css 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 311b87f6e8fd9a2dd7f4eb9f3823ca795f0cb6a6c22915c3c2c2ee11c49ff4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: Ka6MNiIl4NFeRZYojnyUSrBEQa_hFcV8
content-encoding: gzip
x-amz-request-id: 0X4JYY8CGF43WA4K
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 1938447
x-accel-date: 1684922778
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
x-amz-id-2: Dp8uYnGYlOqtwuQTIrJ56Jydq2CBzTfScsesjxUEcOSUX8tZ8mI0H1/Z0NcNHp0Q+T3xnQzRWZg=
x-77-nzt: AcO1qhGHF3v/D5QdAA
x-accel-expires: @1716458778
last-modified: Wed, 24 May 2023 09:41:56 GMT
server: CDN77-Turbo
etag: W/"bdc2b498caa8c13904307aa0e5fafea0"
x-77-nzt-ray: 4c1562249d1e4f15a9758b64de698d0f
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 80ms
57ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c86ddf3cadc8d616fa2725a006fb6ccfb3542f6822162ad147add9377c0fb55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25398
x-xss-protection: 0
server: cafe
etag: 689 / 19523 / 31075345 / config-hash: 17861249934247272613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 20:33:45 GMT

GET
H2 200 prebid_20180601115812.js Show response
cdn.tudoreceitas.com/js/library/prebid/ 101 KB
32 KB 19ms
18ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tudoreceitas.com/js/library/prebid/prebid_20180601115812.js
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 06fdbc83bc184320290713f3989d6d3cd9bca70d213d1c1e71ab3e9ee80a6a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: 56sLx_OXYRI9Dd__hjqSbGnHyyu00ZFu
content-encoding: gzip
x-amz-request-id: 221BX8WQXYTM7RTC
x-cache: HIT
x-77-cache: HIT
x-age: 16980856
x-accel-date: 1669880369
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
x-amz-id-2: SQfKQNRVIz8II2jJl27MUOHxZejvWvV4moPZwWj7LtHmk0BtbZg8vGwgVUa5mBFXmmfwplMeEhc=
x-77-nzt: AcO1qhHdLab/eBsDAQ
x-accel-expires: @1701416369
last-modified: Wed, 30 Nov 2022 16:41:02 GMT
server: CDN77-Turbo
etag: W/"dabd3cec1dc5d769daf6791686567a69"
x-77-nzt-ray: 4c1562249d1e4f15a9758b6476d55b12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable

GET
H2 200 menu.png
cdn.tudoreceitas.com/img/web/ 155 B
720 B 23ms
21ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/menu.png
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 230384701c004a306ac4968f841dfb024d89f39bcaa45d9986dce72250039d89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: kPiZsPf3u1pXbmOlCdi4ltdd0fhATTz5
x-amz-request-id: 26J5TPFF1C3MNKPF
x-cache: HIT
x-77-cache: HIT
x-age: 17474876
x-accel-date: 1669386349
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 155
x-amz-id-2: ce0HipKKKZBFY9jrffsINjtoCUnauuALINqt6RI3ujXKetAnPCO/QXpeHYXDB/vYfbgcTedyRx4=
x-77-nzt: AcO1qhGunhv/PKUKAQ
x-accel-expires: @1700922349
last-modified: Fri, 25 Nov 2022 11:55:11 GMT
server: CDN77-Turbo
etag: "4f0452682b53b3c9ac3bb26c8736e547"
x-77-nzt-ray: 4c1562249d1e4f15a9758b6426879112
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 pt.png
cdn.tudoreceitas.com/img/web/recetasgratis/logo/negativo/ 13 KB
13 KB 29ms
27ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/recetasgratis/logo/negativo/pt.png
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 146e36a7cba0b397c4e5029acddfa2a5f5de796e6e76b4d49edbb4740d9ad9bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: iX8JzFKUKEuT7wlYJWH004AKMqUNib_H
x-amz-request-id: 12RVMP22Q86EX87F
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 4940559
x-accel-date: 1681920666
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 12940
x-amz-id-2: Jd+jfb2+DLlfG4j/assoeKhM3RxicKBmtnSU70Y1o5zvW738cBSLt2nhOylW8V15fRGZ2Afrtr4=
x-77-nzt: AcO1qhGCrWD/D2NLAA
x-accel-expires: @1713456666
last-modified: Wed, 19 Apr 2023 15:59:57 GMT
server: CDN77-Turbo
etag: "7c16d929ce0fe7fbb8033f979edb2ec4"
x-77-nzt-ray: 4c1562249d1e4f15a9758b64f9a69612
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 lupa.png
cdn.tudoreceitas.com/img/web/ 956 B
1 KB 29ms
28ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/lupa.png
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5ce1d7a2f02c3b2ab50e549c12c75686d5fed9370844ade4692d6f5f5d5dd923

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: 5MN9ADi6K99Hh5gZuW8v16rzTHwPqY1G
x-amz-request-id: 26J0MW3AXSPCFC7K
x-cache: HIT
x-77-cache: HIT
x-age: 17474876
x-accel-date: 1669386349
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 956
x-amz-id-2: yaktIOTK6m/gYqxiCKw9lJEbbR4FI0kwlbIOmtgLi/Q8EYCIe/AK4IMd4j60pzjZPRHf8CHLA6c=
x-77-nzt: AcO1qhGNK4b/PKUKAQ
x-accel-expires: @1700922349
last-modified: Fri, 25 Nov 2022 11:55:11 GMT
server: CDN77-Turbo
etag: "65d6120381b08857ce6cea8674af8aab"
x-77-nzt-ray: 4c1562249d1e4f15a9758b64844e9c12
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 img_2_50_square.webp
cdn0.tudoreceitas.com/pt/users/2/0/0/ 704 B
1 KB 14ms
13ms Image
image/webp 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/users/2/0/0/img_2_50_square.webp
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f01f42ce67597ab827239dc5f14337836c3b96e2f6b6cb7e23dee4541733fde9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: p7sRDob4ONVgsl8g6Q4cE5JYLgZQH2Ot
x-amz-request-id: R8ZNTAPNN8DGKM43
x-cache: HIT
x-77-cache: HIT
x-age: 16443355
x-accel-date: 1670417870
alt-svc: quic="156.146.33.139:443"; ma=2592000; v="44,43,39"
content-length: 704
x-amz-id-2: 2klrruR4nzU2mBWcc0SShTYHAM/E08l+/MzHyK8pQ28KBMgTMJd0X+1EpbzPmiQJEF/chIVd91s=
x-77-nzt: AZySIYs+IjL/2+f6AA
x-accel-expires: @1701953870
last-modified: Tue, 04 Jan 2022 21:22:54 GMT
server: CDN77-Turbo
etag: "187394346ecf055ac89827c414e61105"
x-77-nzt-ray: cf878727923ba6daa9758b6408ea6712
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 cebola_caramelizada_para_hamburguer_7720_600.webp
cdn0.tudoreceitas.com/pt/posts/0/2/7/ 39 KB
40 KB 261ms
184ms Image
image/webp 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/0/2/7/cebola_caramelizada_para_hamburguer_7720_600.webp
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d4374b68fe4f91da69a7706e814ba41b4fb8cad184ebc75fc3a62f15a26439eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: KZGtXLUf1Y0HSfFzN29jEBOlPDGzpwqL
x-amz-request-id: FFY1TPB72M66G66S
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.33.139:443"; ma=2592000; v="44,43,39"
content-length: 40032
x-amz-id-2: z+gA/Y6r5cOtG/WbYHr7cmKHyCZRmw2ao540GRWjNSFV6/KGeaYrldcn2QPYnQufx0otPkkAaiPyIXDiRYmWOg==
x-77-nzt: AZySIYskOz+h
last-modified: Tue, 11 Jan 2022 02:38:44 GMT
server: CDN77-Turbo
etag: "db3246bb61ef35062c528a29465874fe"
x-77-nzt-ray: cf878727923ba6daa9758b64ab32d00d
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 molho_de_cebola_2140_300_150.webp
cdn0.tudoreceitas.com/pt/posts/0/4/1/ 8 KB
8 KB 151ms
149ms Image
image/webp 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/0/4/1/molho_de_cebola_2140_300_150.webp
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7fdeba60506c6123144a12e657cba747d10b4fa430855b7c9c84f4ca8a772e9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: daeO1nnLdDv8EwimSidnoJUxHr3FU9Vp
x-amz-request-id: FFY49SG13YVQWZ65
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.33.139:443"; ma=2592000; v="44,43,39"
content-length: 7932
x-amz-id-2: C8S7zEDTxHdYedsbs6WkuaZLVj+Le43TZRbw9kZ1SIGOEQTH6ZA9umD3v7sJWTHOd8Uo6uDuvto=
x-77-nzt: AZySIYskUlWh
last-modified: Mon, 03 Jan 2022 18:40:06 GMT
server: CDN77-Turbo
etag: "69f1decc8392f53520100d074bf6ea74"
x-77-nzt-ray: cf878727923ba6daa9758b6442527112
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 molho_de_cebola_para_carne_5291_300_150.webp
cdn0.tudoreceitas.com/pt/posts/1/9/2/ 4 KB
5 KB 136ms
135ms Image
image/webp 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/1/9/2/molho_de_cebola_para_carne_5291_300_150.webp
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b229f80c69fe75c8c2dabd1f1ae899391861dce0ca1a3d0fb82131ea01c79367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: SGG0YtsQSNy2dtXQ9YCYS6pTmd2Ur5kU
x-amz-request-id: FFYEY2A37HJNHCME
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.33.139:443"; ma=2592000; v="44,43,39"
content-length: 4484
x-amz-id-2: NXkr03syMIWFAnr2rLphSl44A13mTSG9UYQV6af6XjD7OtpVTYLhrwo76I1iLp5+E7TxznuNYFE=
x-77-nzt: AZySIYvObv+h
last-modified: Tue, 04 Jan 2022 02:01:49 GMT
server: CDN77-Turbo
etag: "6a8daf759cda29fb88ca640df738c7dc"
x-77-nzt-ray: cf878727923ba6daa9758b647c1e7612
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 molho_de_queijo_para_carne_5257_300_150.webp
cdn0.tudoreceitas.com/pt/posts/7/5/2/ 6 KB
6 KB 152ms
151ms Image
image/webp 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/7/5/2/molho_de_queijo_para_carne_5257_300_150.webp
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 63dde52fb192becdfa07829ac622ce295a37671178c8fd2619d500cd88a09d2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: ukbXNT17nFr81nh5M6UybT1KRildgWSf
x-amz-request-id: FFY1BK8JEA5HS2X3
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.33.139:443"; ma=2592000; v="44,43,39"
content-length: 5656
x-amz-id-2: x8OSHrz9maT9vTtav7djo7V3TveXQTyx5wRjHFHigWq0AOFQVvdSf9ZbT/xMOa812kfTyOkcKO0=
x-77-nzt: AZySIYuACzWh
last-modified: Tue, 04 Jan 2022 01:58:42 GMT
server: CDN77-Turbo
etag: "05497945e4788c28821e3303721e8264"
x-77-nzt-ray: cf878727923ba6daa9758b647e917912
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 molho_bearnaise_original_3019_300_150.webp
cdn0.tudoreceitas.com/pt/posts/9/1/0/ 6 KB
7 KB 169ms
168ms Image
image/webp 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/9/1/0/molho_bearnaise_original_3019_300_150.webp
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4b9a02c0976f4ad0f5d5ca69e3acaa000fcb691ce2c7a527f6af7f2b646383e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: P3T1tPCBJe5UB98DA5twrJQyljkDtSdQ
x-amz-request-id: FFY881HGTP53ZYFE
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.33.139:443"; ma=2592000; v="44,43,39"
content-length: 6528
x-amz-id-2: qekrb6NUtogahoMRZbpKtz9jJVdCczmMiNg4WDaOByfhCGEIhTpDIpNXJgfqgblp49DoqAWK384=
x-77-nzt: AZySIYucWqah
last-modified: Mon, 03 Jan 2022 20:58:03 GMT
server: CDN77-Turbo
etag: "4cf422e3c9105d6ae7664026ae62c510"
x-77-nzt-ray: cf878727923ba6daa9758b64cbdf7d12
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 404 email-decode.min.js
www.tudoreceitas.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 0
0 130ms
34ms Script
text/html 75.2.45.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tudoreceitas.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.45.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ad522a66075307272.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 js_recetasgratis_197.js Show response
cdn.tudoreceitas.com/js/ 143 KB
44 KB 32ms
30ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tudoreceitas.com/js/js_recetasgratis_197.js
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 50ac6d4e5d42ab696665f24d333e162f3cf8003129ed21c35c1755f0deffeb5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: NKozRQKmR0CHPUF.9XLTTRYigunqws74
content-encoding: gzip
x-amz-request-id: MEHVVE08H7J7YMP8
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 1775339
x-accel-date: 1685085886
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
x-amz-id-2: NpgLc6DwTvi9sCQCZvzq2ETaCNhfsPYtS+54DmW4tCc0fMubB3U4NHehkizAubZjb0NZ5pj2b3Y/IrpiPdcXcw==
x-77-nzt: AcO1qhG8tYP/6xYbAA
x-accel-expires: @1716621886
last-modified: Fri, 26 May 2023 07:05:21 GMT
server: CDN77-Turbo
etag: W/"38c3dc29d7add76c2d93e2a209d0ab5c"
x-77-nzt-ray: 4c1562249d1e4f15a9758b64c3db9f12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 59ms
14ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Jun 2023 18:35:26 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 7099
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 15 Jun 2023 20:35:26 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 236 KB
58 KB 59ms
16ms Script
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:19:30 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jun 2023 18:14:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P2
age: 856
x-amz-server-side-encryption: AES256
etag: W/"9352f20e556bff9fea6fd0461aac850d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 3-mOj43lgHk7x9gYUsAn9UbwEW5lh6vtzjUn6X5afjxqWFUiDZgpvA==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/linktomedia-ww-network/ 300 KB
46 KB 35ms
9ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/linktomedia-ww-network/loader.js
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e804ca6570a81a4de6eef0ecf5309778c175aae3f98fae41e12a106f8ff8d1ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: tPxYtgcEzAOdgmjJMX0Y2hMFZ2SuIR2K
content-encoding: gzip
via: 1.1 varnish
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-request-id: BQ0281RVS8PT42NM
age: 18
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 46220
x-amz-id-2: 8ECfrjgwnHLoSM72AItuB1z33wg7Er3iYdTVEYS7CbTfwmDMpYGEY18mHkH8pzT7CRCZbHfuCEQ=
x-served-by: cache-fra-eddf8230118-FRA
last-modified: Thu, 15 Jun 2023 10:22:22 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1686861225.336010,VS0,VE1
etag: "73b1da48f54b5adc1b3813c93cef7a92"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 arrow.png
cdn.tudoreceitas.com/img/web/ 818 B
1 KB 35ms
35ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/arrow.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 52cd4f924b7fbfed6999e8bc53705503b618e01689ce67943ee32a4a3ce03506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: kIGvQ9xpcsN6k83dazjRjAjP9obQV8wt
x-amz-request-id: 0GAHA7J53DXAN5FC
x-cache: HIT
x-77-cache: HIT
x-age: 17474875
x-accel-date: 1669386350
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 818
x-amz-id-2: voL4smXmElu1H9aBjEIU0S4EEUMvUjuZApU+WMXYOJIlk7kpfPpLAZ7rtuM9/sCb+8xY2c8nfgg=
x-77-nzt: AcO1qhGduFH/O6UKAQ
x-accel-expires: @1700922350
last-modified: Fri, 25 Nov 2022 11:55:10 GMT
server: CDN77-Turbo
etag: "c0851509cc98ba0047646cdeab0f2d36"
x-77-nzt-ray: 4c1562249d1e4f15a9758b64f4ebde12
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 hubsicons.png
cdn.tudoreceitas.com/img/web/recetasgratis/ 46 KB
46 KB 35ms
35ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/recetasgratis/hubsicons.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 731f13bd859ad5c054adba1d51262daaad1a35a47334b191748033504b298fb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: NoEDZgdN6e9IZD6lDuy_C1lQhWv9AZNU
x-amz-request-id: RDY6405R3E7BXKMB
x-cache: HIT
x-77-cache: HIT
x-age: 13597514
x-accel-date: 1673263711
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 46720
x-amz-id-2: iLYcigFNLI/2M5Oe9OVg47ks4QwXYy4ZEGf3IVGGFuTtPLW7IEA9QmZYZz61b/rex9bUQ/IQFOI=
x-77-nzt: AcO1qhEJ7Mn/SnvPAA
x-accel-expires: @1704799711
last-modified: Mon, 09 Jan 2023 11:02:37 GMT
server: CDN77-Turbo
etag: "6e2f2dff82d93e806fe12147c95a7f4d"
x-77-nzt-ray: 4c1562249d1e4f15a9758b645169e212
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 Catamaran-regular.woff2
cdn.tudoreceitas.com/fonts/Catamaran-regular/ 8 KB
9 KB 44ms
15ms Font
binary/octet-stream 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tudoreceitas.com/fonts/Catamaran-regular/Catamaran-regular.woff2
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 145c37fd8fb6d77c0396854cb9792d9341f88e3b473ca896359e140cb1a18a9f

