grandnoticias.com Open in urlscan Pro
2606:4700:3035::6815:5a33  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Page URL
2. https://grandnoticias.com/hokage/itachi.php Page URL
3. https://chama.grandnoticias.com/link.php Page URL
4. https://chama.grandnoticias.com/ Page URL
5. https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 159

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1

Request Chain 160

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzmczAgIHWxfUe5hI804gAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1

Request Chain 161

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1

Request Chain 162

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D

Request Chain 177

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1

Request Chain 178

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzmczAgIHWxfUe5hI804gAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1

Request Chain 179

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1

Request Chain 180

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D

Request Chain 181

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1

Request Chain 182

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzmczAgIHWxfUe5hI804gAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1

Request Chain 183

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1

Request Chain 184

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D

Request Chain 185

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1

Request Chain 186

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzmczAgIHWxfUe5hI804gAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1

Request Chain 187

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1

Request Chain 188

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D

Request Chain 189

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1

Request Chain 190

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzmczAgIHWxfUe5hI804gAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1

Request Chain 191

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1

Request Chain 192

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D

Request Chain 223

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEOZfkJU7HbS1pnfJl69avmg&google_cver=1&google_push=AYg5qPIWkwoKodr9OjBemuXRe9dsSqLRkoGKjhEWmgcg0mzVut0texoPomrcvBYXQxunUwuNHkspRXoyYw-RyMRcuwQDLqQJyfK2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIWkwoKodr9OjBemuXRe9dsSqLRkoGKjhEWmgcg0mzVut0texoPomrcvBYXQxunUwuNHkspRXoyYw-RyMRcuwQDLqQJyfK2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOZfkJU7HbS1pnfJl69avmg&google_cver=1&google_push=AYg5qPIWkwoKodr9OjBemuXRe9dsSqLRkoGKjhEWmgcg0mzVut0texoPomrcvBYXQxunUwuNHkspRXoyYw-RyMRcuwQDLqQJyfK2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIWkwoKodr9OjBemuXRe9dsSqLRkoGKjhEWmgcg0mzVut0texoPomrcvBYXQxunUwuNHkspRXoyYw-RyMRcuwQDLqQJyfK2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 224

• https://fksnk.com/cs/google?google_gid=CAESEJfXAAzqWb_GpwRfnrOK1hI&google_cver=1&google_push=AYg5qPIfLGWJYQM36hvfsmuGmIlfgTPbgbyJhzuVcFjyQa6PCyemRABTMVFr0cugE-CmzGIJU4TgHnJIDZdKf9YP_lsH3j9N7ABj HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NkJENjgwRjg1RDNDRjBDOQ==

Request Chain 225

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELoloN8v820tRWWe-mltR0M&google_cver=1&google_push=AYg5qPIbRftc2tDtjZDFacCyXwtAKToumDtKr7of8JpxraKC_L0D6R5LluXMknos9iyt6gTEIzkz3jjQnP9H4Z-KiJrTBCgfLGDS HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyOTI0NjUwMDAyODU0NTE2OQ%3D%3D&google_push=AYg5qPIbRftc2tDtjZDFacCyXwtAKToumDtKr7of8JpxraKC_L0D6R5LluXMknos9iyt6gTEIzkz3jjQnP9H4Z-KiJrTBCgfLGDS

Request Chain 226

• https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEMBRNmbtMnv349zz2EML2IY&google_cver=1&google_push=AYg5qPKBOImWoSxVbkuFzY5GM6duffZpe9KfWtyF1vLUT36l0A4iU3JArPh98_uOjidLthg12WQFnb_vsObCfplXZ7dq0-OhueaR HTTP 302
• https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEMBRNmbtMnv349zz2EML2IY&google_cver=1&google_push=AYg5qPKBOImWoSxVbkuFzY5GM6duffZpe9KfWtyF1vLUT36l0A4iU3JArPh98_uOjidLthg12WQFnb_vsObCfplXZ7dq0-OhueaR&checkcookies=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=W2PBa7hHa3ks7EI_iH2ryw&google_push=AYg5qPKBOImWoSxVbkuFzY5GM6duffZpe9KfWtyF1vLUT36l0A4iU3JArPh98_uOjidLthg12WQFnb_vsObCfplXZ7dq0-OhueaR

Request Chain 227

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJCscSAysi7vM5O7NRb6n0g&google_cver=1&google_push=AYg5qPIRAn3Fw_TFcUjsD9dv7BWy1NegtNFKJ1_E7RZmAhNiH7H_B2NRtcaicsn57e_J171gNg_fg2PbAVWShbtZCy0IOfKKWY0 HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJCscSAysi7vM5O7NRb6n0g&google_cver=1&google_push=AYg5qPIRAn3Fw_TFcUjsD9dv7BWy1NegtNFKJ1_E7RZmAhNiH7H_B2NRtcaicsn57e_J171gNg_fg2PbAVWShbtZCy0IOfKKWY0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc5Njk2Nzg1MjgxNjc3NDU0NA&google_push=AYg5qPIRAn3Fw_TFcUjsD9dv7BWy1NegtNFKJ1_E7RZmAhNiH7H_B2NRtcaicsn57e_J171gNg_fg2PbAVWShbtZCy0IOfKKWY0

Request Chain 229

• https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDV49W-9MaZRpUcgwNgct1g&google_cver=1&google_push=AYg5qPJAIS1DrKFb04Mze_9wPALoqwXi4M41jxnhop98G4twpRiFwJfVQiv30XNYTjo2Ta7S706L1Q6QI0uQQfIs5lnHx4s0BzLp9w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJAIS1DrKFb04Mze_9wPALoqwXi4M41jxnhop98G4twpRiFwJfVQiv30XNYTjo2Ta7S706L1Q6QI0uQQfIs5lnHx4s0BzLp9w&google_hm=NjY1MzY0NjUzOTY2Mzk1NjYwOQ==

Request Chain 233

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFK4VgeZzjpSbLv5NVD4_LA&google_cver=1&google_push=AYg5qPIb1NBZ70WB4UsLgLMxRcEkI10Ra01gYoYiJlpX04RnKRuN23yq6nBNEVJ-hRymRsvgCGuz6duNFOy4FMxBScy0syncfa1S HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFK4VgeZzjpSbLv5NVD4_LA&google_cver=1&google_push=AYg5qPIb1NBZ70WB4UsLgLMxRcEkI10Ra01gYoYiJlpX04RnKRuN23yq6nBNEVJ-hRymRsvgCGuz6duNFOy4FMxBScy0syncfa1S HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YXVNU1JtTWMxTUw2RjU1&google_gid=CAESEFK4VgeZzjpSbLv5NVD4_LA&google_cver=1&google_push=AYg5qPIb1NBZ70WB4UsLgLMxRcEkI10Ra01gYoYiJlpX04RnKRuN23yq6nBNEVJ-hRymRsvgCGuz6duNFOy4FMxBScy0syncfa1S

Request Chain 235

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOsFsxQrqy5L1lboxU2adic&google_cver=1&google_push=AYg5qPLMDwWvmcqXcJzmQn3cdyV4AxG3pq3UcPNhH5M4TvTQT46Dm0BDFYZWBCJXj0QJhCMToWy0u7r0EFSzu7kfQ53HwJ8GGXs5 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLMDwWvmcqXcJzmQn3cdyV4AxG3pq3UcPNhH5M4TvTQT46Dm0BDFYZWBCJXj0QJhCMToWy0u7r0EFSzu7kfQ53HwJ8GGXs5&google_hm=t4Ndjup8RCW966Cu4TX2BxQ

Request Chain 236

• https://rtb.openx.net/sync/dds?google_gid=CAESEL50vTHRug6CWjfLEon0qQk&google_cver=1&google_push=AYg5qPIAItBnWOX2CLz_KiV3WMdYJuQYpLnjE5bFZH6YzmJrJDJPQnM4B3GkwqPhBHtmAWuVJoOD2GpP2AOgbr5CsMqazpSFfbgr HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEL50vTHRug6CWjfLEon0qQk&google_cver=1&google_push=AYg5qPIAItBnWOX2CLz_KiV3WMdYJuQYpLnjE5bFZH6YzmJrJDJPQnM4B3GkwqPhBHtmAWuVJoOD2GpP2AOgbr5CsMqazpSFfbgr&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIAItBnWOX2CLz_KiV3WMdYJuQYpLnjE5bFZH6YzmJrJDJPQnM4B3GkwqPhBHtmAWuVJoOD2GpP2AOgbr5CsMqazpSFfbgr&google_hm=6kNnqTPJzz47bEFNgfWtwQ==

Request Chain 237

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_cver=1&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI

Request Chain 240

• https://um.simpli.fi/gp_match?google_gid=CAESEDotXsTpJ93kzW8EyMF7ZkY&google_cver=1&google_push=AYg5qPKTEhPa3ztAgIoCLC3zHLIKYSjCEFFJ4zXmyLhf3o8PliDGWUFkDhC5rB7ndfeXXkp-Ua9cXMGXb6EAcfq0YYkUZ1sXLgU HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=007DA06BC83445ADB92E92CB12A677BD&google_push=AYg5qPKTEhPa3ztAgIoCLC3zHLIKYSjCEFFJ4zXmyLhf3o8PliDGWUFkDhC5rB7ndfeXXkp-Ua9cXMGXb6EAcfq0YYkUZ1sXLgU