Request headers

Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Origin: https://vuci.chaseged.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: mwAA1dqU8XWBAGSxZmXx5hDMZMdUU9eN
x-amz-request-id: 083289AHTP3ZT52A
x-cache: HIT
x-77-cache: HIT
x-age: 17479401
x-accel-date: 1669381824
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 8500
x-amz-id-2: NXPztimyjiZWugpvw58I0BB4y95pC7RjMA6uAp+B/T2P/IBbJzpWdYdevrXTGz8MMaSLvBiObGE=
x-77-nzt: AcO1qhEJwXD/6bYKAQ
x-accel-expires: @1700917824
last-modified: Fri, 25 Nov 2022 11:55:17 GMT
server: CDN77-Turbo
etag: "537c91e802bf6d2032363a6b412c1548"
x-77-nzt-ray: 4c156224482f7517a9758b64a31f6b14
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 social.png
cdn.tudoreceitas.com/img/web/ 6 KB
7 KB 32ms
32ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/social.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e81cdb67cc7c818f15735876afea422ffbf1770f1258e6562f0a609dc77dca69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: UXsnN8rznFWv.bU1k3vJMjtjCUpHNidr
x-amz-request-id: N19HXGDJHS36PTXB
x-cache: HIT
x-77-cache: HIT
x-age: 17477819
x-accel-date: 1669383406
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 6533
x-amz-id-2: +GtuAqcnY1yLCSxbxZOuPFIdEHHmhqHTkxU5rMAN7QKtdJmx1JcczPxqT1BFLpvqmAYq9MPL2ac=
x-77-nzt: AcO1qhHG7yj/u7AKAQ
x-accel-expires: @1700919406
last-modified: Fri, 25 Nov 2022 11:55:14 GMT
server: CDN77-Turbo
etag: "2086f17954758547d81a1d981ac185ef"
x-77-nzt-ray: 4c1562249d1e4f15a9758b647e7ee812
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 estrellato.png
cdn.tudoreceitas.com/img/web/ 3 KB
4 KB 32ms
32ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/estrellato.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8794ee905830304cbb023123a61c3a5adbf4f986dd446ae63adaf187cc08d679

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: xYCX1sNLGUaVqRMq34aledwnADXLAwWT
x-amz-request-id: 0GAVE27P3S72TDJW
x-cache: HIT
x-77-cache: HIT
x-age: 17474875
x-accel-date: 1669386350
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 3542
x-amz-id-2: CKFsIrGdFZFmJqkPyX/fBxKsVu0+Baxc/F5l3KXDyc60XsYb3RdrMIOvXMRmPE9pgn8+T/SsHO8=
x-77-nzt: AcO1qhHjp3P/O6UKAQ
x-accel-expires: @1700922350
last-modified: Fri, 25 Nov 2022 11:55:10 GMT
server: CDN77-Turbo
etag: "9725ff1cc61f7316f4139b1fa8a41d21"
x-77-nzt-ray: 4c1562249d1e4f15a9758b6467c6ea12
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 properties.png
cdn.tudoreceitas.com/img/web/ 3 KB
3 KB 32ms
32ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/properties.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eb38ff2098cc22926309ef17fe90f78ac2bd298cc4864aa42adc709a49874034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: 0.mSyl64nTm4GYeDrR1q56Cz7N67CRw9
x-amz-request-id: 2MY65Y307R1RTYDC
x-cache: HIT
x-77-cache: HIT
x-age: 13597513
x-accel-date: 1673263712
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 2802
x-amz-id-2: VigkM6cqh/L07C0/Efq9bpBHCPouc4ku1YAoJ2DbiE5RkbJLV5T2b9c0x299IghXTBiS+CNaEE0=
x-77-nzt: AcO1qhEBmcH/SXvPAA
x-accel-expires: @1704799712
last-modified: Mon, 09 Jan 2023 11:02:37 GMT
server: CDN77-Turbo
etag: "176b31007b19e253e9a6201ddf5892fe"
x-77-nzt-ray: 4c1562249d1e4f15a9758b6453c00f13
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 galeria.png
cdn.tudoreceitas.com/img/web/ 10 KB
10 KB 32ms
32ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/galeria.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e3365bf35d3ea9c66850acf54130215dfb9886d8e780cb7d5513292c0b99c781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: Jdwr149WLGM0FWf_wA4L6aQxqJx3s2Bk
x-amz-request-id: 0GAT26XS1JKFBXSK
x-cache: HIT
x-77-cache: HIT
x-age: 17474875
x-accel-date: 1669386350
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 9885
x-amz-id-2: IyaZihCr1x/c2qeb7yBlO4VCDbDeU7I9MEwdeP78urcsXP8QEvAuExx7abqYGincnVhfvQa2BQk=
x-77-nzt: AcO1qhG20h//O6UKAQ
x-accel-expires: @1700922350
last-modified: Fri, 25 Nov 2022 11:55:11 GMT
server: CDN77-Turbo
etag: "818f2925678a8f2f263d26783fece534"
x-77-nzt-ray: 4c1562249d1e4f15a9758b64337a1213
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 icono.png
cdn.tudoreceitas.com/img/web/recetasgratis/pt/ 9 KB
10 KB 30ms
30ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/recetasgratis/pt/icono.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7c82d4231209fd4f537e2a746bedbc8e4d99a55ec58db85ff163b09e45278ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: navDshNSCSnFWHxoL7OgywB2DRmzzUda
x-amz-request-id: TRQXJVV83M8TKY1Q
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 4932600
x-accel-date: 1681928625
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 9466
x-amz-id-2: C+Z2aO7eEHLsz00c6fMRO3cop+ahtQzydnWVXwhuZ+OWXLgGM4Q84ERv0V+RUvbaX8j1a2fr030=
x-77-nzt: AcO1qhFVd8L/+ENLAA
x-accel-expires: @1713464625
last-modified: Wed, 19 Apr 2023 18:17:58 GMT
server: CDN77-Turbo
etag: "4b619ac67d28c5f0acf84ae33834d25f"
x-77-nzt-ray: 4c1562249d1e4f15a9758b6418741413
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 social_follow.png
cdn.tudoreceitas.com/img/web/ 29 KB
29 KB 30ms
30ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tudoreceitas.com/img/web/social_follow.png
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9238bf145c9848c481b60d6b893b3c922d2bc0b8be22d919a346c2337e899352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: yA.3PpknhyuYav89tCIhNiA61_ICflXY
x-amz-request-id: 0GAZ6HRTVKKGG0XE
x-cache: HIT
x-77-cache: HIT
x-age: 17474875
x-accel-date: 1669386350
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 29383
x-amz-id-2: r0fqzgUX3AsBEHSBY3BxX0QMNS4XfDmT9M8Z8tJrIbzRe5C5FMfy11AJMxgT9A1c6IOisjAZMzQ=
x-77-nzt: AcO1qhGiUaP/O6UKAQ
x-accel-expires: @1700922350
last-modified: Fri, 25 Nov 2022 11:55:14 GMT
server: CDN77-Turbo
etag: "45ddc92b06e36e2c2d09b9f16a34488b"
x-77-nzt-ray: 4c1562249d1e4f15a9758b64e6ad1d13
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 Catamaran-700.woff2
cdn.tudoreceitas.com/fonts/Catamaran-700/ 8 KB
9 KB 55ms
32ms Font
binary/octet-stream 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tudoreceitas.com/fonts/Catamaran-700/Catamaran-700.woff2
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 10e3f4768cd810168f2e5250ce2f4d20c83c95b12fafd2e600a9f2b788962572

Request headers

Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Origin: https://vuci.chaseged.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: FWae5XjlS2qu0drjMxyLtQFyv.t1nijR
x-amz-request-id: 0839Y0800M9R75KC
x-cache: HIT
x-77-cache: HIT
x-age: 17479401
x-accel-date: 1669381824
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 8452
x-amz-id-2: 1pRC1UoG2fuEV8WjgXUOBd3VeJK8WDgGANW10juxW4nGyFccfVlH6l3Et7+y16VdoAyiI9YUb58=
x-77-nzt: AcO1qhHMEJb/6bYKAQ
x-accel-expires: @1700917824
last-modified: Fri, 25 Nov 2022 11:55:17 GMT
server: CDN77-Turbo
etag: "a58a459e1b4cad3e79d250218034e060"
x-77-nzt-ray: 4c156224482f7517a9758b640dcd7f14
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 Catamaran-300.woff2
cdn.tudoreceitas.com/fonts/Catamaran-300/ 8 KB
9 KB 51ms
28ms Font
binary/octet-stream 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tudoreceitas.com/fonts/Catamaran-300/Catamaran-300.woff2
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5f6db58f0af1d11050c4c4daa2549a5f403f6b2a1849b882933c408aec60a416

Request headers

Referer: https://cdn.tudoreceitas.com/css/css_recetasgratis_97.css
Origin: https://vuci.chaseged.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: 2x5K3d.dWn7uF4Gw5uMF__jpNK84_SoP
x-amz-request-id: 083BBP437AV9PGQ7
x-cache: HIT
x-77-cache: HIT
x-age: 17479401
x-accel-date: 1669381824
alt-svc: quic="195.181.170.17:443"; ma=2592000; v="44,43,39"
content-length: 8372
x-amz-id-2: FwQb/h5HKTv3Ut203TUj8DSDC5zDNkE4QuDlO2tTOLACVgbsjmZU6uAM0urqEi6jDKWD9W4xyWw=
x-77-nzt: AcO1qhGa+BP/6bYKAQ
x-accel-expires: @1700917824
last-modified: Fri, 25 Nov 2022 11:55:17 GMT
server: CDN77-Turbo
etag: "e91e2c59b507c752ef6c0b270e287ac4"
x-77-nzt-ray: 4c156224482f7517a9758b646a4a7a14
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control: max-age=31536000,public,immutable
accept-ranges: bytes

GET
H2 200 cebola_caramelizada_para_hamburguer_7720_paso_0_600.webp
cdn0.tudoreceitas.com/pt/posts/0/2/7/ 34 KB
35 KB 148ms
147ms Image
image/webp 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/0/2/7/cebola_caramelizada_para_hamburguer_7720_paso_0_600.webp
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 74cf793b5e7269bac34d2a45335ddd8b303b3bb062747b92d58c4a9bc7a5fc81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: i.gYaNKZGJ75LQ9WiFxyLsAcnH3MUGut
x-amz-request-id: FFY0STBZXWCCCZZF
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.33.139:443"; ma=2592000; v="44,43,39"
content-length: 35180
x-amz-id-2: XC/ox6bHSib1YWndAz9K0WeD2otHSZ9zu19OFZVCfeBawadaFhAf8Rm6zVjyZztzf0+nmTIsxnQ=
x-77-nzt: AZySIYsM9DWh
last-modified: Tue, 11 Jan 2022 02:38:46 GMT
server: CDN77-Turbo
etag: "d2920877cd33684b62db3ae066e683b5"
x-77-nzt-ray: cf878727923ba6daa9758b644fa07014
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 cebola_caramelizada_para_hamburguer_7720_paso_1_600.webp
cdn0.tudoreceitas.com/pt/posts/0/2/7/ 23 KB
23 KB 183ms
182ms Image
image/webp 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/0/2/7/cebola_caramelizada_para_hamburguer_7720_paso_1_600.webp
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: caea454793e27230ce0f6803d5bae27a8d61f9e1366fb309d877051465c8a4ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: 9DmfLg.kavqJuDH8gdMDUFt1nbF3mSuQ
x-amz-request-id: FFYD5SJSNQ7874DT
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.33.139:443"; ma=2592000; v="44,43,39"
content-length: 23238
x-amz-id-2: OTUW2q82ymDbtruugFWnWTZy11GxaptwMV3hygt9J1OmhJBg6x47Rd2q/FFzySwQCykmoggz9fs=
x-77-nzt: AZySIYu10C2h
last-modified: Tue, 11 Jan 2022 02:38:47 GMT
server: CDN77-Turbo
etag: "8c76dcdc2784b3d86d19657c01c43c4b"
x-77-nzt-ray: cf878727923ba6daa9758b645a197814
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 cebola_caramelizada_para_hamburguer_7720_paso_2_600.webp
cdn0.tudoreceitas.com/pt/posts/0/2/7/ 41 KB
41 KB 151ms
150ms Image
image/webp 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/0/2/7/cebola_caramelizada_para_hamburguer_7720_paso_2_600.webp
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0ad08e5c993698edf36a2d8b404bae3fef17ee9b13fc7e79b990e6b2027c8600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: nii.4cT0Xf3KYH6t1hpxQNOSgQqVx02G
x-amz-request-id: FFYAJJ4ZG412H6N6
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.33.139:443"; ma=2592000; v="44,43,39"
content-length: 41792
x-amz-id-2: ihwl8tvbGaNFIx1+cRVWfuyA9w7TELksQOTum73dZQnVsdJ0e/kVH9+eZI3Y582EV0Q9dgBsgcM=
x-77-nzt: AZySIYtTYVqh
last-modified: Tue, 11 Jan 2022 02:38:48 GMT
server: CDN77-Turbo
etag: "a0376e6d894bccae0768b4fa6a685602"
x-77-nzt-ray: cf878727923ba6daa9758b64e9837c14
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 cebola_caramelizada_para_hamburguer_7720_paso_3_600.webp
cdn0.tudoreceitas.com/pt/posts/0/2/7/ 31 KB
31 KB 167ms
166ms Image
image/webp 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.tudoreceitas.com/pt/posts/0/2/7/cebola_caramelizada_para_hamburguer_7720_paso_3_600.webp
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a2528ad8221d6ffe5d878618c1eb3f320cf7f29a1a5c674d35b7922efde4f5ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-version-id: E2g15Pre2386RWL.FGOYWRrz7ykzqTwF
x-amz-request-id: FFY6QPM4SF7NXXEC
x-cache: MISS
x-77-cache: MISS
alt-svc: quic="156.146.33.139:443"; ma=2592000; v="44,43,39"
content-length: 31496
x-amz-id-2: ehRtYJG2qOGwtQNhmT42rTIXGe02QhNon3kxD9O+1iGe+m9b1BBZ05hTh9Uk/qLdqdiRH1WWAh0=
x-77-nzt: AZySIYvM54ah
last-modified: Tue, 11 Jan 2022 02:38:49 GMT
server: CDN77-Turbo
etag: "f71153f698cc57bb3854b27b24fc0216"
x-77-nzt-ray: cf878727923ba6daa9758b641f648114
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/ 385 KB
122 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63d2f1bd44add3fdb170079ac23b7954eab7c2c746c3f1c6080e68443c2374a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 18:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7069
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124944
x-xss-protection: 0
server: cafe
etag: 5299556878430274508
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 14 Jun 2024 18:35:56 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 39 B
67 B 62ms
42ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vuci.chaseged.com&ppc_eid=31075027

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d46cd2a18a1b66b2d81dc62ae4835e4e03ac58f02ae4dc58a9a72a944661b20c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 15 Jun 2023 20:33:45 GMT

GET
H2 200 impl.20230615-13-RELEASE.js Show response
cdn.taboola.com/libtrc/ 778 KB
162 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230615-13-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/linktomedia-ww-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ee80b95c82c65a8f9e1fca76a4f7c4ea13167f4fe82bf0f8e05f8ab522e2db77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: csqoBCnJamBrBrMDcQbW10qb0Tu.BgEs
content-encoding: br
via: 1.1 varnish
date: Thu, 15 Jun 2023 20:33:45 GMT
x-amz-request-id: 6P167PFM2D6BEH7Z
age: 8939
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 165781
x-amz-id-2: QSpCYxDIgn1lM9zqSTOQgg/tWhXhy6bbJXPTobApk0WHK88rC3ujy5Nw12SrMl5zxR7kc7rJ+rA=
x-served-by: cache-fra-eddf8230118-FRA
last-modified: Thu, 15 Jun 2023 09:56:10 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1686861225.409292,VS0,VE0
etag: "49f9ef17275e21eee16fbb1b762d2aca"
vary: Accept-Encoding
content-type: application/javascript
abp: 44
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 32433

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 15ms
14ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1874814361&t=pageview&_s=1&dl=https%3A%2F%2Fvuci.chaseged.com%2F&ul=en-us&de=UTF-8&dt=Cebola%20caramelizada%20para%20hamb%C3%BArguer%20-%20R%C3%81PIDA%20E%20PR%C3%81TICA!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1938361435&gjid=192024366&cid=448583500.1686861225&tid=UA-58730775-1&_gid=968328672.1686861225&_r=1&_slc=1&z=807464091

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vuci.chaseged.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vuci.chaseged.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
305 B 115ms
115ms XHR
text/plain 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvuci.chaseged.com&pubid=a2951e5c-81d1-4de5-8cd6-475a5b9685fc
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:44 GMT
via: 1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: https://vuci.chaseged.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: vpBbgR3U5cBVm69HVvB0nu6HRmnkX51GDcF4qBetl-1VO11VAWQIaw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 436ms
408ms XHR
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
x-amz-version-id: Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding: gzip
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Fri, 26 May 2023 01:35:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 6vGoFRpKFS7lBOyEPpfo7HjFKtWa3Te2nTDBEGP5mQ0FrN8tLxsWkg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 53ms
18ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-58730775-1&cid=448583500.1686861225&jid=1938361435&gjid=192024366&_gid=968328672.1686861225&_u=IEBAAEAAAAAAACAAI~&z=2056325636

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vuci.chaseged.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Jun 2023 20:33:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vuci.chaseged.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 702ms
637ms XHR
text/javascript 18.66.190.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvuci.chaseged.com%2F&pid=a216dYIVh7qSa&cb=0&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1490621822506-2%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%2C%22480x320%22%5D%2C%22sn%22%3A%22%2F27212193%2Fltm_desktop_roba_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1490621822506-3%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%2C%22480x320%22%5D%2C%22sn%22%3A%22%2F27212193%2Fltm_desktop_roba_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1490621822506-5%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F27212193%2Fltm_desktop_sky_1%22%7D%5D&pubid=a2951e5c-81d1-4de5-8cd6-475a5b9685fc&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.190.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-190-43.muc50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P1
x-amz-rid: PTC8945ZFVHKTMJJ549R
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://vuci.chaseged.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: SgG67_xhIDIW3ehkbkS5W6dfCuLIqC1bjlxQrOvok6cRQuKpg-VCDA==

POST
H2 400 cdb Show response
bidder.criteo.com/ 0
199 B 65ms
17ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=8&cb=10371117781

Requested by

Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/library/prebid/prebid_20180601115812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://vuci.chaseged.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Jun 2023 20:33:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://vuci.chaseged.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 303 B
866 B 107ms
18ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16598&site_id=139448&zone_id=652404&size_id=15&alt_size_ids=16%2C101&p_pos=unknown&rp_floor=0.01&rp_secure=1&tk_flint=pbjs_lite_v1.13.0&x_source.tid=588b9cdb-1780-4a5f-815b-7d54110fc558&p_screen_res=1600x1200&rf=https%3A%2F%2Fvuci.chaseged.com%2F&slots=1&rand=0.20548715297853737
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/library/prebid/prebid_20180601115812.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bd1bcafea746ff251dbdecc20185cab632aa05f52dfbf4d02b8ece31e3f0322a

Request headers

Referer: https://vuci.chaseged.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:45 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vuci.chaseged.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 303
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 303 B
638 B 107ms
18ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16598&site_id=139448&zone_id=652404&size_id=15&alt_size_ids=16%2C101&p_pos=unknown&rp_floor=0.01&rp_secure=1&tk_flint=pbjs_lite_v1.13.0&x_source.tid=6e6fd5ef-c7a4-4c90-ae8a-e40c11ae61b6&p_screen_res=1600x1200&rf=https%3A%2F%2Fvuci.chaseged.com%2F&slots=1&rand=0.8451262667298947
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/library/prebid/prebid_20180601115812.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9fdef7bfabc0402b4077868b170df9fe19b79a113664ee0d1eeaed21111341dc

Request headers

Referer: https://vuci.chaseged.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:45 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vuci.chaseged.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 303
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 303 B
638 B 107ms
18ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16598&site_id=139448&zone_id=652404&size_id=15&alt_size_ids=9%2C10&p_pos=unknown&rp_floor=0.01&rp_secure=1&tk_flint=pbjs_lite_v1.13.0&x_source.tid=af37f18c-6721-415a-b994-1f99e30ae60e&p_screen_res=1600x1200&rf=https%3A%2F%2Fvuci.chaseged.com%2F&slots=1&rand=0.39444262172532474
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/library/prebid/prebid_20180601115812.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4e86f1125d12cb8c161a5809e9cc76537de16d7941e9d28163acf6464b85d881

Request headers

Referer: https://vuci.chaseged.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:45 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vuci.chaseged.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 303
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK go Show response
pub.admanmedia.com/ 907 B
1 KB 65ms
27ms Script
application/javascript 62.122.173.172
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.admanmedia.com/go?id=2926

Requested by

Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/js_recetasgratis_197.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.122.173.172 , United States, ASN50245 (SERVEREL-AS, US),

Reverse DNS

62.122.173.172.serverel.net

Software

nginx /

Resource Hash

e3d0013baf474b508317bdc46100dc8a36caa786fbf7c20b434000e090118816

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 20:33:45 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
X-Frame-Options: DENY
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 907

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
453 B 42ms
7ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/js_recetasgratis_197.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:45 GMT
content-encoding: br
x-cdn: fastly
etag: "62d32c28f14783b94192cd8d35bc010d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600
content-length: 203

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 8ms
8ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.7075277726781661
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:45 GMT
content-encoding: br
x-cdn: fastly
etag: "3725764cf05d1a0938de73d398772331"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600
content-length: 18679

GET
H/1.1 200
OK hybs.js Show response
cdn-statics.admanmedia.com/ 12 KB
5 KB 327ms
26ms Script
application/x-javascript 104.103.88.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-statics.admanmedia.com/hybs.js
Requested by: Host: pub.admanmedia.com
URL: https://pub.admanmedia.com/go?id=2926
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.88.111 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-88-111.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b2b6fdf0a24b6491e8f84925db5f79d1acba38dd90ef65a4f4a82197e7f62f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 20:33:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 May 2023 13:34:42 GMT
Server: AkamaiNetStorage
ETag: "97ca7e8fccfc96968865b0b3653e983c:1685453682.928974"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5070