Request Chain 241

• https://fksnk.com/cs/google?google_gid=CAESEFesiuSiW8pGJxMBCNVeqIo&google_cver=1&google_push=AYg5qPK16ErKhzlQSeEl_zcmxsSOfGIY1KBwdPv4FNYjyqDFhfGjOFYZPUS9foUyX8N-f4HzsvEokV_GcZbPse2m5soz5k-6j9E HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjExQzE5N0JBNTAwQkM2Nw==

Request Chain 242

• https://px.adhigh.net/p/gm/rub?google_gid=CAESEBWUGVbRjwedfwPd3c3yb6k&google_cver=1&google_push=AYg5qPIz0GdOs2hteA66FsMBIQVdFTCSuJUMjQNdEGyL1TnWLjiKeBVJg51aEYiutYREgV1upzM06WYsLUTd8jVsUrldgyl-U64 HTTP 302
• https://px.adhigh.net/p/gm/rub?google_gid=CAESEBWUGVbRjwedfwPd3c3yb6k&google_cver=1&google_push=AYg5qPIz0GdOs2hteA66FsMBIQVdFTCSuJUMjQNdEGyL1TnWLjiKeBVJg51aEYiutYREgV1upzM06WYsLUTd8jVsUrldgyl-U64&bounced=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIz0GdOs2hteA66FsMBIQVdFTCSuJUMjQNdEGyL1TnWLjiKeBVJg51aEYiutYREgV1upzM06WYsLUTd8jVsUrldgyl-U64&google_hm=o1YTNjm4-tEAAikABlF9DmQ1TQ%3D%3D

Request Chain 244

• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKnTgHr21Npab8Uw15u1KYI&google_cver=1&google_push=AYg5qPKeieXwevzbDRGbYbu9AS2c_yZmN6sUfChV9NT-IKpIABTvaSaytrXicBzDvC7747UJR2F4YE7ymNVFsZIFlO5KnVfKp34 HTTP 307
• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKnTgHr21Npab8Uw15u1KYI&google_cver=1&google_push=AYg5qPKeieXwevzbDRGbYbu9AS2c_yZmN6sUfChV9NT-IKpIABTvaSaytrXicBzDvC7747UJR2F4YE7ymNVFsZIFlO5KnVfKp34&sovrn_retry=true HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKeieXwevzbDRGbYbu9AS2c_yZmN6sUfChV9NT-IKpIABTvaSaytrXicBzDvC7747UJR2F4YE7ymNVFsZIFlO5KnVfKp34&google_hm=61cb7bc1d8f884592d92048b

Request Chain 245

• https://match.360yield.com/match/ebda?google_gid=CAESEMz39ZFiSQkUIWkpykMi_3w&google_cver=1&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMz39ZFiSQkUIWkpykMi_3w&google_cver=1&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY