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 38ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vuci.chaseged.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
14 KB 684ms
683ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3045710323415869&correlator=2261054119421292&eid=31075027%2C31075345%2C31075354&output=ldjh&gdfp_req=1&vrg=202306130202&ptt=17&impl=fifs&iu_parts=27212193%2Cltm_desktop_roba_1%2Cltm_desktop_roba_2%2Cltm_desktop_promoted%2Cltm_desktop_sky_1%2Cltm_anchor_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=336x280%7C300x250%7C480x320%2C336x280%7C300x250%7C480x320%2C300x150%7C160x80%2C160x600%7C300x600%7C300x250%2C1x1&ifi=1&adks=879482149%2C3243673955%2C1808134664%2C3068892575%2C1792784411&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C0%2C1&prev_scp=amznbid%3D1%26amznp%3D1%7Camznbid%3D1%26amznp%3D1%7C%7Camznbid%3D1%26amznp%3D1%7C&eri=1&cust_params=ltm-id%3D7720%26zone%3Dpost%26project%3Drecetasgratis%26lang%3Dpt%26project-lang%3Drecetasgratis-pt%26amp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1686861225621&lmt=1686861225&dlt=1686861225155&idt=300&adxs=250%2C250%2C1035%2C1035%2C-9&adys=971%2C2463%2C1610%2C1610%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fvuci.chaseged.com%2F&frm=20&vis=1&psz=768x4347%7C768x4347%7C316x1482%7C316x1482%7C0x-1&msz=768x0%7C768x0%7C299x0%7C299x0%7C0x-1&fws=4%2C4%2C4%2C4%2C2&ohw=1100%2C1100%2C1100%2C1100%2C0&ga_vid=448583500.1686861225&ga_sid=1686861226&ga_hid=1874814361&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c70ff62a7673c284b1538d7adf16879d06f2eaf0a5d756a62957ec2dbcfeb35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14564
x-xss-protection: 0
google-lineitem-id: -1,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vuci.chaseged.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4c28f6d0256c1ac4c65f8ca25fecb54b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1395 6 KB
3 KB 105ms
42ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c28f6d0256c1ac4c65f8ca25fecb54b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vuci.chaseged.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 20:33:45 GMT
expires: Fri, 14 Jun 2024 20:33:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/ 37 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl_page_level_ads.js?cb=31075345

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbc3e94a0be3ee31fa0c8957dffb4c8069738800337cc5e32341f88c479a57ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 18:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7069
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13131
x-xss-protection: 0
server: cafe
etag: 8928756929466050092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 14 Jun 2024 18:35:56 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16453/ 38 KB
12 KB 60ms
15ms Script
text/javascript 108.138.36.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16453/sync.min.js
Requested by: Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9831437eae9246d48fd323a9528a181be30752cfc089f16504db0475f766b08e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 06:40:42 GMT
content-encoding: gzip
via: 1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:31:43 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 55066
x-amz-server-side-encryption: AES256
etag: W/"fff67ac6bc0ad18d7e58d3477fd24e23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: cwtkWyHo9_y1VmOU0j_UDs2bygnjGZRmeh9jFFAehwDEk--Q2jWsCg==

GET
H/1.1 200
OK hybs-adman-player2.min.js Show response
cdn-statics.admanmedia.com/ 117 KB
37 KB 28ms
28ms Script
application/x-javascript 104.103.88.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-statics.admanmedia.com/hybs-adman-player2.min.js
Requested by: Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.88.111 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-88-111.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6de91d9e6f6446e08ae431e7b9cfec29f5dfb1080d4d83859b02288b55c6d6b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 20:33:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Apr 2023 09:22:19 GMT
Server: AkamaiNetStorage
ETag: "7f3cbe898f4690ecf2f1471cb25ccdf1:1680686539.309898"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37270

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 17 KB
5 KB 59ms
8ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 19:47:23 GMT
content-encoding: gzip
age: 2782
x-guploader-uploadid: ADPycdv7I0W_qHOF_4T88Iv_Gupzk0Mfbgyg0-xPXeNrP2McSGii9HG2GSdpF8btsiNGjrs7ydconfN2Zyfk0QdPMV8M5K6vrAOe
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5009
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
server: UploadServer
etag: "47a886353056caf33a998c6041e20896"
vary: Accept-Encoding
x-goog-generation: 1685983010517890
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 5009
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 adex.js Show response
dmp.theadex.com/d/1609/6436/s/ 41 KB
14 KB 72ms
17ms Script
application/javascript 185.15.245.83
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.theadex.com/d/1609/6436/s/adex.js
Requested by: Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: cff90f70dba12ef23c1f00bb5647600735792742c32a7d1a62f05d3698170290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
content-encoding: gzip
last-modified: Tue, 06 Jun 2023 12:39:19 GMT
server: nginx
etag: W/"90fbecef9f67d3da8c847bfc4633c33a"
content-type: application/javascript
cache-control: max-age=300
access-control-allow-credentials: true
expires: Thu, 15 Jun 2023 20:38:46 GMT

GET
H/1.1 200
OK html Show response
sync.admanmedia.com/ Frame E872 4 KB
5 KB 272ms
89ms Document
text/html 8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Requested by: Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs-adman-player2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 91129bc2cef17a8282253de9e7b95d45e3ec0cece84f55fdfc0e9890bdb28d8b

Request headers

Referer: https://vuci.chaseged.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 4325
Content-Type: text/html
Date: Thu, 15 Jun 2023 20:33:46 GMT
Server: nginx

GET
H/1.1 204
No Content /
pub.admanmedia.com/ 0
271 B 16ms
15ms Image
text/plain 62.122.173.172
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pub.admanmedia.com/?c=v&m=preimp&placementId=2926&domain=vuci.chaseged.com&gdpr=0&gdpr_consent=&referer=https%3A%2F%2Fvuci.chaseged.com%2F

Requested by

Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.122.173.172 , United States, ASN50245 (SERVEREL-AS, US),

Reverse DNS

62.122.173.172.serverel.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Jun 2023 20:33:45 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
336 B 103ms
30ms XHR
application/json 54.155.201.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16453/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.201.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-201-15.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 48327a76fd480a0b47f383f1fd21bb57cc00369afefa545029035ea96f232673

Request headers

Referer: https://vuci.chaseged.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vuci.chaseged.com
cache-control: no-cache
x-server: 10.45.24.92
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 tag Show response
feed.pghub.io/ Frame D8EE 13 B
249 B 93ms
23ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fvuci.chaseged.com%2F&owner=P%26G&bp_id=adman&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vuci.chaseged.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Thu, 15 Jun 2023 20:33:46 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2

200

trace.js Show response
dmp.theadex.com/
Redirect Chain

https://dmp.theadex.com/trace.js?adex_consent=1
https://dmp.theadex.com/trace.js?adex_consent=1&axd_sc=4331002421003060253

305 B
335 B

15ms
15ms

Script
application/javascript

185.15.245.83
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.theadex.com/trace.js?adex_consent=1&axd_sc=4331002421003060253
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Server: 185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: d62b327667628f6cb1d34b398af82a349effaa6e14e12158318e019aadf756ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 305
content-type: application/javascript

Redirect headers

location: ?adex_consent=1&axd_sc=4331002421003060253
pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H/1.1 200
OK / Show response
pub.admanmedia.com/ 2 KB
2 KB 18ms
18ms Fetch
application/json 62.122.173.172
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.admanmedia.com/?c=v&m=tag&placementId=2926&videoType=&wPlayer=600&hPlayer=338&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/114.0.5735.133%20Safari/537.36&domain=vuci.chaseged.com&page=https%3A%2F%2Fvuci.chaseged.com%2F&secure=1&language=en-US&gdpr=0&gdpr_consent=&waterfall=true

Requested by

Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs-adman-player2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.122.173.172 , United States, ASN50245 (SERVEREL-AS, US),

Reverse DNS

62.122.173.172.serverel.net

Software

nginx /

Resource Hash

817fab49b6d29ad0469c2920363ebd1875a5ef7eee229ae0333c094130d0e487

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 20:33:46 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://vuci.chaseged.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2018

GET
H2 200 NA4CBBAUGCgqNHbCAcwBhAKwBN4E Show response
api.theadex.com/collector/v1/d/1609/6436/cmframe/ Frame AB56 3 KB
3 KB 81ms
15ms Document
text/html 185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Requested by: Host: dmp.theadex.com
URL: https://dmp.theadex.com/d/1609/6436/s/adex.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: bbc62f8fd2c1dacdf204c16afa5a446a45c37fd761587a0b8bd32c4059aeac06

Request headers

Referer: https://vuci.chaseged.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-length: 2732
content-type: text/html; charset=utf-8
date: Thu, 15 Jun 2023 20:33:46 GMT
expires: 0
pragma: no-cache

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 82ms
45ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs-adman-player2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Thu, 15 Jun 2023 20:33:46 GMT

GET
H2

202

2.gif
api.theadex.com/collector/v1/d/1609/6436/i/ Frame AB56
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D1%26axd_fuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fapi.theadex.com%252Fcollector%252Fv1%252Fd%252F1609%252F6436%252Fi%252F2.gif%253Fc%253D4331002421003060253%2526axd_pid%253D1%2526axd_fuid...
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=1&axd_fuid=4442903917983723270

0
85 B

14ms
14ms

Image
text/plain

185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=1&axd_fuid=4442903917983723270
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Protocol: H2
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

Date: Thu, 15 Jun 2023 20:33:46 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.244; 37.58.58.244; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ee7ee00e-8c88-4eb1-bf67-e18a42b28e05
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=1&axd_fuid=4442903917983723270
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

202

2.gif
dmp.theadex.com/d/1609/i/ Frame AB56
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1010&adx_id=1609
https://c1.adform.net/serving/cookie/match/?CC=1&party=1010&adx_id=1609
https://dmp.theadex.com/d/1609/i/2.gif?axd_pid=2&axd_fuid=6004779720798193230

0
139 B

16ms
15ms

Image
text/plain

185.15.245.83
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/1609/i/2.gif?axd_pid=2&axd_fuid=6004779720798193230
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Protocol: H2
Server: 185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dmp.theadex.com/d/1609/i/2.gif?axd_pid=2&axd_fuid=6004779720798193230
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

202

cm.gif
dmp.theadex.com/d/ Frame AB56
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_sc&google_nid=theadex_dmp&google_cm&axd_cuid=1609&c=4331002421003060253
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=theadex_dmp&google_cm=&axd_cuid=1609&c=4331002421003060253&google_tc=
https://dmp.theadex.com/d/cm.gif?axd_pid=8&axd_fuid=CAESELDtQKY2r-5KSdUzR8qgVSI&google_cver=1&axd_cuid=1609&c=4331002421003060253

0
83 B

16ms
15ms

Image
text/plain

185.15.245.83
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/cm.gif?axd_pid=8&axd_fuid=CAESELDtQKY2r-5KSdUzR8qgVSI&google_cver=1&axd_cuid=1609&c=4331002421003060253
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Protocol: H2
Server: 185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dmp.theadex.com/d/cm.gif?axd_pid=8&axd_fuid=CAESELDtQKY2r-5KSdUzR8qgVSI&google_cver=1&axd_cuid=1609&c=4331002421003060253
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/sync/ Frame AB56 43 B
418 B 89ms
39ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D10%26axd_fuid%3D%5BMM_UUID%5D
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x29 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 20:33:46 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x29 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 15 Jun 2023 20:33:45 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame AB56 70 B
266 B 120ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=theadex&ttd_puid=1609&ttd_tpi=1
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame AB56 0
214 B 316ms
79ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=34450&puid=4331002421003060253
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

202

2.gif
api.theadex.com/collector/v1/d/1609/6436/i/ Frame AB56
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D21%26axd_fuid%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D21%26axd_fuid%3D%23PM_USER_I...
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=21&axd_fuid=5BB60568-9372-4971-A6FB-12EA78815736

0
136 B

14ms
13ms

Image
text/plain

185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=21&axd_fuid=5BB60568-9372-4971-A6FB-12EA78815736
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Protocol: H2
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

location: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=21&axd_fuid=5BB60568-9372-4971-A6FB-12EA78815736
date: Thu, 15 Jun 2023 20:33:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

202

2.gif
api.theadex.com/collector/v1/d/1609/6436/i/ Frame AB56
Redirect Chain

https://ads.creative-serving.com/cm?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D26%26axd_fuid%3D%24%7BUUID%7D
https://ads.creative-serving.com/ul_cb/cm?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D26%26axd_fuid%3D%24%7BUUID%7D
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=26&axd_fuid=18da25d6-d36d-4258-ac6f-8af885b9c147

0
94 B

15ms
15ms

Image
text/plain

185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=26&axd_fuid=18da25d6-d36d-4258-ac6f-8af885b9c147
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Protocol: H2
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

Location: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=26&axd_fuid=18da25d6-d36d-4258-ac6f-8af885b9c147
Date: Thu, 15 Jun 2023 20:33:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

getuid
sync.smartadserver.com/ Frame AB56
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D59%26axd_fuid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=59&axd_fuid=[sas_uid]&cklb=1

0
44 B

21ms
20ms

Image
text/plain

185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=59&axd_fuid=[sas_uid]&cklb=1
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Protocol: H2
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=59&axd_fuid=[sas_uid]&cklb=1
pragma: no-cache
date: Thu, 15 Jun 2023 20:33:45 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

202

2.gif
api.theadex.com/collector/v1/d/1609/6436/i/ Frame AB56
Redirect Chain

https://dpm.demdex.net/ibs:dpid=110947&dpuuid=4331002421003060253&redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D97%26axd_f...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=110947&dpuuid=4331002421003060253&redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%...
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=97&axd_fuid=10320744860855373541616485431209150292

0
254 B

17ms
16ms

Image
text/plain

185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=97&axd_fuid=10320744860855373541616485431209150292
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Protocol: H2
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

DCS: dcs-prod-irl1-1-v049-0ffd92851.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: MAEfdmw/S/I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=97&axd_fuid=10320744860855373541616485431209150292
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK click
ps.eyeota.net/ Frame AB56 0
344 B 47ms
8ms Image
text/plain 18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/click?pid=6t2b2cv&t=gif&r=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D102%26axd_fuid%3D%7BUUID_6t2b2cv%7D
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 20:33:46 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58676/ Frame AB56
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADEX&axd_cuid=1609
https://ups.analytics.yahoo.com/ups/58676/cms?partner_id=ADEX&axd_cuid=1609

0
126 B

34ms
9ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58676/cms?partner_id=ADEX&axd_cuid=1609

Requested by

Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Thu, 15 Jun 2023 20:33:46 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0110.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
content-language: en
location: https://ups.analytics.yahoo.com/ups/58676/cms?partner_id=ADEX&axd_cuid=1609
content-type: text/html
cache-control: no-store
content-length: 357

GET
H/1.1 200 9.gif
id5-sync.com/s/159/ Frame AB56 43 B
1 KB 51ms
17ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/159/9.gif?callback=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D280%26axd_fuid%3D%7BID5UID%7D&puid=4331002421003060253

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 15 Jun 2023 20:33:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

202

2.gif
api.theadex.com/collector/v1/d/1609/6436/i/ Frame AB56
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/34ZMEAI0?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D303%26axd_fuid%3D%24%7BTM_U...
https://sync-tm.everesttech.net/ct/upi/pid/34ZMEAI0?redir=https%3A%2F%2Fapi.theadex.com%2Fcollector%2Fv1%2Fd%2F1609%2F6436%2Fi%2F2.gif%3Fc%3D4331002421003060253%26axd_pid%3D303%26axd_fuid%3D%24%7BT...
https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=303&axd_fuid=ZIt1qgASGJlHRwBa%20&_test=ZIt1qgASGJlHRwBa

0
209 B

14ms
14ms

Image
text/plain

185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=303&axd_fuid=ZIt1qgASGJlHRwBa%20&_test=ZIt1qgASGJlHRwBa
Requested by: Host: api.theadex.com
URL: https://api.theadex.com/collector/v1/d/1609/6436/cmframe/NA4CBBAUGCgqNHbCAcwBhAKwBN4E?c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Protocol: H2
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.theadex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

Redirect headers

x-served-by: cache-fra-eddf8230098-FRA
pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1686861226.497056,VS0,VE0
x-cache: HIT
location: https://api.theadex.com/collector/v1/d/1609/6436/i/2.gif?c=4331002421003060253&axd_pid=303&axd_fuid=ZIt1qgASGJlHRwBa &_test=ZIt1qgASGJlHRwBa
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 bridge3.578.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1CED 709 KB
226 KB 8ms
7ms Document
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vuci.chaseged.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231472
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 15:07:12 GMT
expires: Fri, 14 Jun 2024 15:07:12 GMT
last-modified: Wed, 07 Jun 2023 16:35:26 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 20:33:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 18ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vuci.chaseged.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H/1.1

200
OK

bidswitch.gif
sync.admanmedia.com/ Frame E872
Redirect Chain

https://x.bidswitch.net/sync?ssp=adman&user_id=77aee83e-3091-42ce-8526-69daad0bff74
https://x.bidswitch.net/ul_cb/sync?ssp=adman&user_id=77aee83e-3091-42ce-8526-69daad0bff74
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adman&bsw_param=0bbfa3dd-7a5f-4d59-8904-1bdee5add80a&google_hm=MGJiZmEzZGQtN2E1Zi00ZDU5LTg5MDQtMWJkZWU1YWRkODBh
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJDTBV0jpQrEnjxRWfAcsIs&google_cver=1&ssp=adman&bsw_param=0bbfa3dd-7a5f-4d59-8904-1bdee5add80a
https://sync.admanmedia.com/bidswitch.gif?puid=0bbfa3dd-7a5f-4d59-8904-1bdee5add80a&redir=[RED]

42 B
431 B

89ms
89ms

Image
image/gif

8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/bidswitch.gif?puid=0bbfa3dd-7a5f-4d59-8904-1bdee5add80a&redir=[RED]
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jun 2023 20:33:46 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

Redirect headers

location: //sync.admanmedia.com/bidswitch.gif?puid=0bbfa3dd-7a5f-4d59-8904-1bdee5add80a&redir=[RED]
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

appnexus.gif
sync.admanmedia.com/ Frame E872
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.admanmedia.com%2Fappnexus.gif%3Fpuid%3D%24UID
https://sync.admanmedia.com/appnexus.gif?puid=4442903917983723270

42 B
431 B

88ms
88ms

Image
image/gif

8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/appnexus.gif?puid=4442903917983723270
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jun 2023 20:33:46 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

Redirect headers

Date: Thu, 15 Jun 2023 20:33:46 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.244; 37.58.58.244; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 06f5fd3f-7cc0-494b-8f9c-14fe6e3cb1b1
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.admanmedia.com/appnexus.gif?puid=4442903917983723270
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame E872 43 B
443 B 60ms
21ms Image
image/gif 185.29.132.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=SelfService34&redir=https%3A%2F%2Fsync.admanmedia.com%2Fmm.gif%3Fpuid%3D%5BMM_UUID%5D
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x14 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 20:33:46 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x14 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Thu, 15 Jun 2023 20:33:45 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E872 70 B
265 B 36ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=digqd7p&ttd_tpi=1&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame E872
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8561&uid=BUYER_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8561&uid=BUYER_USER_ID&__user_check__=1&sync_id=ed5b3fb0-0bbb-11ee-9b6b-130dfa940206

43 B
549 B

19ms
18ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=8561&uid=BUYER_USER_ID&__user_check__=1&sync_id=ed5b3fb0-0bbb-11ee-9b6b-130dfa940206
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 20:33:46 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 133
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 15 Jun 2023 20:33:46 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=8561&uid=BUYER_USER_ID&__user_check__=1&sync_id=ed5b3fb0-0bbb-11ee-9b6b-130dfa940206
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 40
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

pub.gif
sync.admanmedia.com/ Frame E872
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=157362&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157362%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.admanmedia.com%252Fpub.gif%2...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUJCNjA1NjgtOTM3Mi00OTcxLUE2RkItMTJFQTc4ODE1NzM2&gdpr=-1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHrZgkFF7J-lY9bKbGoRzew&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=157362&pmc=1&pr=https%3A%2F%2Fsync.admanmedia.com%2Fpub.gif%3Fpuid%3D5BB60568-9372-4971-A6FB-12EA78815736
https://sync.admanmedia.com/pub.gif?puid=5BB60568-9372-4971-A6FB-12EA78815736

42 B
431 B

89ms
88ms

Image
image/gif

8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/pub.gif?puid=5BB60568-9372-4971-A6FB-12EA78815736
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jun 2023 20:33:46 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

Redirect headers

location: https://sync.admanmedia.com/pub.gif?puid=5BB60568-9372-4971-A6FB-12EA78815736
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tum
ums.acuityplatform.com/ Frame E872 0
27 B 57ms
15ms Image
text/plain 154.59.122.79
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ums.acuityplatform.com/tum?umid=134&uid=77aee83e-3091-42ce-8526-69daad0bff74&rurl=https%3A%2F%2Fsync.admanmedia.com%2Fac.gif%3Fpuid%3D___AUID___
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 154.59.122.79 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame E872
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onefortyproof&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=onefortyproof&endpoint=eu

0
0

44ms
7ms

Image
text/html

23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eus.rubiconproject.com/usync.html?p=onefortyproof&endpoint=eu
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

location: https://eus.rubiconproject.com/usync.html?p=onefortyproof&endpoint=eu
access-control-allow-origin: *
date: Thu, 15 Jun 2023 20:33:46 GMT
access-control-allow-credentials: true
server: AkamaiGHost
content-length: 0

GET
H2

200

/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame E872
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=sZn9xIbZzF&consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2F71da423e3fcc7c87e88ac913d505141d.gif%3Fpuid%3D[PDID]
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=%5BGDPR_CONSENT%5D&referrer=https%3A%2F%2Fsync.admanmedia.com%2F

95 B
242 B

13ms
13ms

Image
image/png

168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=%5BGDPR_CONSENT%5D&referrer=https%3A%2F%2Fsync.admanmedia.com%2F
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/png
date: Thu, 15 Jun 2023 20:33:45 GMT
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=%5BGDPR_CONSENT%5D&referrer=https%3A%2F%2Fsync.admanmedia.com%2F
date: Thu, 15 Jun 2023 20:33:45 GMT
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
content-type: text/html; charset=UTF-8

GET
H/1.1 400
Bad Request admanmedia
cs.admanmedia.com/sync/ Frame E872 20 B
20 B 306ms
98ms Image
text/plain 80.77.87.163
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.admanmedia.com/sync/admanmedia?puid=77aee83e-3091-42ce-8526-69daad0bff74&gdpr=0&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA]
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.77.87.163 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 20:33:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

GET
H2 451 711169.gif
idsync.rlcdn.com/ Frame E872 0
99 B 48ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/711169.gif?partner_uid=77aee83e-3091-42ce-8526-69daad0bff74&ct=4&cv=[GDPR_CONSENT]
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 um
sync.e-planning.net/ Frame E872 42 B
105 B 65ms
13ms Image
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=77aee83e-3091-42ce-8526-69daad0bff74&dc=9937b3fd6e9a979a&iss=1
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

server: openresty
date: Thu, 15 Jun 2023 20:33:46 GMT
content-type: image/gif

GET
H2 200 /
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame E872 95 B
242 B 14ms
14ms Image
image/png 168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=[PAGE]&consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2F5adaebfbb9dfe4ba75269cf62a4503e8.gif%3Fpuid%3D[PDID]
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/png
date: Thu, 15 Jun 2023 20:33:45 GMT
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame E872 0
44 B 64ms
21ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=29&redirectUri=https%3A%2F%2Fsync.admanmedia.com%2F6ee87f33c866f2a98fb8fdaca65874d4.gif%3Fpuid%3D[ssb_sync_pid]%26gdpr%3D0%26gdpr_consent%3D[GDPR_CONSENT]
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
content-length: 0

GET
H2 200 /
sync.richaudience.com/74889303289e27f327ad0c6de7be7264/ Frame E872 0
0 15ms
14ms Image
text/html 168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=[GDPR_CONSENT]&r=https%3A%2F%2Fsync.admanmedia.com%2Fmm.gif%3Fpuid%3D[PDID]
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16453/ Frame E872 38 KB
12 KB 15ms
15ms Script
text/javascript 108.138.36.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16453/sync.min.js
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9831437eae9246d48fd323a9528a181be30752cfc089f16504db0475f766b08e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 06:40:42 GMT
content-encoding: gzip
via: 1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:31:43 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 55067
x-amz-server-side-encryption: AES256
etag: W/"fff67ac6bc0ad18d7e58d3477fd24e23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: oNq9SBQB3BYMwABH8ienUTCHqEPciqlWTtGZj99Cpd6Po7k2kFuZjg==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305252018000/ Frame 8F76 222 KB
61 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:11:23 GMT
age: 84143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61795
x-xss-protection: 0
server: sffe
etag: "7347aa4c83612bf7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:11:23 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 8F76 15 KB
5 KB 50ms
25ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:11:23 GMT
age: 84143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5238
x-xss-protection: 0
server: sffe
etag: "6efdfbd3c81d03c9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:11:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 8F76 94 KB
28 KB 51ms
26ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:11:23 GMT
age: 84143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28864
x-xss-protection: 0
server: sffe
etag: "51fe97ef57b83921"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:11:23 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 8F76 5 KB
2 KB 54ms
29ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:11:23 GMT
age: 84143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1896
x-xss-protection: 0
server: sffe
etag: "9635e780e0a5dede"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:11:23 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 8F76 40 KB
13 KB 54ms
30ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:11:23 GMT
age: 84143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "bd37dd4c3b7b688b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:11:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8F76 14 KB
2 KB 51ms
23ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Jun 2023 20:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 19:47:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Jun 2023 20:33:46 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8F76 2 KB
3 KB 34ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 78573
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 15 Jun 2023 22:44:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8F76 295 B
400 B 35ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 10:36:44 GMT
x-content-type-options: nosniff
server: cafe
age: 35822
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 16 Jun 2023 10:36:44 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8F76 0
0 55ms
55ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBIPvqXWLZNDVKLWj9u8PkrOlyA-jxOGecJSv14qMEYWxstCQDhABIOH1uCtglaKSgqAHoAHv5--aA8gBCakCno3FUUNYsj7gAgCoAwHIAwqqBIoCT9A0y2xKNyR_Qz0fDGkRkxfRALtXmlajzTf1MXy2SWIFMxmeKOrL5SSDFIViwSeQRBOmKQwgLECGXrXMsZ_n4BUy3RD9BQarx3KGSIHn-2bDsoVRqsZx4HudaQGbCOsQDJrxv0JH_YlOvQ2DtFGiWZnosSnjfVu713klus-1b2YXUKF6mzaDKAE4O5Mseq_SlR_z-BKD33a90xJa-a2pQYnuykoPjfNaBwwkGWLHhVJwzxCKfYiQPnvD6hs6jIXJGYkzlX0GdA1z1yds2Iv9T6zp76_r1om9Gl8Icl8c3brEne4yFQMtwnPqVDfDujDd4mSvhxMYZgCIwVa-jtKrYUKMepAYB4CcDQLABI2T3Z2MBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAegkfsQqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqIw90ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi0wMjE5ODU3NDY4Mjg3MTI1GKmdFA&sigh=2_ZAE19RBPk&uach_m=[UACH]&cid=CAQSTABygQiDZAqvxZnRROvxCscfE8nDRiFFVENiitOpniD_ic1jyer4jEthSA6ixClY1H2jYZsbUvuPNN9gA9yBS153QnsWfyo0Xgu4D8wYAQ&template_id=5000
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16956497312385313476/ Frame 8F76 36 KB
36 KB 20ms
10ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16956497312385313476/14763004658117789537?w=600&h=314