299 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	one.php Show response facebruek.online/	490 B 880 B	216ms 119ms	Document text/html	2606:4700:3035::6815:2453 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:2453 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 763a606fa8845f30a0d8d8d440708e2be4f1f251561ef47923c6d02785989369 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Thu, 11 Nov 2021 09:46:23 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-xss-protection 1; mode=block x-content-type-options nosniff cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BN1%2F8i6nvOFZx5FPK8nOmtz0L8Fu%2FwqN5J8AHsAb1bFZUhQGRQCTFoIDkBR75qph33hlt%2FC4Rq3NF%2BPuhwBxrG9U6TCKqxrPBUt%2BexDBxl%2FvRxTu%2BcbXjpWb76Ba9QAP8d0FfGEKqeUPkB8sfDN"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ac697d9cb95f93b-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H2	200	itachi.php Show response grandnoticias.com/hokage/	472 B 1 KB	334ms 275ms	Document text/html	2606:4700:3035::6815:5a33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://grandnoticias.com/hokage/itachi.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5a33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48ad05d3609bbf2310492d9e3017455b6d3656a731be3def95e2068a1bef0ab9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 Origin https://facebruek.online Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://facebruek.online/ Response headers date Thu, 11 Nov 2021 09:46:24 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache x-frame-options SAMEORIGIN x-xss-protection 1; mode=block x-content-type-options nosniff cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kArJFo2FnwOBJFl9J5NgtV9VU4MRai7LcobaRXPsahLpJS%2BHtO9%2FId37dNX1A8oeugNSJVd3wUIb601GUleLfvTUlw2pb07BAkCfgvdOIsUlimAtIXViUQ4Ml3C7BbRaytFyT4dQBy6EjjPoPCH%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ac697db0cb75a19-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H2	200	link.php chama.grandnoticias.com/	69 B 397 B	280ms 267ms	Document text/html	2606:4700:3035::6815:5a33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://chama.grandnoticias.com/link.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5a33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 Origin https://grandnoticias.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ Response headers date Thu, 11 Nov 2021 09:46:24 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache x-xss-protection 1; mode=block x-content-type-options nosniff cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJ48Nyt4GzIhB%2BCQMB3qcjDvhrTia%2BgiRuB398TFTVedn7yLTPhNUxobJYxqbqtPPl38aSa0QbAFpeY5TJbjpLY7hhNzOb21R0i4BmDou%2BsDY2Xcz2eGRzcj%2ByCMsxG76o8biiliRjiH2WWoKJYUrZWKHpZurg%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ac697dcf92c5a19-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ chama.grandnoticias.com/	134 B 403 B	151ms 150ms	Document text/html	2606:4700:3035::6815:5a33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://chama.grandnoticias.com/ Requested by Host: chama.grandnoticias.com URL: https://chama.grandnoticias.com/link.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5a33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://chama.grandnoticias.com/link.php Response headers date Thu, 11 Nov 2021 09:46:24 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache x-xss-protection 1; mode=block x-content-type-options nosniff cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tphYOdDc5kfHb2CH%2BKU0BfiDerBEU%2FxeUriZu5JEL4Ya1vYMwzVhf8k6EueAcTuQ8gVCqVGesNnkj3%2Fzb1AQ4mI0dfcKDM2Rtnz12WXKLmf2aV%2ByZ9PclPfz7tTzKkTSUCvYgRr2rlXnk0uENRxA%2FK%2FJqZy0ow%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ac697dedde35a19-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	Primary Request / Show response grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/	8 KB 3 KB	222ms 222ms	Document text/html	2606:4700:3035::6815:5a33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Requested by Host: chama.grandnoticias.com URL: https://chama.grandnoticias.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5a33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4586ca0eca281e31a249e7f13937842b92141c03c5700ea977b9986ea991b897 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://chama.grandnoticias.com/ Response headers date Thu, 11 Nov 2021 09:46:24 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-pingback https://grandnoticias.com/xmlrpc.php link <https://grandnoticias.com/wp-json/>; rel="https://api.w.org/" <https://grandnoticias.com/wp-json/wp/v2/posts/285>; rel="alternate"; type="application/json" <https://grandnoticias.com/?p=285>; rel=shortlink expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache x-frame-options SAMEORIGIN x-xss-protection 1; mode=block x-content-type-options nosniff cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeFTp0THq4kBhFvGKVaPxpRnXYE2Nqt%2FIYHNjjl4%2BQCUklcQw4GAUsS1ZQX0cMMBahoGzg4BwAXC9%2FL16x9csHvb9eBV3fXvqdsfg3ai0xGXf5Tx9cAwB1qTwG1bmFp99n62em82Rqioj%2FGq%2B84Plw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ac697dfd87c5a19-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	19 KB 1 KB	43ms 19ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,100,100italic,300,300italic,400italic,500,500italic,700italic,700,900,900italic Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bb0f63784f2277e0de02906b3363789eb045aeff0f60fcf2b70ecfa3898e3515 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Nov 2021 09:46:24 GMT server ESF date Thu, 11 Nov 2021 09:46:24 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Nov 2021 09:46:24 GMT
GET H2	200	up.js Show response live.demand.supply/	4 KB 3 KB	99ms 74ms	Script application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/up.js Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22abd29d534992e268a94f6c7235182a20a4dd560a899b1d1f21fc87ae65378f Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FKEFKNRDP6TTVF3BTXW31DEZ date Thu, 11 Nov 2021 09:46:24 GMT content-encoding br cf-cache-status HIT age 382 cf-polished origSize=3935 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 timing-allow-origin * cf-bgj minify server cloudflare etag W/"59de6717fa079a1bdca61971e7fc88e1-ssl-df" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=1200,must-revalidate,stale-while-revalidate=3600 cf-ray 6ac697e16ae46964-FRA link <https://live.demand.supply/impl.v13.8.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v13-8-0/Z3JhbmRub3RpY2lhcy5jb20v>; rel=preload; as=script
GET H2	200	akatsuki.js Show response grandnoticias.com/hokage/	68 KB 7 KB	25ms 24ms	Script application/javascript	2606:4700:3035::6815:5a33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://grandnoticias.com/hokage/akatsuki.js?ph Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5a33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f58779f4b75d17756a8cbee721424a1acf73675970810c4a35d1579e8915e55d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1128571 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 06 Apr 2021 06:04:28 GMT server cloudflare etag W/"606bf9ec-10e8a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fU1w8z1yCz6SThCavu75fcj8RZv8lmES%2Be47TzJxtSLFIEk%2BWQH9iXmFAF6HzNpOX%2Fr%2F39fWwaNcSHX6pMb6iMqU%2Fo2XOrcs%2BOMZV%2BdOiRX265Yx5t%2F9R8lxVlSSvV7ywBiEMuT13UNN59PIsY7FWw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript vary Accept-Encoding cache-control public, max-age=2592000 cf-ray 6ac697e18cd55a19-MXP expires Sun, 28 Nov 2021 08:16:53 GMT
GET H2	200	d.js Show response waust.at/	13 KB 7 KB	86ms 31ms	Script application/x-javascript	2606:4700:20::681a:507 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://waust.at/d.js Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:24 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 387 last-modified Mon, 03 May 2021 17:48:25 GMT server cloudflare etag W/"60903769-3444" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dW5C449hTazmXvfbXznHLzeBsKsStY4om%2B%2FDF%2BU%2FpiSteuA0EMFs16VVRnobti%2BQoC1DZd3QULhyPEOYsY0JoHhMAbXsA7DviqD3vlaLOOBsM%2BQ8BG8Af8wcFSpRxPToSKl%2BKC5F"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * cache-control max-age=86400 cf-ray 6ac697e1ee8059cb-MXP expires Fri, 12 Nov 2021 09:39:57 GMT
GET H2	200	s02hd.php Show response animesonehd.xyz/ Frame B2F7	2 KB 2 KB	321ms 65ms	Document text/html	2606:4700:3036::ac43:ad4b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4 Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3036::ac43:ad4b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.32 Resource Hash 9d71c1bde4180d8e884c9391dfe3e8bc4dba443d6fb433f2a6f075b39df44713 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.3.32 vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhHSORA6ZCip41DuIyGyAdN3PitbXc%2BqiQcHGHIAdEtAgl5KM9jb93P1XlalcHcFxJ6AMYprYeHMUSBkj8nViD0WWF1iSl9L0%2FDANETM2OVzwo%2FkmOV%2Bwue3K9TzQJSIFqmjDIF2hkyEQmUvlZo%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ac697e339cf0f82-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	20 KB 20 KB	35ms 8ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,100,100italic,300,300italic,400italic,500,500italic,700italic,700,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://grandnoticias.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:11:57 GMT x-content-type-options nosniff age 218067 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20040 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:44 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 08 Nov 2022 21:11:57 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	19 KB 19 KB	29ms 13ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,100,100italic,300,300italic,400italic,500,500italic,700italic,700,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://grandnoticias.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 12:00:45 GMT x-content-type-options nosniff age 337539 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19536 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:19:41 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Mon, 07 Nov 2022 12:00:45 GMT
GET H2	200	ad_status.js Show response m.notfollow.online/	6 KB 2 KB	236ms 27ms	Script application/javascript	2606:4700:3030::ac43:b806 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://m.notfollow.online/ad_status.js?domain=grandnoticias.com Requested by Host: grandnoticias.com URL: https://grandnoticias.com/hokage/akatsuki.js?ph Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b806 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 568b503c6faed9e8d25a952033edbfe9152770d5fbe4bfa19ec7499913e5c0ba Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 135680 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Mon, 21 Sep 2020 19:49:10 GMT server cloudflare etag W/"5f6903b6-16e2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgSyzcPppm9e1VQjOZxYCqorrgtynzXi23mU8xPhEBJ5HxjcmWtfIZTiWKq7ifqGVe6pnUBlhsst2e%2FHbWO2WRNNulVxy7oLR1f3Kr35mQnzERlcD7iEipZtPEvFJoISJTnK4Xmj6Kvhly8jrff4xFA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript vary Accept-Encoding cache-control public, max-age=2592000 cf-ray 6ac697e33897374c-MXP expires Thu, 09 Dec 2021 20:05:05 GMT