Requested by

Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76e3ab8325f9f1b3df07bcab5fda1c79144e093235c2f0dea0555320697e043c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:22:33 GMT
x-content-type-options: nosniff
age: 97873
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36701
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 17:25:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 13 Jun 2024 17:22:33 GMT

GET
DATA 200
OK truncated
/ Frame 8F76 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8F76 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8F76 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bf86d54cb906d1863f5230013e70783bbfebb29994734475e0cb308783617f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame E872 60 B
336 B 30ms
30ms XHR
application/json 54.155.201.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16453/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.201.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-201-15.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ac3bfd48565e7f4c3c84b3da9a6a23579ca8eb2e9ad6d59952424c5a305b541f

Request headers

Referer: https://sync.admanmedia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://sync.admanmedia.com
cache-control: no-cache
x-server: 10.45.1.190
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8F76 33 KB
34 KB 35ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vuci.chaseged.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 16:34:22 GMT
x-content-type-options: nosniff
age: 14364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 16:34:22 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1CED 156 B
656 B 147ms
43ms XHR
text/xml 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F320365155%2C27212193%2Ff1549850d062a3fcPi&description_url=https%3A%2F%2Fvuci.chaseged.com%2F&tfcd=0&npa=0&sz=640x480%7C400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1932857441104522&vpa=auto&vpmute=1&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2781354830&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=128D6D41-A5A0-411A-8B0D-F9BEA3B67A35&nel=0&eid=44752052%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&url=https%3A%2F%2Fvuci.chaseged.com%2F&dlt=1686861225155&idt=1224&dt=1686861226464&cookie=ID%3D8bb816f9835851d7%3AT%3D1686861225%3ART%3D1686861225%3AS%3DALNI_Maje6K9D7ZuHA0i7nGvFGTd-sQ6Yw&gpic=UID%3D00000c2fb4f6f7e4%3AT%3D1686861225%3ART%3D1686861225%3AS%3DALNI_MaGP3y-leUZfA9nnEUxaM1YK8IJ0Q&scor=3674312806408604&ged=ve4_td1_tt0_pd1_la1000_er5703.-4000.5862.-3700_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 52e278fed520834f1be1698d48654a33.gif Show response
sync.admanmedia.com/ Frame E872 42 B
431 B 135ms
89ms XHR
image/gif 8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.admanmedia.com/52e278fed520834f1be1698d48654a33.gif?puid=null
Requested by: Host: sync.admanmedia.com
URL: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.admanmedia.com/html?gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jun 2023 20:33:46 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8F76 2 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 78573
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 15 Jun 2023 22:44:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8F76 295 B
354 B 11ms
11ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 10:36:44 GMT
x-content-type-options: nosniff
server: cafe
age: 35822
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 16 Jun 2023 10:36:44 GMT

GET
H2 202 1.gif
dmp.theadex.com/d/1609/6436/i/ 0
16 B 15ms
15ms Image
text/plain 185.15.245.83
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/1609/6436/i/1.gif?c=4331002421003060253&t=1&location=https%3A%2F%2Fvuci.chaseged.com%2F&protocol=https%3A%2F%2F&date=1686861226&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client&sw=1600&sh=1200&sd=24&pd=24&saw=1600&sah=1200&vw=1600&vh=1200&pmd=Veja%20como%20fazer%20cebola%20caramelizada%20em%20APENAS%2015%20MINUTOS%20para%20conferir%20aquela%20turbinada%20gourmet%20no%20seu%20hamb%C3%BArguer%20caseiro!%20RECEITA%20PASSO%20A%20PASSO%20EM%20FOTOS%20e%20com%20apenas%204%20ingredientes%2C%20experimente%20hoje!&pmt=Cebola%20caramelizada%20para%20hamb%C3%BArguer%20-%20R%C3%81PIDA%20E%20PR%C3%81TICA!&r=96cf87026d25f5e4fcb26d36433933b1&c=4331002421003060253&adex_consent=1&adex_consent_origin=https%3A%2F%2Fvuci.chaseged.com%2F&adex_consent_hash=_FAwJw
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:46 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2 200 /
log.pinterest.com/ 0
339 B 65ms
40ms Image
text/plain 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=w4u0T_vLVLJg&tv=2021110201&event=init&sub=www&button_count=2&follow_count=0&pin_count=0&button_hover=1&custom_local=1&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.tudoreceitas.com%2Freceita-de-cebola-caramelizada-para-hamburguer-7720.html&viaSrc=canonical
Requested by: Host: vuci.chaseged.com
URL: https://vuci.chaseged.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 15 Jun 2023 20:33:46 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 8
x-pinterest-rid: 1124888077601558
content-length: 0
x-served-by: cache-fra-eddf8230093-FRA
pragma: no-cache
server: envoy
x-timer: S1686861227.593692,VS0,VE33
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST csi
csi.gstatic.com/ Frame 1CED 0
0

GET
H3 200 bridge3.578.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 197D 709 KB
226 KB 7ms
7ms Document
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vuci.chaseged.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231472
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 15:07:12 GMT
expires: Fri, 14 Jun 2024 15:07:12 GMT
last-modified: Wed, 07 Jun 2023 16:35:26 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vuci.chaseged.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 / Show response
s.richaudience.com/vid//1686861226050/ Frame 197D 159 B
375 B 95ms
45ms XHR
text/xml 157.90.0.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/vid//1686861226050/?mref=https%3A%2F%2Fvuci.chaseged.com%2F&consentString=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.13.0.90.157.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: f9cae14cd15e869a2143999d931c4a248b86c86525dfbd84c5901360c9181175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:46 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true

GET
H/1.1 200
OK / Show response
pub.admanmedia.com/ 629 B
969 B 23ms
23ms Fetch
application/json 62.122.173.172
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.admanmedia.com/?c=b&m=api&placementId=6817&domain=vuci.chaseged.com&page=https%3A%2F%2Fvuci.chaseged.com%2F&secure=1&language=en&gdpr_consent=&gdpr=0&waterfall=true

Requested by

Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs-adman-player2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.122.173.172 , United States, ASN50245 (SERVEREL-AS, US),

Reverse DNS

62.122.173.172.serverel.net

Software

nginx /

Resource Hash

6ad07c20e1d4c19c3c121b7dbe89f08fad6a4fe4161cbfc28c93dcecb030395a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 20:33:46 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://vuci.chaseged.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 629

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 135ms
57ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306130202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afc824cc0377d39aa9df17b98db2ed60d36a3cb80bf0c1607ae90f5c6fa7e1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11167
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B265 78 KB
26 KB 152ms
152ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn-statics.admanmedia.com
URL: https://cdn-statics.admanmedia.com/hybs-adman-player2.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77ed4702e509a21276f61394c5e7b05026cc20ea726c31d4e38bc6bb942ee6b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26086
x-xss-protection: 0
server: cafe
etag: 452 / 19523 / 31075289 / config-hash: 17861249934247272613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 20:33:47 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 20:33:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BE47 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vuci.chaseged.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 43100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 08:35:27 GMT
expires: Fri, 14 Jun 2024 08:35:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 92BC 783 B
1 KB 47ms
23ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

490d41b49e14d191fb8b43253c07efb16446ac4104fb30bc0e03779f201b2921

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nGjzxHtfbTO8qpVbRkzwVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vuci.chaseged.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-nGjzxHtfbTO8qpVbRkzwVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 20:33:47 GMT
expires: Thu, 15 Jun 2023 20:33:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame BE47 37 KB
14 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 08:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 08:34:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 92BC 0
0 42ms
42ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306130202&jk=3045710323415869&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/ Frame B265 407 KB
125 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075289

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9949ec515d627da556e6c4d4c909127a533a5622028fc81e9eeb9f00870e560f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 16:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16213
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128446
x-xss-protection: 0
server: cafe
etag: 17347100504976350628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 14 Jun 2024 16:03:34 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame B265 39 B
67 B 41ms
41ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vuci.chaseged.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d46cd2a18a1b66b2d81dc62ae4835e4e03ac58f02ae4dc58a9a72a944661b20c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 15 Jun 2023 20:33:47 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BE47 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?B9OGQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B265 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vuci.chaseged.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B265 471 B
245 B 45ms
45ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=901432340094395&correlator=1503032029165590&eid=31075289&output=ldjh&gdfp_req=1&vrg=202306120101&ptt=17&impl=fif&iu_parts=320365155%3A27212193%2Cf1549850d062a3fcdisplay&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C300x600%7C480x230%7C320x480%7C250x250%7C300x250%7C336x280%7C600x338%7C600x336%7C400x600&ifi=1&adks=3172927086&sfv=1-0-40&sc=1&cookie=ID%3D8bb816f9835851d7%3AT%3D1686861225%3ART%3D1686861225%3AS%3DALNI_Maje6K9D7ZuHA0i7nGvFGTd-sQ6Yw&gpic=UID%3D00000c2fb4f6f7e4%3AT%3D1686861225%3ART%3D1686861225%3AS%3DALNI_MaGP3y-leUZfA9nnEUxaM1YK8IJ0Q&abxe=1&dt=1686861227266&lmt=1686861227&dlt=1686861227000&idt=239&adxs=484&adys=4949&biw=1600&bih=1200&isw=600&scr_x=0&scr_y=0&btvi=1&ucis=xyc68rrep5qi&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fvuci.chaseged.com%2F&ref=https%3A%2F%2Fvuci.chaseged.com%2F&top=https%3A%2F%2Fvuci.chaseged.com%2F&frm=23&vis=1&psz=300x0&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=448583500.1686861225&ga_sid=1686861227&ga_hid=1167388617&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

256af4e0275cea874f24ac431b23cb35726ab73fbb48afa376b698d1c6b85dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vuci.chaseged.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B265 14 KB
11 KB 56ms
56ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6db3681bea7c5f577c4478dfba4ddacf285d9ab1eae4c667d611c774451d8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11188
x-xss-protection: 0