GET H2	200	impl.v13.8.0.js Show response live.demand.supply/	78 KB 25 KB	21ms 20ms	Script application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/impl.v13.8.0.js Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13818497143a898c87482ecd2f2f5cbd343552aa4baca97a03b0a92d996d0cb4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FHZE4MCSPQHV14KEHN1C00C4 date Thu, 11 Nov 2021 09:46:24 GMT content-encoding br cf-cache-status HIT age 2407629 cf-polished origSize=79681 cf-ray 6ac697e20c566964-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 cf-bgj minify server cloudflare etag W/"706e2a2e66f16a13e3d3d34ac54e03c4-ssl-df" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 timing-allow-origin *
GET H2	200	Z3JhbmRub3RpY2lhcy5jb20v Show response live.demand.supply/p4/v13-8-0/	2 KB 882 B	120ms 120ms	Script text/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/p4/v13-8-0/Z3JhbmRub3RpY2lhcy5jb20v Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5fd96200c09c75277623a7ae9627499b4aa0745acefe7400493730e0dd9c3dc Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-encoding br server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 6ac697e20c576964-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
HEAD H2	200	e.js Show response live.demand.supply/e/	0 426 B	39ms 22ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?e=ll&d=100&cs=c&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:25 GMT cf-cache-status HIT age 1520119 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697e22efb68f7-FRA
GET H2	200	impl.v14.0.0.js Show response live.demand.supply/	78 KB 25 KB	30ms 30ms	Script application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/impl.v14.0.0.js Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FKEFKNZGD9ZVC0KK5CB35266 date Thu, 11 Nov 2021 09:46:24 GMT content-encoding br cf-cache-status HIT age 829050 cf-polished origSize=79681 cf-ray 6ac697e21c7d6964-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 cf-bgj minify server cloudflare etag W/"ce85a984a9876904f1c4ef475c2ab350-ssl-df" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 timing-allow-origin *
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 51 KB	203ms 28ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e659887f2b00fabac8b3e5042d5964cb357039b6a6445b6e5fff1bae50d8e4d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51321 x-xss-protection 0 server cafe etag 12038326489057226546 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 11 Nov 2021 09:46:25 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	79 KB 27 KB	200ms 25ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash c009cd2ea8c6d8c45b4a47a228cecf2805884880979531ed1d2135b4c96eb453 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1040 / 726 of 1000 / last-modified: 1636585547" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26975 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 11 Nov 2021 09:46:25 GMT
GET H2	200	Z3JhbmRub3RpY2lhcy5jb20vYnJhc2lsLWZvaS1jZWxlaXJvLXBhcmEtc3VyZ2ltZW50by1kZS1ub3Zhcy12YXJpYW50ZXMtZGl6LWVzdHVkby8= Show response live.demand.supply/p4/v14-0-0/	3 KB 970 B	121ms 120ms	Script text/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/p4/v14-0-0/Z3JhbmRub3RpY2lhcy5jb20vYnJhc2lsLWZvaS1jZWxlaXJvLXBhcmEtc3VyZ2ltZW50by1kZS1ub3Zhcy12YXJpYW50ZXMtZGl6LWVzdHVkby8= Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e5cd30aaf01abafcd880e39b3a108fc37bd01eb0fcf77f4230682e30d5964e9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-encoding br server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 6ac697e21c906964-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	ds.2.html Show response live.demand.supply/	413 B 328 B	42ms 30ms	XHR text/html	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/ds.2.html Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJHBRWADE485X779EJG37KPW date Thu, 11 Nov 2021 09:46:25 GMT content-encoding br cf-cache-status HIT server cloudflare timing-allow-origin * age 1661508 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 cf-ray 6ac697e22f0168f7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	500 Internal Server Error	/ t.dtscout.com/i/	0 0	293ms 93ms	Script application/javascript	158.69.139.225 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/i/?l=https%3A%2F%2Fgrandnoticias.com%2Fbrasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo%2F&j=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo Requested by Host: waust.at URL: https://waust.at/d.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip225.ip-158-69-139.net Software nginx/1.10.3 (Ubuntu) / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 09:46:25 GMT Server nginx/1.10.3 (Ubuntu) Connection close X-S mtl1 Transfer-Encoding chunked Content-Type application/javascript
GET H2	200	/ Show response whos.amung.us/pingjs/	30 B 146 B	569ms 113ms	Script text/javascript	67.202.114.212 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/pingjs/?k=victorxone&t=Brasil%20foi%20celeiro%20para%20surgimento%20de%20novas%20variantes%2C%20diz%20estudo&c=d&x=https%3A%2F%2Fgrandnoticias.com%2Fbrasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo%2F&y=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo&a=0&v=27&r=9741 Requested by Host: waust.at URL: https://waust.at/d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.202.114.212 , United States, ASN32748 (STEADFAST, US), Reverse DNS amung.us Software / Resource Hash a58f6e781698cf0025b9067d3371fc0f567d3a739bba8d2e22971b564f619a1a Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-encoding gzip content-type text/javascript;charset=UTF-8
HEAD H2	200	e.js Show response live.demand.supply/x/	0 102 B	21ms 21ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FG0K7H2FB9RSN5P435HQQVNH date Thu, 11 Nov 2021 09:46:25 GMT cf-cache-status HIT age 2528293 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "0b1ef88152c3a4cd79e0ba959cca0c64-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697e339d468f7-FRA
GET H2	200	sdb.css live.demand.supply/css/	4 KB 2 KB	50ms 50ms	Stylesheet text/css	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/css/sdb.css Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FG625Q60DBMRQYAJ46KS6PVH date Thu, 11 Nov 2021 09:46:25 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 2531880 etag W/"c0f2731a37de075020c9a8515b9bc0b3-ssl-df" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control max-age=2592000,immutable,stale-if-error=604800 cf-ray 6ac697e33f506964-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	grandnoticias.com_auto_728x90_sticky_display_bottom Show response live.demand.supply/cp/	27 B 82 B	598ms 598ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/grandnoticias.com_auto_728x90_sticky_display_bottom?mlos=wi&mlbr=ch&mlla=en&mlbs=20&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 407949d372a1f66bf7ba9e93d6ebcd02172b3662290c5bd64d1ec92765819716 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 6ac697e349fa68f7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 27
GET H2	200	grandnoticias.com_fluid_lb Show response live.demand.supply/cp/	26 B 84 B	599ms 598ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/grandnoticias.com_fluid_lb?mlos=wi&mlbr=ch&mlla=en&mlbs=20&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5ae04c59f585c20de694fa0ea8c50cefc3b91d50e2ff648f3d0ba3cf4a46f33 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 6ac697e34a0368f7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 26
GET H2	200	grandnoticias.com_fluid_sq Show response live.demand.supply/cp/	27 B 120 B	587ms 586ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/grandnoticias.com_fluid_sq?mlos=wi&mlbr=ch&mlla=en&mlbs=20&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fae9ade533e4ce42474182541c885c156cc03b0907d87791ffc4b4b8ebf4d80c Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 6ac697e34a0668f7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 27
GET H2	200	grandnoticias.com_fluid_sq_300x250.2 Show response live.demand.supply/cp/	26 B 81 B	611ms 610ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/grandnoticias.com_fluid_sq_300x250.2?mlos=wi&mlbr=ch&mlla=en&mlbs=20&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d772d5871bd68b7a1caebe9745477aa4c61995a5551222e7f1b8ff34108cda8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 6ac697e34a0b68f7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 26
GET H2	200	grandnoticias.com_fluid_sq_300x250.3 Show response live.demand.supply/cp/	27 B 82 B	597ms 597ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/grandnoticias.com_fluid_sq_300x250.3?mlos=wi&mlbr=ch&mlla=en&mlbs=20&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fae9ade533e4ce42474182541c885c156cc03b0907d87791ffc4b4b8ebf4d80c Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 6ac697e34a0f68f7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 27
GET H2	200	grandnoticias.com_fluid_lb+sq_responsivo Show response live.demand.supply/cp/	26 B 81 B	614ms 613ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/grandnoticias.com_fluid_lb+sq_responsivo?mlos=wi&mlbr=ch&mlla=en&mlbs=20&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f7299a8a1553f2356672f20e6656ad601d9fe2174569ff5da2d432e0c8c5a46 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 6ac697e34a1468f7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 26
GET H2	200	pubads_impl_2021110801.js Show response securepubads.g.doubleclick.net/gpt/	344 KB 116 KB	24ms 22ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash 447ffe4040fc9d0761f896e3ef3b37e2220744f4d3e3760ffe1f216f3d0e4e54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 118396 x-xss-protection 0 last-modified Mon, 08 Nov 2021 09:34:31 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 11 Nov 2021 09:46:25 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	75 B 98 B	38ms 21ms	XHR application/json	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=grandnoticias.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 8f4644d830b81e4dca2226a4410da2da45113b55e9e202e75ca2bb377b45ebf2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:46:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 73 x-xss-protection 0 expires Thu, 11 Nov 2021 09:46:25 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/ Frame 9093	11 KB 5 KB	40ms 7ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Thu, 11 Nov 2021 00:54:40 GMT expires Thu, 25 Nov 2021 00:54:40 GMT content-type text/html; charset=UTF-8 etag 4704609575283140419 x-content-type-options nosniff content-encoding gzip server cafe content-length 4891 x-xss-protection 0 age 31905 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	49ms 16ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=grandnoticias.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:46:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	46ms 16ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=grandnoticias.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:46:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	112 KB 31 KB	300ms 299ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1931255394092822&correlator=1878148175316029&output=ldjh&impl=fif&eid=44754276&vrg=2021110801&ptt=17&sc=1&sfv=1-0-38&ecs=20211111&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2C9cb46b75-a358-45c3-adee-a8fe94db3a77&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ti%3D87b1e92a-eb60-407f-b6f4-daca66d351c8%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D20&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636623985&dt=1636623985075&dlt=1636623984425&idt=524&frm=20&biw=1600&bih=1200&oid=2&adks=3461338630&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fbrasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo%2F&ref=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=672329888.1636623985&ga_sid=1636623985&ga_hid=728118227&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 486c12540bdfce3febd32987a2ab824d11dbe37c6def027b68cf0130c5ddba4e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31474 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://grandnoticias.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 301E	6 KB 4 KB	98ms 16ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Thu, 11 Nov 2021 09:46:25 GMT expires Fri, 11 Nov 2022 09:46:25 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	pubads_impl_page_level_ads_2021110801.js Show response securepubads.g.doubleclick.net/gpt/	36 KB 13 KB	16ms 16ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021110801.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash 4d31760cc02a77d05f1bb2df06abed94d9d6ab94e552754dce76b10092b59dfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13489 x-xss-protection 0 last-modified Mon, 08 Nov 2021 09:34:31 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 11 Nov 2021 09:46:25 GMT
GET H2	200	jwplayer.js Show response ssl.p.jwpcdn.com/player/v/8.3.5/ Frame B2F7	84 KB 27 KB	69ms 22ms	Script application/javascript	2a04:4e42::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.3.5/jwplayer.js Requested by Host: animesonehd.xyz URL: https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 2c9cb69ec474efec002d6ffd967e893d22c51d9e1c9b9d0c756e56a6c08488a2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://animesonehd.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-encoding gzip age 1842125 x-cache HIT content-length 27435 via 1.1 varnish x-served-by cache-mxp6927-MXP last-modified Tue, 05 Jun 2018 19:13:42 GMT server AmazonS3 x-timer S1636623986.619393,VS0,VE1 etag "3340e38ae8e93d25650d7eea8e1ddeb2" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 1
GET H2	200	js.cookie.min.js Show response cdn.jsdelivr.net/npm/js-cookie@2/src/ Frame B2F7	2 KB 2 KB	43ms 16ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js Requested by Host: animesonehd.xyz URL: https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://animesonehd.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 7496 x-jsd-version 2.2.1 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by cache-fra19137-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 6ac697e5ec864eb5-FRA
GET H2	404	logger.js www.jwplayer.com/developers/web-player-demos/resume-playback-with-cookies/ Frame B2F7	0 0	504ms 412ms	Script text/html	2606:2c40::c73c:67e3 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://www.jwplayer.com/developers/web-player-demos/resume-playback-with-cookies/logger.js Requested by Host: animesonehd.xyz URL: https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://animesonehd.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	jquery-1.7.1.min.js Show response code.jquery.com/ Frame B2F7	92 KB 33 KB	89ms 20ms	Script application/javascript	2001:4de0:ac18::1:a:3a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.7.1.min.js Requested by Host: animesonehd.xyz URL: https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Request headers Accept-Language de-DE,de;q=0.9 Referer https://animesonehd.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-encoding gzip last-modified Fri, 24 Oct 2014 00:16:07 GMT server nginx etag W/"54499a47-16eac" vary Accept-Encoding x-hw 1636623985.dop019.ml1.t,1636623985.cds207.ml1.hn,1636623985.cds202.ml1.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33120
GET H2	200	tc.js Show response cdn.tynt.com/	17 KB 7 KB	128ms 34ms	Script application/javascript	104.18.28.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/tc.js Requested by Host: waust.at URL: https://waust.at/d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:25 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 27 Aug 2021 20:58:51 GMT server cloudflare age 175021 etag W/"6129520b-431d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 6ac697e68c6335e3-MAN expires Sun, 14 Nov 2021 09:46:25 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H2	204	p ic.tynt.com/b/	0 227 B	347ms 111ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636623985308&dn=TC&iso=0&r=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo&t=Brasil%20foi%20celeiro%20para%20surgimento%20de%20novas%20variantes%2C%20diz%20estudo Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
HEAD H2	200	e.js Show response live.demand.supply/e/	0 50 B	21ms 18ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=grandnoticias.com_fluid_sq&pdc=0.10119912028312683&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:25 GMT cf-cache-status HIT age 1520120 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697e6fb7068f7-FRA
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	21ms 20ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=grandnoticias.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:46:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	20ms 19ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=grandnoticias.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:46:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	16 KB 8 KB	472ms 471ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1931255394092822&correlator=728637536832127&output=ldjh&impl=fif&eid=44754276&vrg=2021110801&ptt=17&sc=1&sfv=1-0-38&ecs=20211111&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2Cb0874d07-6673-4d9b-89b7-4bc3f7a07236&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&prev_scp=ti%3D87b1e92a-eb60-407f-b6f4-daca66d351c8%26bid-p%3Dgoogle%26bsc%3D20&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636623985&dt=1636623985360&dlt=1636623984425&idt=524&frm=20&biw=1600&bih=1200&oid=2&adxs=340&adys=128&adks=78670283&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fbrasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo%2F&ref=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=672329888.1636623985&ga_sid=1636623985&ga_hid=728118227&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 855d815e91b6b43d33c08297ecb91ee451a923e8052cb5db83979409f79de076 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8382 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://grandnoticias.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H2	200	e.js Show response live.demand.supply/e/	0 44 B	15ms 14ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=grandnoticias.com_auto_728x90_sticky_display_bottom&pdc=-0.4701977074146271&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:25 GMT cf-cache-status HIT age 1520120 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697e70b9968f7-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	13 KB 8 KB	334ms 333ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1931255394092822&correlator=4272457460149096&output=ldjh&impl=fif&eid=44754276&vrg=2021110801&ptt=17&sc=1&sfv=1-0-38&ecs=20211111&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2C127bd976-9a1d-49d0-a25c-1143e2eb7440&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=ti%3D87b1e92a-eb60-407f-b6f4-daca66d351c8%26bid-p%3Dgoogle%26bsc%3D20&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636623985&dt=1636623985373&dlt=1636623984425&idt=524&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=764002462&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fbrasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo%2F&ref=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=672329888.1636623985&ga_sid=1636623985&ga_hid=728118227&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 6da04560ba5890fead582c8cb9f2f1ac9cafbcf947db87fe2e34fde0f1102556 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7906 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://grandnoticias.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H2	200	e.js Show response live.demand.supply/e/	0 44 B	28ms 28ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=grandnoticias.com_fluid_sq_300x250.3&pdc=0.10119912028312683&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:25 GMT cf-cache-status HIT age 1520120 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697e72bcf68f7-FRA
HEAD H2	200	e.js Show response live.demand.supply/e/	0 44 B	27ms 26ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=grandnoticias.com_fluid_lb&pdc=0.3868975341320038&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:25 GMT cf-cache-status HIT age 1520120 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697e72bd368f7-FRA
HEAD H2	200	e.js Show response live.demand.supply/e/	0 44 B	23ms 22ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=grandnoticias.com_fluid_sq_300x250.2&pdc=0.9167125701904297&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:25 GMT cf-cache-status HIT age 1520120 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697e72bd968f7-FRA
HEAD H2	200	e.js Show response live.demand.supply/e/	0 44 B	20ms 20ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=grandnoticias.com_fluid_lb%2Bsq_responsivo&pdc=0.6018249034881592&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:25 GMT cf-cache-status HIT age 1520120 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697e73be068f7-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	18 KB 10 KB	496ms 496ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1931255394092822&correlator=865722475356027&output=ldjh&impl=fif&eid=44754276&vrg=2021110801&ptt=17&sc=1&sfv=1-0-38&ecs=20211111&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2Cb58159ff-f4d5-494f-b035-5bff9acdaf90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&prev_scp=ti%3D87b1e92a-eb60-407f-b6f4-daca66d351c8%26bid%3D0.72%26bid-p%3Dgoogle%26bsc%3D20&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636623985&dt=1636623985413&dlt=1636623984425&idt=524&frm=20&biw=1600&bih=1200&oid=2&adxs=650&adys=128&adks=1716784816&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fbrasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo%2F&ref=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=672329888.1636623985&ga_sid=1636623985&ga_hid=728118227&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 5b8d50404ebe56ca398205ef1dc68da7dd42809f95a06ea5d0e2e257d1a3b611 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9708 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://grandnoticias.