GET
H2 200 container.html Show response
67e051e465a1abde867144d8c0bc989c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BD49 6 KB
3 KB 71ms
42ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://67e051e465a1abde867144d8c0bc989c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vuci.chaseged.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 20:33:47 GMT
expires: Fri, 14 Jun 2024 20:33:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B265 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 20:33:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 678F 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vuci.chaseged.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 43100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 08:35:27 GMT
expires: Fri, 14 Jun 2024 08:35:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F778 783 B
740 B 19ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b8ce775eee4224f5772990d6f958b8680659902ffabcef2ce6beac8040c358ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2sXbJq0PA5iSeeLc5Hv29Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vuci.chaseged.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-2sXbJq0PA5iSeeLc5Hv29Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 20:33:47 GMT
expires: Thu, 15 Jun 2023 20:33:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 678F 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 08:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 08:34:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F778 0
0 42ms
42ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306120101&jk=901432340094395&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 678F 0
10 B 9ms
8ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DvRxpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8F76 42 B
64 B 47ms
47ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkRB1kbyCIL5lpvFU9k_Dozmhq7lgsU8sbx65x_o7-ksF3HqVlLkJoVvXk2ZlgsRiXX4rKieZlsZM8REZRTWLL_PKVT1e2ngV866OTyr7nCrSMGZRScdaGbx9y_NIKMK_FDTUkQkc5xE7i&sai=AMfl-YTHSEUAVZEpLRK54skD7kNcor5UwxZ08n6tByCY6epUfZNtED862Daw33ureBiHK9iYDTQTg4Lb2_CJm4DoWWNrZGxv_NmrdAMIvn4MIJW5cel-ihBv1i0cuT_i_7_mLMVhc3vMPKGB7hAfxQ&sig=Cg0ArKJSzMjFLrVeePH3EAE&cid=CAQSTABygQiDZAqvxZnRROvxCscfE8nDRiFFVENiitOpniD_ic1jyer4jEthSA6ixClY1H2jYZsbUvuPNN9gA9yBS153QnsWfyo0Xgu4D8wYAQ&id=ampim&o=394,971&d=480,320&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=198&tls=1198&g=71.5624988079071&h=71.5624988079071&tt=1198&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306130202&jk=3045710323415869&bg=!DwylDFjNAAaGYqkwpmI7ADkAdvg8Wur4dHCm_6MvAfZGBPfH656ro0npcuI_AfpYL584f9UvdVdVjFB9jZ3CF5rUOA-6rjDtvv0CAAAAkVIAAAABaAEHmQLMvVOihTgVhjPfqHY6gQCGCXquPRzbfVUp4o_6OGpa4jb-kNxmqLg3sOLAByIjoCWNcrsNWoGlugO-ASH-pm_gqdLSX74fUlJeLflnEmPjUu98eETa3a0vyMhlpwm24JH0CP_fCK1fjSV_lyYX9zA5tDcc2VqmvKPUuRQTapSjvbzlmlkEJuAYhzUBCWj5QnsiPB18G2b9meL8Si8X9HjZ564BizZ35zHADI9VTz3DRiI1xGBw7EGTXLM4A0iXd8xFzMP6XFw02t9jVswRtljS7dnw7l4gyhU5ZVzUV2VHZ0qjJkTk5cyEQ7EssbmK0Kny0TFRuFzdfZsMRZWme0KtGvyW4Hi3fKGckaJ7F-G0bzhELSrboc9TKJiZxB-UrXauLM7S8epxQ8xJZ4tzpMQ5Px_nFEGvBzMdfYzgo0ROuf21Bjkr7s911gSv6-21piRf1Q40p7nwrEEFSZGUoDU1BxKxGlNG1kwtoiRHKCiEDn8fTZ6TMyvoo73gAqyAuWz3fLbMl1tjFFufNYiQ33URJHBMRRL8XxhajXGMY8PraBPnB2pQZi2G1pN72HttgZGyPKAgW30iygnMWPrxqop2YFg0e8rtEt6DAIgc-pf4cnNILrRI8r_9zC6iHoIg5wix2eVL81gZfJ_yos5nFZSwhYCo-PDUJdVvJ3Ysv3x4AMFXn7ZnG75KsqJJa26B73fse-jgv4UFw7FMRd1EIoNoMrZhKmKkzNIFmfFOn2V8n61RBf1pAeEzHJA3VKC0npNjVxArHhN8EksDmg37Qjobz3XFgd53ttjfCsgIGFyOa-MOTtDqi-iEBfWdqqLJEL5YcozHjxmf6GykPc7A8rlq8ZpRKeAd0LTre4xRu06Mz12VAucx903pvqq1yx5wPXGIYMjvofcqAm57rmxFHn3HF1BtVcItBdEbaS8X2B3BY8bUa3cZ5w-Lv9PF1Dc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B265 0
0 44ms
44ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306120101&jk=901432340094395&bg=!WlmlWQ3NAAaGYqkwpmI7ADkAdvg8Wn_9HxvW8sWNP3SLTWJMAr6wpb5yJv6u2dt1sQuZbiRWTkfk_DNvePmFZDRJ5XYFQGI3izwCAAAAdFIAAAACaAEHmQLxB44Rbmp_dICjItzKChXxszIcKy8tnvmCUG_Jeg5JLeGbuXbp_6jlbAoBn24hLGarCEQMhMcVccOonOYvWRaPwfVaR639ve0SOVexVPxn3jWF68Esa9NA9-fSo9sYxP8xhKH4Pnhpqf_1d168FpWyQn-5TNM6WzcNhIKpyY-Or3tURf4EZYsjCCAaxNyvJ71BlOqW4b2cfPABJOORm_Nt17kEfQ5UHcNuuh0fERndKNfliDAFLW9KuuKgZocWz68_Vvb8anvliO4CLd_Q_Rifi3nm1yhtIhiKiwz7el63n51vLtWk7LZ1ts2x15QQCu1Xuwak5HIWeLVcb04l7FjnaeTyMyMqelJki-BdHYSjGem_YcmM5rv2Zc0o7aw8ke9G3b-XoJG8RySj27Q-RAC_a8tWT7gVvrzoVvSJYye6W6sYdj4sgagOUjud7aUM7JvFxxadGcYUehj3_W154D4EUf4GQ8yqovj7fTejtup4j1snodFbvnP_nXaEOyQxE1Sn9TMz9Jd_6ypL1hj1xpS7WKzt9X6oZhqMVW91KRiPCVhVOJYqXGYkudwIti3CnT_WoMx1onN7GCpJXh9E0DM9fL0K-VpjqNLMZTB2w0tl96xXnSLbMHuKClKHoh4evj07Jo0LLwnrgJza9nZHlA4sWjhEX9tXZFdY8gdbkQhIkWciD_VdMrK42Sv2EKVLXChrNjtvR5_ssq-Dd67sDRCtVVZRKmNOgLfPkKO0Gv1INhnP30Bask5jVlhwXdtOZsKGey9o9r10Il4Kso3eLHtsz1f0f6pollx6du-rxJA4zX-Zz2ULUaalHHN_l0-ZCjpA_uZRs1vYyoe357z6XSeFo-VZxYizp3Kz370SP-7_IfokOxnL7rXAiav-aZmGsQYTrcj1ixunSS9Rtjf7xNRtc--YsUJS9uJaJ7I2KrR-S1tZHjYjmVdh3Kbi4d9NvzR9ZYTkM1MXkDRmZFLniEq567N9woS2EcguswTBMZ87UTca
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 57ms
27ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn.tudoreceitas.com
URL: https://cdn.tudoreceitas.com/js/library/prebid/prebid_20180601115812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-176eb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 16 Jun 2023 20:33:48 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EB4C 15 KB
6 KB 55ms
18ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vuci.chaseged.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://vuci.chaseged.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 20:33:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 251841
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.137.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 59ms
27ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.137.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-176eb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 16 Jun 2023 20:33:49 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame EB4C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=chaseged.com&sn=ChromeSyncframe&so=0&topUrl=vuci.chaseged.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=K41jhHw0UGNveTNwQjBSNis1VE42ck9FaGlrRk04bnNnbzlvZnY4QUhwbDV2Ly90RFRtTzQ2cUpmODdlUU9OamZUaUl2V2NJd0o3MUZDY0p1V2g1akJXaGlnUG5MaTBqOHF4ek1OSG1zaThuL2hTZTVZOUlsN0ZnMzBVel...

425 B
655 B

61ms
20ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=K41jhHw0UGNveTNwQjBSNis1VE42ck9FaGlrRk04bnNnbzlvZnY4QUhwbDV2Ly90RFRtTzQ2cUpmODdlUU9OamZUaUl2V2NJd0o3MUZDY0p1V2g1akJXaGlnUG5MaTBqOHF4ek1OSG1zaThuL2hTZTVZOUlsN0ZnMzBVelZRcFl5WlU4bjFWVUN6UWZac2VhWDkrSVhLTFlydEw0QWlRVnN0ZS9EOE1xYllqeTZqdHFiVXBXZ3RyaEFuZVpqRkZ5a3VSN2owRFAwejlaUjZBSFdodXpJZDNXTWpIU2pjTmtLUE1pNnBhMVpNbEt0K1YwcVZrSGo5UlBxWXYxclpoMFF1bnVzb0NNTjQ1b1FnMGdyZ0VOL3JhNUJYZz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

90049369e33696936cc8938b8aee0b157745541cea5477f31bb129d4681ad777

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1397115
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 20:33:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=K41jhHw0UGNveTNwQjBSNis1VE42ck9FaGlrRk04bnNnbzlvZnY4QUhwbDV2Ly90RFRtTzQ2cUpmODdlUU9OamZUaUl2V2NJd0o3MUZDY0p1V2g1akJXaGlnUG5MaTBqOHF4ek1OSG1zaThuL2hTZTVZOUlsN0ZnMzBVelZRcFl5WlU4bjFWVUN6UWZac2VhWDkrSVhLTFlydEw0QWlRVnN0ZS9EOE1xYllqeTZqdHFiVXBXZ3RyaEFuZVpqRkZ5a3VSN2owRFAwejlaUjZBSFdodXpJZDNXTWpIU2pjTmtLUE1pNnBhMVpNbEt0K1YwcVZrSGo5UlBxWXYxclpoMFF1bnVzb0NNTjQ1b1FnMGdyZ0VOL3JhNUJYZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 238587
content-length: 0
expires: 0

GET
H2 200 json Show response
trc.taboola.com/unknown-site-on-linktomedia-ww-network/trc/3/ 31 B
371 B 42ms
26ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/unknown-site-on-linktomedia-ww-network/trc/3/json?tim=20%3A33%3A50.522&lti=deflated&data=%7B%22id%22%3A389%2C%22ii%22%3A%22%2Freceita-de-cebola-caramelizada-para-hamburguer-7720.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1686824539385%2C%22vi%22%3A1686861230520%2C%22cv%22%3A%2220230615-13-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.tudoreceitas.com%2Freceita-de-cebola-caramelizada-para-hamburguer-7720.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fvuci.chaseged.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5719%2C%22nsid%22%3A%22linktomedia-ww-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dlinktomedia-ww-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A4940.890625%2C%22mw%22%3A768%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Freceita-de-cebola-caramelizada-para-hamburguer-7720.html%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dlinktomedia-ww-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230615-13-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer: https://vuci.chaseged.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 19
date: Thu, 15 Jun 2023 20:33:50 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7810
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230118-FRA
server: nginx
x-timer: S1686861231.536470,VS0,VE19
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://vuci.chaseged.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/unknown-site-on-linktomedia-ww-network/log/2/ 0
90 B 98ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/unknown-site-on-linktomedia-ww-network/log/2/debug?tim=20%3A33%3A50.566&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&llvl=2&id=1856&cv=20230615-13-RELEASE&lt=deflated&uuid=9b5883ce197a10132672ad907d255758ca2c76e065c4d2d673a20e4c3c84457e&dcc=1&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13163

GET
H2 204 debug
trc-events.taboola.com/unknown-site-on-linktomedia-ww-network/log/2/ 0
89 B 98ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/unknown-site-on-linktomedia-ww-network/log/2/debug?tim=20%3A33%3A50.567&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=3956&cv=20230615-13-RELEASE&lt=deflated&uuid=9b5883ce197a10132672ad907d255758ca2c76e065c4d2d673a20e4c3c84457e&dcc=2&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13163

GET
H2 204 debug
trc-events.taboola.com/unknown-site-on-linktomedia-ww-network/log/2/ 0
89 B 98ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/unknown-site-on-linktomedia-ww-network/log/2/debug?tim=20%3A33%3A50.568&type=warn&msg=Invalid%20ajax%20response%20from%20server&llvl=2&id=6279&cv=20230615-13-RELEASE&lt=deflated&uuid=9b5883ce197a10132672ad907d255758ca2c76e065c4d2d673a20e4c3c84457e&dcc=3&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vuci.chaseged.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 20:33:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13163

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lixlmcev&c=222881327378&slotId=111440663689&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lixlmcn0&c=222881327378&slotId=111440663689&uet=2&ghmsh_eids=44752052%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275