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	17 KB 8 KB	341ms 340ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1931255394092822&correlator=3255008150557865&output=ldjh&impl=fif&eid=44754276&vrg=2021110801&ptt=17&sc=1&sfv=1-0-38&ecs=20211111&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2Cdef67dda-c211-4395-b4be-7205fd8d9645&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1020x100&prev_scp=ti%3D87b1e92a-eb60-407f-b6f4-daca66d351c8%26bid%3D0.37%26bid-p%3Dgoogle%26bsc%3D20&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636623985&dt=1636623985424&dlt=1636623984425&idt=524&frm=20&biw=1600&bih=1200&oid=2&adxs=288&adys=98&adks=1321797560&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fbrasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo%2F&ref=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=1024x0&ga_vid=672329888.1636623985&ga_sid=1636623985&ga_hid=728118227&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 75818309f02d9a4f2b94a0846376db118dc7428716749dfcf3e49f035f3dc5f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8493 x-xss-protection 0 google-lineitem-id 5563951840 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138332681208 content-type text/plain; charset=UTF-8 access-control-allow-origin https://grandnoticias.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	18 KB 9 KB	505ms 504ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1931255394092822&correlator=465561027447729&output=ldjh&impl=fif&eid=44754276&vrg=2021110801&ptt=17&sc=1&sfv=1-0-38&ecs=20211111&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2C3b883385-d8fb-4b47-8493-a6be152db37f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&prev_scp=ti%3D87b1e92a-eb60-407f-b6f4-daca66d351c8%26bid-p%3Dgoogle%26bsc%3D20&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636623985&dt=1636623985433&dlt=1636623984425&idt=524&frm=20&biw=1600&bih=1200&oid=2&adxs=960&adys=128&adks=1454166664&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fbrasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo%2F&ref=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=672329888.1636623985&ga_sid=1636623985&ga_hid=728118227&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 2d88aa8c27c49f85959aaf28d51edf27f15a0545e5451b84205dc1666e46b504 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9587 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://grandnoticias.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A40A	6 KB 3 KB	308ms 7ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Thu, 11 Nov 2021 09:46:25 GMT expires Fri, 11 Nov 2022 09:46:25 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
HEAD H2	200	e.js Show response live.demand.supply/e/	0 44 B	15ms 14ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=5.36&b=1&r=grandnoticias.com_auto_interstitial_desktop&sy=2e93bec3-c309-4f35-a1d8-b4ac1026d16c&ts=20&cd=2&pud=100&pus=c&pue=334&pid=27&pis=c&pie=384&ppd=122&pps=a&ppe=479&pad=223&pas=c&pae=595&pcl=318&ttc=556&tti=1286&ttif=0&lca=479&lcak=ppe&lct=595&lctk=pae&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.google.com.br&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=87b1e92a-eb60-407f-b6f4-daca66d351c8&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:25 GMT cf-cache-status HIT age 1520120 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697e7dd7368f7-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	18 KB 10 KB	331ms 330ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1931255394092822&correlator=4380429010489613&output=ldjh&impl=fif&eid=44754276&vrg=2021110801&ptt=17&sc=1&sfv=1-0-38&ecs=20211111&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2C3fdf2481-8b3f-4877-baba-e37ccf4987ff&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1020x280&prev_scp=ti%3D87b1e92a-eb60-407f-b6f4-daca66d351c8%26bid%3D0.55%26bid-p%3Dgoogle%26bsc%3D20&eri=1&cookie=ID%3D8be14d7f188b04cc-226da6a549cb004d%3AT%3D1636623985%3AS%3DALNI_MZdSkO6xCdCHURK50sRKGfs48MfUw&bc=31&abxe=1&lmt=1636623985&dt=1636623985495&dlt=1636623984425&idt=524&frm=20&biw=1600&bih=1200&oid=2&adxs=288&adys=1077&adks=1712911701&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fbrasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo%2F&ref=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=1024x0&ga_vid=672329888.1636623985&ga_sid=1636623985&ga_hid=728118227&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 27d6a50c55f6e30650311f8489ed8a2ccd49c999241ce2d6dfa68dfaf8fdafa6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9928 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://grandnoticias.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	v2 Show response de.tynt.com/deb/	4 B 202 B	415ms 112ms	Script application/javascript	208.100.17.183 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=w!victorxone&dn=TC&cc=1&r=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/tc.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.183 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip183.208-100-17.static.steadfastdns.net Software / Resource Hash d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT cache-control max-age=86400 content-type application/javascript p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" content-length 4 expires Fri, 12 Nov 2021 09:46:26 GMT
GET H2	204	p ic.tynt.com/b/	0 227 B	116ms 115ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636623985308&dn=TC&iso=0&r=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo&t=Brasil%20foi%20celeiro%20para%20surgimento%20de%20novas%20variantes%2C%20diz%20estudo Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	jwplayer.core.controls.js Show response ssl.p.jwpcdn.com/player/v/8.3.5/ Frame B2F7	228 KB 56 KB	21ms 21ms	Script application/javascript	2a04:4e42::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.3.5/jwplayer.core.controls.js Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.3.5/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 17c311dc9168746b614a94f651e25f73ddd6b5d6b2bce368813fb720d1e9033f Request headers Accept-Language de-DE,de;q=0.9 Referer https://animesonehd.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding gzip age 1837174 x-cache HIT content-length 57438 via 1.1 varnish x-served-by cache-mxp6927-MXP last-modified Tue, 05 Jun 2018 19:13:41 GMT server AmazonS3 x-timer S1636623986.098264,VS0,VE1 etag "42ac288c3dd3c0c62a4f2b1005cc5817" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 1
GET H2	200	jwpsrv.js Show response ssl.p.jwpcdn.com/player/v/8.3.5/ Frame B2F7	51 KB 16 KB	38ms 38ms	Script application/javascript	2a04:4e42::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.3.5/jwpsrv.js Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.3.5/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f44ac5619379731a4dd9a546101768c537a472dcbe049735c3740661a9f582d7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://animesonehd.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT via 1.1 varnish age 1318 x-cache HIT content-encoding gzip content-length 16060 x-served-by cache-mxp6927-MXP last-modified Wed, 25 Nov 2020 15:45:24 GMT server AmazonS3 x-timer S1636623986.099923,VS0,VE0 etag "9ce4655dbc7b8410f510da753f3be441" vary Accept-Encoding content-type application/javascript access-control-allow-origin * accept-ranges bytes x-cache-hits 1
GET H2	200	related.js Show response ssl.p.jwpcdn.com/player/plugins/related/v/6.2.4/ Frame B2F7	87 KB 21 KB	36ms 36ms	Script text/plain	2a04:4e42::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/plugins/related/v/6.2.4/related.js Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.3.5/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d7f211c00704e79b4ba02e0fb222761625185ea4a179e3331626dc1f9f1740a7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://animesonehd.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding gzip age 31184 x-cache HIT content-length 21159 via 1.1 varnish x-served-by cache-mxp6927-MXP last-modified Fri, 11 May 2018 22:34:53 GMT server AmazonS3 x-timer S1636623986.100078,VS0,VE0 etag "7bbdfe2a8a588c6df3bf256f3a486be3" vary Accept-Encoding content-type text/plain access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 3
GET H2	200	provider.hlsjs.js Show response ssl.p.jwpcdn.com/player/v/8.3.5/ Frame B2F7	277 KB 79 KB	38ms 38ms	Script application/javascript	2a04:4e42::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.3.5/provider.hlsjs.js Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.3.5/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash cea97e8d372a30aafdb69c8b22be93e9130bd4c5c6a28ef30dd05df255097f81 Request headers Accept-Language de-DE,de;q=0.9 Referer https://animesonehd.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding gzip age 28830 x-cache HIT content-length 80651 via 1.1 varnish x-served-by cache-mxp6927-MXP last-modified Tue, 05 Jun 2018 19:13:44 GMT server AmazonS3 x-timer S1636623986.101147,VS0,VE1 etag "233287f1f799217fc5fae80157e24418" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 1
GET H2	200	container.html Show response 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2AFA	6 KB 3 KB	12ms 9ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Thu, 11 Nov 2021 09:46:25 GMT expires Fri, 11 Nov 2022 09:46:25 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated /	182 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
HEAD H2	200	e.js Show response live.demand.supply/e/	0 73 B	22ms 19ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0&b=3&r=grandnoticias.com_auto_728x90_sticky_display_bottom&sy=2e93bec3-c309-4f35-a1d8-b4ac1026d16c&ts=20&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.google.com.br&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=87b1e92a-eb60-407f-b6f4-daca66d351c8&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:26 GMT cf-cache-status HIT age 1520121 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697e958fc68f7-FRA
GET		view securepubads.g.doubleclick.net/pcs/ Frame A889	0 0
GET		rx_lidar.js www.googletagservices.com/activeview/js/current/ Frame A889	0 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	317ms 16ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=grandnoticias.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:46:26 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	17ms 16ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=grandnoticias.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:46:26 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	57 KB 13 KB	306ms 305ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1931255394092822&correlator=3768785829182816&output=ldjh&impl=fif&eid=44754276&vrg=2021110801&ptt=17&sc=1&sfv=1-0-38&ecs=20211111&iu_parts=44890869%3A22452279479%2Cca-pub-3831894559014614-tag%2Cb7abb7f1-a756-4800-8ca0-77aff6343d23&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1020x100&prev_scp=ti%3D87b1e92a-eb60-407f-b6f4-daca66d351c8%26bid-p%3Dgoogle%26bsc%3D20&eri=1&cookie=ID%3D2ef1b613dcd3f35e%3AT%3D1636623985%3AS%3DALNI_MZJlCUw6GHrByfDXUAUw8a3YfIOHg&bc=31&abxe=1&lmt=1636623985&dt=1636623985789&dlt=1636623984425&idt=524&frm=20&biw=1600&bih=1200&oid=2&adxs=288&adys=98&adks=1189491951&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgrandnoticias.com%2Fbrasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo%2F&ref=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=1024x0&ga_vid=672329888.1636623985&ga_sid=1636623985&ga_hid=728118227&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 5ef15751827005c5fc0c52d87775d90ae9547fb007a98f9c436508600ba6d7e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13401 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://grandnoticias.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	p ic.tynt.com/b/	0 227 B	111ms 111ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636623985308&dn=TC&iso=0&r=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo&t=Brasil%20foi%20celeiro%20para%20surgimento%20de%20novas%20variantes%2C%20diz%20estudo Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	css2 fonts.googleapis.com/ Frame A40A	4 KB 729 B	319ms 16ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Nov 2021 08:29:37 GMT server ESF date Thu, 11 Nov 2021 09:46:26 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Nov 2021 09:46:26 GMT
GET H2	200	css fonts.googleapis.com/ Frame BB37	3 KB 651 B	299ms 17ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Nov 2021 07:58:24 GMT server ESF date Thu, 11 Nov 2021 09:46:26 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Nov 2021 09:46:26 GMT
GET H2	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame BB37	1 KB 960 B	51ms 17ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:23:31 GMT content-encoding gzip x-content-type-options nosniff age 1375 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 853 x-xss-protection 0 server cafe etag 7170004918125193417 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:23:31 GMT
GET H2	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame BB37	19 KB 8 KB	39ms 8ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:44:35 GMT content-encoding gzip x-content-type-options nosniff age 111 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7878 x-xss-protection 0 server cafe etag 10809069374711699201 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:44:35 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame BB37	2 KB 1 KB	51ms 19ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:41:02 GMT content-encoding gzip x-content-type-options nosniff age 324 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1337 x-xss-protection 0 server cafe etag 17605089983984592854 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:41:02 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame BB37	119 KB 37 KB	34ms 33ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 11 Nov 2021 09:46:26 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame BB37	15 KB 6 KB	40ms 10ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:40:16 GMT content-encoding gzip x-content-type-options nosniff age 370 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6461 x-xss-protection 0 server cafe etag 1157727964977547826 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:40:16 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame BB37	0 0	50ms 18ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZDtG_DgXweEDCmhDRJXa8Dn7L13INzc0tQ8ZjWPHkxsLBz0HH9nfRHTZicoZ_ssCgzrLehQGX8F7ocm5gEEuk0y1KTQ Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	c5d443f94f59031b290788a54ae3dbc2.js Show response www.gstatic.com/mysidia/ Frame BB37	27 KB 12 KB	37ms 7ms	Script text/javascript	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 08:43:46 GMT content-encoding gzip x-content-type-options nosniff age 90160 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11508 x-xss-protection 0 last-modified Tue, 09 Nov 2021 03:19:27 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 08 Feb 2022 08:43:46 GMT
GET H2	200	interstitial_ad_frame_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame A40A	18 KB 8 KB	31ms 13ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/interstitial_ad_frame_fy2019.js Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ad286edc01d412b681126058e8943593d32b62b8dbacd2c901d9ee02cc2653b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:44:18 GMT content-encoding gzip x-content-type-options nosniff age 128 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8114 x-xss-protection 0 server cafe etag 920690405916455778 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:44:18 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame A40A	205 B 519 B	27ms 11ms	Image image/png	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 17:19:15 GMT x-content-type-options nosniff age 59231 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 10 Nov 2022 17:19:15 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame A40A	604 B 695 B	26ms 11ms	Image image/png	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 22:11:31 GMT x-content-type-options nosniff age 41695 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 10 Nov 2022 22:11:31 GMT
GET H2	200	container.html Show response 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 560B	6 KB 3 KB	13ms 7ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Thu, 11 Nov 2021 09:46:25 GMT expires Fri, 11 Nov 2022 09:46:25 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
HEAD H2	200	e.js Show response live.demand.supply/e/	0 44 B	21ms 16ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.55&b=1&r=grandnoticias.com_fluid_lb%2Bsq_responsivo&sy=2e93bec3-c309-4f35-a1d8-b4ac1026d16c&ts=20&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.google.com.br&mlin=0&mlsi=1020x280&mlbw=4g&mlcs=NaN&mltp=87b1e92a-eb60-407f-b6f4-daca66d351c8&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:26 GMT cf-cache-status HIT age 1520121 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697ea7bbc68f7-FRA
GET H2	200	container.html Show response 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 488E	6 KB 3 KB	7ms 7ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Thu, 11 Nov 2021 09:46:25 GMT expires Fri, 11 Nov 2022 09:46:25 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
HEAD H2	200	e.js Show response live.demand.supply/e/	0 44 B	15ms 15ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0&b=3&r=grandnoticias.com_fluid_sq&sy=2e93bec3-c309-4f35-a1d8-b4ac1026d16c&ts=20&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.google.com.br&mlin=0&mlsi=300x280&mlbw=4g&mlcs=NaN&mltp=87b1e92a-eb60-407f-b6f4-daca66d351c8&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:26 GMT cf-cache-status HIT age 1520121 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697eacc6368f7-FRA
GET H2	200	playeranimesonehd.jpg animesonehd.xyz/wp-content/uploads/2021/05/ Frame B2F7	213 KB 214 KB	329ms 28ms	Image image/jpeg	2606:4700:3036::ac43:ad4b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://animesonehd.xyz/wp-content/uploads/2021/05/playeranimesonehd.jpg Requested by Host: animesonehd.xyz URL: https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3036::ac43:ad4b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df66311c687794e7ef4c65648a8f4c5409ceea678ef97b6c2f123d44eea92847 Request headers Accept-Language de-DE,de;q=0.9 Referer https://animesonehd.xyz/s02hd.php?video=S/Shingeki_no_Kyojin_1/01.mp4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 408438 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 218481 last-modified Thu, 13 May 2021 22:03:40 GMT server cloudflare etag "609da23c-35571" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WOzWa2sF1gYVGWRjmns8%2FknUAaPXhPzZtJ9g2uDBsyICUNlvu79e1FzkUJAn2BC%2FzbwDGTqul283Stz%2F3j7KEp%2B1bN1kM1XOx7KeBR0ZcZL4aSC3%2FLsruyI1YYRxJB9%2FH3NHPW27C98GxFWhNo%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes cf-ray 6ac697ed4bc10f82-MXP expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	container.html Show response 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D259	6 KB 3 KB	7ms 7ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Thu, 11 Nov 2021 09:46:25 GMT expires Fri, 11 Nov 2022 09:46:25 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
HEAD H2	200	e.js Show response live.demand.supply/e/	0 44 B	17ms 17ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.72&b=2&r=grandnoticias.com_fluid_sq_300x250.2&sy=2e93bec3-c309-4f35-a1d8-b4ac1026d16c&ts=20&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.google.com.br&mlin=0&mlsi=300x280&mlbw=4g&mlcs=NaN&mltp=87b1e92a-eb60-407f-b6f4-daca66d351c8&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:26 GMT cf-cache-status HIT age 1520121 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697eb6df668f7-FRA
GET H2	200	container.html Show response 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8841	6 KB 3 KB	7ms 7ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Thu, 11 Nov 2021 09:46:25 GMT expires Fri, 11 Nov 2022 09:46:25 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
HEAD H2	200	e.js Show response live.demand.supply/e/	0 44 B	18ms 17ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0&b=3&r=grandnoticias.com_fluid_sq_300x250.3&sy=2e93bec3-c309-4f35-a1d8-b4ac1026d16c&ts=20&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.google.com.br&mlin=0&mlsi=300x280&mlbw=4g&mlcs=NaN&mltp=87b1e92a-eb60-407f-b6f4-daca66d351c8&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:26 GMT cf-cache-status HIT age 1520121 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697eb8e4068f7-FRA
GET H2	204	p ic.tynt.com/b/	0 227 B	115ms 114ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636623985308&dn=TC&iso=0&r=https%3A%2F%2Fwww.google.com.br%2Fsearch%3Fq%3Dbrasil%2Bfoi%2Bceleiro%2Bpara%2Bsurgimento%2Bde%2Bnovas%2Bvariantes%2C%2Bdiz%2Bestudo Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012110042008000/ Frame 0CAF	190 KB 55 KB	63ms 7ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 236342 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55667 x-xss-protection 0 server sffe date Mon, 08 Nov 2021 16:07:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "11904075b70ba1a0" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 08 Nov 2022 16:07:24 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012110042008000/v0/ Frame 0CAF	13 KB 5 KB	76ms 22ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 236342 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4996 x-xss-protection 0 server sffe date Mon, 08 Nov 2021 16:07:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "01e91d40c144b6bf" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 08 Nov 2022 16:07:24 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012110042008000/v0/ Frame 0CAF	89 KB 28 KB	76ms 23ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 236342 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28494 x-xss-protection 0 server sffe date Mon, 08 Nov 2021 16:07:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "a5e24beaf7c9a504" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 08 Nov 2022 16:07:24 GMT