Verdicts & Comments Add Verdict or Comment

272 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vuci.chaseged.com/	1970-01-20 13:18:59	Name: _subid Value: 3uvvd2g2mphit
vuci.chaseged.com/	1970-01-20 22:10:21	Name: 05709 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4MDM0MlwiOjE2ODY4NjEyMjV9LFwiY2FtcGFpZ25zXCI6e1wiODIyNTdcIjoxNjg2ODYxMjI1fSxcInRpbWVcIjoxNjg2ODYxMjI1fSJ9.RI7soKg-wEMc8fg-FL0a7W0WLaORRrdIH2AzbbeJR8Y
.chaseged.com/	1970-01-20 22:10:21	Name: _ga Value: GA1.2.448583500.1686861225
.chaseged.com/	1970-01-20 12:35:47	Name: _gid Value: GA1.2.968328672.1686861225
.chaseged.com/	1970-01-20 12:34:21	Name: _gat Value: 1
.rubiconproject.com/	1970-01-20 21:19:57	Name: khaos Value: LIXLMBUG-19-54JJ
.rubiconproject.com/	1970-01-20 21:19:57	Name: audit Value: 1\|naVuGyos1qqCOdPm2su3E7JGe4Ni1ThWK2euPP2lVg2+SmvwaNDOnrlPuWRM0+rinj4nmffvi+8bk8bBS8Ebh+CAnekPgJibb4eSwEAkCs/QD5U7tEfUTQ==
.chaseged.com/	1970-01-20 12:34:21	Name: lotame_domain_check Value: chaseged.com
vuci.chaseged.com/	1969-12-31 23:59:59	Name: TAPAD Value: %7B%22id%22%3A%223b1083ac-f2fb-46f3-b614-d67649380d45%22%7D
.theadex.com/	1970-01-20 14:43:57	Name: axd Value: 4331002421003060253
vuci.chaseged.com/	1970-01-20 14:43:57	Name: axd Value: 4331002421003060253
.adnxs.com/	1970-01-20 14:43:57	Name: uuid2 Value: 4442903917983723270
.admanmedia.com/	1970-01-20 21:19:57	Name: admtr Value: 77aee83e-3091-42ce-8526-69daad0bff74
.adform.net/	1970-01-20 13:17:33	Name: C Value: 1
.pubmatic.com/	1970-01-20 12:35:47	Name: KTPCACOOKIE Value: YES
.demdex.net/	1970-01-20 16:53:33	Name: demdex Value: 10320744860855373541616485431209150292
.pubmatic.com/	1970-01-20 21:19:57	Name: KADUSERCOOKIE Value: 5BB60568-9372-4971-A6FB-12EA78815736
.bidswitch.net/	1970-01-20 21:19:57	Name: tuuid Value: 0bbfa3dd-7a5f-4d59-8904-1bdee5add80a
.bidswitch.net/	1970-01-20 21:19:57	Name: c Value: 1686861226
.bidswitch.net/	1970-01-20 21:19:57	Name: tuuid_lu Value: 1686861226
.doubleclick.net/	1970-01-20 21:55:57	Name: IDE Value: AHWqTUnJa4xHAuervGsKC9-p0T8XwmmMwsqki_jOuWrJL32WQuFixRKEK-GCyoLjsQw
.adform.net/	1970-01-20 14:00:45	Name: uid Value: 6004779720798193230
.eyeota.net/	1970-01-20 12:34:21	Name: SERVERID Value: 16388~DM
.doubleclick.net/	1970-01-20 12:34:22	Name: test_cookie Value: CheckForPermission
.id5-sync.com/	1970-01-20 12:34:21	Name: cf Value:
.id5-sync.com/	1970-01-20 12:34:21	Name: cip Value:
.id5-sync.com/	1970-01-20 12:34:21	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:34:21	Name: car Value:
.id5-sync.com/	1970-01-20 12:34:21	Name: gdpr Value:
.id5-sync.com/	1970-01-20 12:34:21	Name: callback Value:
.chaseged.com/	1970-01-20 21:55:57	Name: __gads Value: ID=8bb816f9835851d7:T=1686861225:RT=1686861225:S=ALNI_Maje6K9D7ZuHA0i7nGvFGTd-sQ6Yw
.chaseged.com/	1970-01-20 21:55:57	Name: __gpi Value: UID=00000c2fb4f6f7e4:T=1686861225:RT=1686861225:S=ALNI_MaGP3y-leUZfA9nnEUxaM1YK8IJ0Q
.creative-serving.com/	1970-01-20 21:55:57	Name: tuuid Value: 18da25d6-d36d-4258-ac6f-8af885b9c147
.creative-serving.com/	1970-01-20 21:55:57	Name: c Value: 1686861226
.creative-serving.com/	1970-01-20 21:55:57	Name: tuuid_lu Value: 1686861226
.dpm.demdex.net/	1970-01-20 16:53:33	Name: dpm Value: 10320744860855373541616485431209150292
.yahoo.com/	1970-01-20 21:20:18	Name: A3 Value: d=AQABBKp1i2QCEI3XfHl12HUfXjIqkWfgiJ0FEv__AP8AAAAAAOANyiMAAAAAgA&S=AQAAAs1nIbfjmpOKhTPPy4hJSk8
.spotxchange.com/	1970-01-20 13:14:40	Name: audience Value: ed5b3f55-0bbb-11ee-9b6b-130dfa940206
.pubmatic.com/	1970-01-20 12:35:47	Name: pi Value: 157362:3
.everesttech.net/	1970-01-20 21:19:57	Name: everest_g_v2 Value: g_surferid~ZIt1qgASGJlHRwBa
.theadex.com/	1970-01-20 12:44:26	Name: tis_zQ7 Value: zQ7CAd43Kt43NN433gTeNwLeNwTeNxDeNw
vuci.chaseged.com/	1970-01-20 14:43:57	Name: tis Value:
.pubmatic.com/	1970-01-20 14:43:57	Name: SyncRTB3 Value: 1687996800%3A21_220
.pubmatic.com/	1970-01-20 14:43:57	Name: KRTBCOOKIE_80 Value: 16514-CAESEHrZgkFF7J-lY9bKbGoRzew&KRTB&22987-CAESEHrZgkFF7J-lY9bKbGoRzew&KRTB&23025-CAESEHrZgkFF7J-lY9bKbGoRzew&KRTB&23386-CAESEHrZgkFF7J-lY9bKbGoRzew
.pubmatic.com/	1970-01-20 13:17:33	Name: PugT Value: 1686861225
.pubmatic.com/	1970-01-20 14:43:57	Name: chkChromeAb67Sec Value: 3
.pubmatic.com/	1970-01-20 13:17:33	Name: SPugT Value: 1686861226
.criteo.com/	1970-01-20 21:55:57	Name: uid Value: 649e664c-e70e-490f-8806-49276ffb023c
.chaseged.com/	1970-01-20 21:55:57	Name: cto_bundle Value: ZDeRnl9iYzMxb3lCV0dweFE0RWZ0M3pDMnFnTmkyOXVVNiUyRlpZZFJYU2F4QzBMcmk1NFNVdkR5VmIzODF2Y3gwNDlPU2h0a1lrc29OJTJGd2ElMkJSZnBsYzhacGZXR3pLZmlsYXEyd3g5elVpUXd6b1I2S1RvUCUyRnZoU0xQM2lSMWRjTEhyd2N3QmdiYVF4Mkd2QURPQXZzUUdlclNudyUzRCUzRA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.tudoreceitas.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bidder.criteo.com/cdb?profileId=207&av=8&cb=10371117781 Message: Failed to load resource: the server responded with a status of 400 ()
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 468) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://idsync.rlcdn.com/711169.gif?partner_uid=77aee83e-3091-42ce-8526-69daad0bff74&ct=4&cv=[GDPR_CONSENT] Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 468) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://cs.admanmedia.com/sync/admanmedia?puid=77aee83e-3091-42ce-8526-69daad0bff74&gdpr=0&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA] Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c28f6d0256c1ac4c65f8ca25fecb54b.safeframe.googlesyndication.com
67e051e465a1abde867144d8c0bc989c.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ads.creative-serving.com
adservice.google.com
api.theadex.com
assets.pinterest.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn-statics.admanmedia.com
cdn.ampproject.org
cdn.taboola.com
cdn.tudoreceitas.com
cdn0.tudoreceitas.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cs.admanmedia.com
csi.gstatic.com
dmp.theadex.com
dpm.demdex.net
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
log.pinterest.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
pghub.io
pixel.mathtag.com
ps.eyeota.net
pub.admanmedia.com
pubads.g.doubleclick.net
s.richaudience.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.admanmedia.com
sync.e-planning.net
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ums.acuityplatform.com
ups.analytics.yahoo.com
vuci.chaseged.com
www.google-analytics.com
www.google.com
www.tudoreceitas.com
x.bidswitch.net
csi.gstatic.com
104.103.88.111
108.138.36.28
108.138.37.209
141.226.228.48
142.250.186.66
151.101.129.44
151.101.64.84
151.101.66.49
154.59.122.79
157.90.0.13
162.19.138.116
168.119.146.39
178.250.7.13
18.184.216.10
18.193.96.203
18.66.190.43
185.15.245.82
185.15.245.83
185.29.132.241
185.64.190.78
185.64.190.79
185.64.190.81
185.86.139.93
185.94.180.125
193.3.178.4
198.47.127.205
2.18.233.201
212.82.100.182
23.201.255.110
23.218.164.71
2602:803:c003:200::31
2606:4700:3033::6815:3028
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2001
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:400c:c07::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a02:6ea0:c700::18
2a02:6ea0:c700::19
2a04:4e42:8d::84
3.33.220.150
3.71.149.231
34.102.243.38
35.157.30.16
35.241.45.217
35.244.174.68
37.157.4.24
37.252.172.123
52.211.126.31
54.155.201.15
62.122.173.172
69.173.144.165
75.2.45.24
8.2.110.24
80.77.87.163
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fdbc83bc184320290713f3989d6d3cd9bca70d213d1c1e71ab3e9ee80a6a49
0ad08e5c993698edf36a2d8b404bae3fef17ee9b13fc7e79b990e6b2027c8600
10e3f4768cd810168f2e5250ce2f4d20c83c95b12fafd2e600a9f2b788962572
145c37fd8fb6d77c0396854cb9792d9341f88e3b473ca896359e140cb1a18a9f
146e36a7cba0b397c4e5029acddfa2a5f5de796e6e76b4d49edbb4740d9ad9bb
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
230384701c004a306ac4968f841dfb024d89f39bcaa45d9986dce72250039d89
256af4e0275cea874f24ac431b23cb35726ab73fbb48afa376b698d1c6b85dba
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
311b87f6e8fd9a2dd7f4eb9f3823ca795f0cb6a6c22915c3c2c2ee11c49ff4e1
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3afc824cc0377d39aa9df17b98db2ed60d36a3cb80bf0c1607ae90f5c6fa7e1a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48327a76fd480a0b47f383f1fd21bb57cc00369afefa545029035ea96f232673
4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1
490d41b49e14d191fb8b43253c07efb16446ac4104fb30bc0e03779f201b2921
4b9a02c0976f4ad0f5d5ca69e3acaa000fcb691ce2c7a527f6af7f2b646383e4
4c86ddf3cadc8d616fa2725a006fb6ccfb3542f6822162ad147add9377c0fb55
4e86f1125d12cb8c161a5809e9cc76537de16d7941e9d28163acf6464b85d881
50ac6d4e5d42ab696665f24d333e162f3cf8003129ed21c35c1755f0deffeb5b
52cd4f924b7fbfed6999e8bc53705503b618e01689ce67943ee32a4a3ce03506
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
5ce1d7a2f02c3b2ab50e549c12c75686d5fed9370844ade4692d6f5f5d5dd923
5f6db58f0af1d11050c4c4daa2549a5f403f6b2a1849b882933c408aec60a416
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d2f1bd44add3fdb170079ac23b7954eab7c2c746c3f1c6080e68443c2374a1
63dde52fb192becdfa07829ac622ce295a37671178c8fd2619d500cd88a09d2b
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6ad07c20e1d4c19c3c121b7dbe89f08fad6a4fe4161cbfc28c93dcecb030395a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de91d9e6f6446e08ae431e7b9cfec29f5dfb1080d4d83859b02288b55c6d6b1
731f13bd859ad5c054adba1d51262daaad1a35a47334b191748033504b298fb1
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74cf793b5e7269bac34d2a45335ddd8b303b3bb062747b92d58c4a9bc7a5fc81
76e3ab8325f9f1b3df07bcab5fda1c79144e093235c2f0dea0555320697e043c
77ed4702e509a21276f61394c5e7b05026cc20ea726c31d4e38bc6bb942ee6b5
7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e
7bf86d54cb906d1863f5230013e70783bbfebb29994734475e0cb308783617f0
7c82d4231209fd4f537e2a746bedbc8e4d99a55ec58db85ff163b09e45278ea0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fdeba60506c6123144a12e657cba747d10b4fa430855b7c9c84f4ca8a772e9f
817fab49b6d29ad0469c2920363ebd1875a5ef7eee229ae0333c094130d0e487
8794ee905830304cbb023123a61c3a5adbf4f986dd446ae63adaf187cc08d679
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90049369e33696936cc8938b8aee0b157745541cea5477f31bb129d4681ad777
91129bc2cef17a8282253de9e7b95d45e3ec0cece84f55fdfc0e9890bdb28d8b
9238bf145c9848c481b60d6b893b3c922d2bc0b8be22d919a346c2337e899352
9831437eae9246d48fd323a9528a181be30752cfc089f16504db0475f766b08e
9949ec515d627da556e6c4d4c909127a533a5622028fc81e9eeb9f00870e560f
9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d
9fdef7bfabc0402b4077868b170df9fe19b79a113664ee0d1eeaed21111341dc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2528ad8221d6ffe5d878618c1eb3f320cf7f29a1a5c674d35b7922efde4f5ae
a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55
a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac3bfd48565e7f4c3c84b3da9a6a23579ca8eb2e9ad6d59952424c5a305b541f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b229f80c69fe75c8c2dabd1f1ae899391861dce0ca1a3d0fb82131ea01c79367
b2b6fdf0a24b6491e8f84925db5f79d1acba38dd90ef65a4f4a82197e7f62f43
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b8ce775eee4224f5772990d6f958b8680659902ffabcef2ce6beac8040c358ea
bbc62f8fd2c1dacdf204c16afa5a446a45c37fd761587a0b8bd32c4059aeac06
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
bd1bcafea746ff251dbdecc20185cab632aa05f52dfbf4d02b8ece31e3f0322a
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c70ff62a7673c284b1538d7adf16879d06f2eaf0a5d756a62957ec2dbcfeb35c
caea454793e27230ce0f6803d5bae27a8d61f9e1366fb309d877051465c8a4ce
cff90f70dba12ef23c1f00bb5647600735792742c32a7d1a62f05d3698170290
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d4374b68fe4f91da69a7706e814ba41b4fb8cad184ebc75fc3a62f15a26439eb
d46cd2a18a1b66b2d81dc62ae4835e4e03ac58f02ae4dc58a9a72a944661b20c
d62b327667628f6cb1d34b398af82a349effaa6e14e12158318e019aadf756ae
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
e3365bf35d3ea9c66850acf54130215dfb9886d8e780cb7d5513292c0b99c781
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0013baf474b508317bdc46100dc8a36caa786fbf7c20b434000e090118816
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e74cc412cd042cdac7353d983b71351c92164853926cca0ed406589f2064b8a2
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e804ca6570a81a4de6eef0ecf5309778c175aae3f98fae41e12a106f8ff8d1ff
e81cdb67cc7c818f15735876afea422ffbf1770f1258e6562f0a609dc77dca69
eb38ff2098cc22926309ef17fe90f78ac2bd298cc4864aa42adc709a49874034
ee80b95c82c65a8f9e1fca76a4f7c4ea13167f4fe82bf0f8e05f8ab522e2db77
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f01f42ce67597ab827239dc5f14337836c3b96e2f6b6cb7e23dee4541733fde9
f6db3681bea7c5f577c4478dfba4ddacf285d9ab1eae4c667d611c774451d8c6
f9cae14cd15e869a2143999d931c4a248b86c86525dfbd84c5901360c9181175
fbc3e94a0be3ee31fa0c8957dffb4c8069738800337cc5e32341f88c479a57ba
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

vuci.chaseged.com Open in urlscan Pro 2606:4700:3033::6815:3028 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

153 Requests

88 %HTTPS

33 %IPv6

38 Domains

72 Subdomains

55 IPs

9 Countries

2132 kBTransfer

6207 kBSize

49 Cookies

69 Outgoing links

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vuci.chaseged.com Open in urlscan Pro
2606:4700:3033::6815:3028 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

88 %
HTTPS

33 %
IPv6

38
Domains

72
Subdomains

55
IPs

9
Countries

2132 kB
Transfer

6207 kB
Size

49
Cookies

153 HTTP transactions
3 data transactions