GET H2	200	amp-bind-0.1.mjs Show response cdn.ampproject.org/rtv/012110042008000/v0/ Frame 0CAF	39 KB 14 KB	82ms 29ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012110042008000/v0/amp-bind-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2dec1e051f7a1ade2e7691307be4ab47d5e0edbcaf331f945c2e9b79218afd34 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 19426 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13812 x-xss-protection 0 server sffe date Thu, 11 Nov 2021 04:22:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "dc431b1498fb165c" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 11 Nov 2022 04:22:40 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012110042008000/v0/ Frame 0CAF	4 KB 2 KB	77ms 25ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 236342 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1635 x-xss-protection 0 server sffe date Mon, 08 Nov 2021 16:07:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "dff2522b082c9ee5" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 08 Nov 2022 16:07:24 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012110042008000/v0/ Frame 0CAF	40 KB 13 KB	78ms 26ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 236342 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12816 x-xss-protection 0 server sffe date Mon, 08 Nov 2021 16:07:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "6a05f1a8ea5ea134" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 08 Nov 2022 16:07:24 GMT
GET H2	200	css fonts.googleapis.com/ Frame 0CAF	3 KB 651 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Nov 2021 07:58:57 GMT server ESF date Thu, 11 Nov 2021 09:46:26 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Nov 2021 09:46:26 GMT
GET H2	200	pt.png tpc.googlesyndication.com/pagead/images/abg/ Frame 0CAF	3 KB 3 KB	319ms 15ms	Image image/png	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/pt.png Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 06:53:13 GMT x-content-type-options nosniff server cafe age 10393 etag 7735524722462771930 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2886 x-xss-protection 0 expires Fri, 12 Nov 2021 06:53:13 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 0CAF	344 B 473 B	311ms 8ms	Image image/png	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 07:25:45 GMT x-content-type-options nosniff server cafe age 8441 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Fri, 12 Nov 2021 07:25:45 GMT
GET H2	200	nessie_icon_tiamat_white.png tpc.googlesyndication.com/pagead/images/ Frame 0CAF	225 B 330 B	318ms 16ms	Image image/png	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 06:53:12 GMT x-content-type-options nosniff server cafe age 10394 etag 14085932017949564970 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 225 x-xss-protection 0 expires Fri, 12 Nov 2021 06:53:12 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 0CAF	0 0	52ms 51ms	Image text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C91vXcuaMYd71DZj03gPU_IXgCKq07YdjrO6e9MEN3eTqyfsgEAEglZvKIWCV-vCBjAegAdLh2IQDyAEJqQJmIz6w8UGzPuACAKgDAcgDCqoEuQJP0FmiWE3awgHfsugrFLwAZQ6IU93Q0x3GVt8spBw1aQ7zKDd0lco8ZX8qf0AMswLypcT5SLTTV-BzNZp0lqJwpqSqYI0_1FRxxzizPkBUEUswvT9H17dhVN_6dbmSkoPhKQZI82pXQb0PJoM3xnSEnumPLX5Pxas0RH0xxTJkaqutL3n9RDgrSo19D9S_2A_jPUfdbaJQS-XrElJmZ_PEN8GATlqGEcHkZmxZNA4AgXy59a0JgQ3xZUcGk9i-m6_AhEWT1kqhgNg-TR8sS2JQwgdRTaWFnN0WL61ia9cAC_rVpNDKR4wCtK3_bE_Nuvi__hiX8kVbmAiEo2hxJRvE068w2QZWccylRzytYKIj4ah8pnEMza9iSiTXFVcDieZSNYR5uxx1dOq7EQY90wdERPZBos-HWdstwASrgufpwAPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHlp6ne6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEOyOENIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tODM2ODQwMDAzMzY5MTEyMIAKA8gLAbgTiCfYEwKIFAHQFQGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=Cbd_l9di4yA&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness) Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
HEAD H2	200	e.js Show response live.demand.supply/e/	0 44 B	16ms 15ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=grandnoticias.com_fluid_lb&pn=2&sn=3&pc=0.3868975341320038&ds=true&e=wdp&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:26 GMT cf-cache-status HIT age 1520121 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697ebff2a68f7-FRA
HEAD H2	200	e.js Show response live.demand.supply/e/	0 44 B	15ms 15ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0&b=3&r=grandnoticias.com_fluid_lb&sy=2e93bec3-c309-4f35-a1d8-b4ac1026d16c&ts=20&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=grandnoticias.com&mlre=www.google.com.br&mlin=0&mlsi=1020x100&mlbw=4g&mlcs=NaN&mltp=87b1e92a-eb60-407f-b6f4-daca66d351c8&e=lm&dsReferer=aHR0cHM6Ly9ncmFuZG5vdGljaWFzLmNvbS9icmFzaWwtZm9pLWNlbGVpcm8tcGFyYS1zdXJnaW1lbnRvLWRlLW5vdmFzLXZhcmlhbnRlcy1kaXotZXN0dWRvLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v14.0.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nf-request-id 01FJMC2PDN20BKQ8CHFRNAV4P6 date Thu, 11 Nov 2021 09:46:26 GMT cf-cache-status HIT age 1520121 cf-polished origSize=2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "80ae048987cfcc5e3148408e48058596-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 6ac697ebff3068f7-FRA
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 783E	624 B 350 B	21ms 20ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYkc2kuAEwAQ&v=APEucNW_NqGEMPn7n-Dd6d54fg2KD2v4TfyCas1nI_HLilnzCCceptifRX0DVEmNV2KjBaB3ADEVALuPj3_XPy2huxMIGGOKjw0LBOF9LOQ81rXMHKQwqxv4_iLpGInRT2C7c8dupuqSeZJWM8DzW4fkz1v4-MKhgG85lEzjhS0FXCSnDEG-KOaLrr7XzG2RuA4Ki-_lzDgZgj0_LEL8URKCQhn3HDEYEA Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Thu, 11 Nov 2021 09:46:26 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 2AFA	71 KB 31 KB	63ms 57ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_Vmjz7P1jPuJJBMJymh6ZNs_ALQSfLETeV_jM6EKh00YUu6oWT29XItCapywJLm8WsLXUUyO2r9HU6NgLDpQQImVZabRWEbuTV2nQeDXwxCPIa-ryhym8muTUekcQBQUfDqHdr86WkeEgCe0WCOwlVQwsIg&dbm_d=AKAmf-DT539B0KU1zm-IC_5iDjP8c7ia9Bl1LCAnXtdr5llx0V-ITB7yWa_3FysOXayC84L9dgcCNqsmcbX2UetEKH64jD4P9IH5p6IBPtlkL4ETI7JpcV3-AAf0WLdD5gGncHSQhfGWnkG11BpiqDGECzTUb1yLnvNIs7b5M4Qpo0ngAA6uHQaNqo8aDy3mjzxvy_zMuU5C66A_jybMfFOPvQQD6dDWYQSV7GPlX3m6Up4xoHBavATGVYxta40mFWYwVS7UybplSFPcJ-JQDu2I9TLknVbksXhvbGcDIis3C2-vF3T0Oo9cL8GtGh2YTcv1ykTbflejVSz1e800gNpUHzL0C_2pStrfq1F3_I9ikjJ-XqXN2tZHgdKCEmVIDfIREHaO2JWEDFMl-9fxGIbDCGTeE49piQaZOPHkxDe056UmZcdwk32lmWE5s7YAeoeFn1TEQrzYRi1zm2z_Hf39XxZv0Dzu9ICTPt2m29R0jY75amW-EjObFvM3idLL5sKRbHnAHCgElpM2DEhi_bt-ce8IqOTS_acig54AF5jGuVuJdaTyOYS7ijJ0JytvhlpgLjljaMPsSz9BUNF04wcTcr1VirDlGevs18UAM7DPgYNBKnUYji-iZtHWIQnhWRnpdZkyFfNkDh2glzP5jOzRRqr6VJPC3B8mkRN_Xt0XZOW9Ldxv-6dS-Ui_FVi86EEyTiBg2nBlL-jHr1Px2PG7ZNE-GS2A1bnkKNe1w-47uRVNpu8QNB6Vwf6mhBGObtY8XnixgkJj3RkAJSsPd-VN7u6JLbla5XzbxPvEXDW4t0GWjRbf4E7_b3GcyO4_Mh5TfVHlPWXIML3_fK_BUKwfMSdFZTk7NyMnC2Khdy9k9T4Ak2ozf2PFcNMk8j6b8PCy39tgimOzjPp9Xv1WQuQ1HxwYeEeQoynWIdCVdlj9UxYwEp7s7DWMDCWAXxMZ4YfLjYgZx90Rukd26TPtHWSQWCsi3A-c2tt48vOZ70Uoz7daTQlHONu05OPvzW0wdjb0ixOmo5dLz8ebgvTZLim-pjQIcXSIonUCHQsnjkupkP2Vpn0ERPbi1wGSsbqBCQ_yxp5rjV5vAsA-Ls1hO2XMD6h3-qj9R_b03ZvXL84Yz6wFLVdq-hpVr3WDIb0_LUUS7tFhk5sygESkUVx1T0-LqlCa024gM-GJKOX6matZjZnZH3mYCrY1pJhi5dnZoKdclWMfSvhQdZOVJCxVro5Xl4yMAyvBmt7-4nKeQclVRn-CWFucRkif9DtMn7KoElYeaqozTQWa2knfiOF39UmJtmNneyadqqu2ZEy7-GFZZAvFL-CLiJkqAVntf237vbcnIiP9cBPL97Q48_KhxWgtgWsZhf7vreZP-LsGzXS9dPIp-BiAlD2MCcbAWkDXj4a3BS0syVotLqal20pkm8Ckh0pkd7ca5Ag2XadAZDRLaVuU1VsYeRvRH4Psqw_Cq3I1yvBtlocc93EtXJAiKYFznkfhMLJh4WnjhEQC3J_eYFeWhPQU2qtSNRurbrqrgunjLvOzT4RSMhlp89HI9PFjWtBb0iuFuX25Nn71JhmntF63GgA9wUeodjbCNrcSFmKwB6MGuHBim0Yl4BPp3NqHUZC1grARsp_3nKqPzepielSIlg4p36_De_7ZLL6YOEGBW1Om3w2JzIZI-84BcSuydKEHPr2VqEesDP-XrPVvmAXUQ8V06f8K_Yp2txBUVi_xW56D-vSTPRYPygTSZDS7OD3R2WpsC9YBY-bOKS7798HZ4lPiK5VzyWQKKy9nJGeKLk__ocmX_bptAp-b5Rg74ieTsjS1-YW3fQqzbCzBtKPJkqQZbsrB8EJwsYpnQyuhWZdk2SykwEBWhTFYgCt1KN5pP7nJ5TylmGALAxfXLCf-f2Wm40mVv03mZ3PrCxmMnMCKf-FaQI_AurRM_B4bfVXlvzUUPfwLzzlsYNfL1gKvoeaXBgCsmuZVutFIDZiO-OFyYYcf9VGhyajq-WJU_awVsIb7vIiMz12i1XCvXWrxCWOl-cC3tF9qeu3FofLD9rYiUJVoUpc5nQdA8_NzsYt_O6mnX-DXM1qNvlaVJr77CchpakV7If3lSIdSbcD_XT5FQP-bvskUm4WsDIgzB6mUZn2eeO8MKw9zo2lNmcK3SgV_PY3e20m6ygGavATvINTSIYqsFPVL0m6DEnW0jYZPWIbtSqoAOPBhPNvBRT_avnbNiZphbFRfCZDYuPhd70FcMdYNMDU5dKBWazhvAWrvEOkIeksx-zqX9j0l8jOZhbQBkVNfNmhPSaP4mbjTqbY1aOyPWzmaog46du4fU12xYBqqoKDXMjoXyMs0gq0G0J50j8eY1zmsBUwPmAz7SzCvseiUbxXL_sB0UvwprNQlfYVFIDhTFnSzJA_3LfMZv4KP23dF-f7tQvxRI9e0qjZrJtg2-2NoFeab1cJQk6l815lyE2PStSo5MeVDf0r7FAhGHQGAPgbAgtvVQ3kXkK_CFJpMwsaDfhd4a_kYGH1Ym0KbcPuZwaMI1DsD4A8sdw0CWGOtxlUV28Jwt1KJGbrdkEvtsWD1ZciuWNX8l6Lu3OQmQ-Cbtyzti5D1s8mK7-80XjZApV1WetPjIxcQWZiOwFS6r3MBE5ts0ouUOu7BQSxAKTjzlWwWDwwOQ9vgqYyiCE1bsbBnM6z6e6txDhqMJfzltkUG8PEdYMJQ537_fg2LBOHNdQdJbI4wWxXOCIq4dn8VOn0IS2Qpe-Zfi6o70-DxEgpCdVmhQQefnbauXI2bny_LLLiry6nfRE1b8lvLkOf8PyZm8tU8nQvOP_5i6goAwecPCQceyH33vI9vydt9asJMJ-Qwa0QC2lac0pvaS139soXjqT3tUgLL7TxeaifWnkPFy1YVXGtAHYlUm6NFg_1mBgFoptHg_N3bQZD_9avAW72u0ExIYTC_2NhbVTVtnAA_lEf1PsJjN87fSpEMpIjqxkRhoyqL9kEzf5OnzAQugjoKCrj7ceZCPwVR0zflUKCXwK2zeE-tZ835F36YFjVCgvs4Fr9w7k-_zq1Iyo3-LErEb1eWw0xHskK-0XJrv2Zy66riGdoeCabEADkUKyzUYTJUBtFo-mJEkxDE-P2l6AkkFxaxRGZnz2TQM_LQHX8t4uCk66HvsMdNDqn25Hje7j4Jv3G4D3b9BmloMb4oHeQHY3sWtagl60Twuaixyr33pPodZkg0o48dbWtIpO8ZueA6zpZyCIQo6SNwyU8&cid=CAASFeRoqM0KtZMU30H_mv1wrRD2bO2MEA&rfl=1%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b1adf4146098344793659a0a411837b576e3428ea96c075b6c6672d6f8c11e99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:26 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31059 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2AFA	42 B 173 B	46ms 39ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BrHi_mzYo59LyasnnsXlxHB3odsBzHkwjUP1ynmBeIPpYlPhoUcH9eB7AjYjuD2ipGlIou6OU2rSAbhdPy5jMucgypyyVMN4UL2BrYzFMthmXrn1M Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 2AFA	2 KB 1 KB	310ms 19ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:41:02 GMT content-encoding gzip x-content-type-options nosniff age 324 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1337 x-xss-protection 0 server cafe etag 17605089983984592854 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:41:02 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2AFA	119 KB 36 KB	339ms 18ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 11 Nov 2021 09:46:26 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 2AFA	15 KB 6 KB	302ms 12ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:40:16 GMT content-encoding gzip x-content-type-options nosniff age 370 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6461 x-xss-protection 0 server cafe etag 1157727964977547826 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:40:16 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 2AFA	0 0	21ms 15ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwEDd2InCV1ScI9Un-Xa7TaKpEZ-rYq7ptIC4BtEB1SO7tFtoAlwzO9gpmu6MJpzvp57IIMgf9hv6dRMBMepvMFwM6yA Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame F590	624 B 340 B	18ms 18ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwsGkuAEwAQ&v=APEucNUcqF8u4aDrFXvexDaGQqWF_-QG9P6TN9U6_ILxVfj5kCkyItVcBZoncySqaBvvas9FJaWj5c1WB2eQDW7-ykaZasHgNTaM08XVhSEw0Turstakihh4IgkKBLYLWpKJ79YicXwY2BbZO_XN5kcd6WMgtYemhddYKDWMsLVY9rUKU7BRsHIWDbfVX2Dge7svEGJUge5nbMkoGCnUC-rVaG5mG-1w5A Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Thu, 11 Nov 2021 09:46:27 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 4319	72 KB 30 KB	53ms 53ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4Kya6-jheDwapP_huYD_5Fpa-yszA-zda19OAk2pgp_1M-nhV0DWyqiVDdoqJMGzo-mOFE-zV_nAtRP9CtNQt7VKCKpyaL4nQwH9nXAZyxuq7803h_eRWDbF2zrGbJFYNhgSccAqTPZvtKaK_ZoB_wAdQMg&dbm_d=AKAmf-Cbd5fBBW_t4RL4BBEikl1FeEpFtiZcrGBQZV0IE4JyTD8mj1_CjoMyTsCsi1d8rOP7BYjP5iRfvkGtp7m34WQOPV1ccq_E-XAP0o2sy1kb9KrWbVJxUa8V91YsIYsMH2aQrsc9UBx_NVxA05Qhnr-WUFOnmhQqwXwUaxE0EqfPPICEGVQe2ErLmrYY0WLTaeGUJD2gVqSaA4uW6dkP7SyxW7DF_SA22_ZXy8mawjdj5cK0e-BPbhCAFCLaoh6_uIPMs8oQlNMGDAiWsUduoW2QmNNnOJjNKOHMNzf_niN9C-ugzmUol5T9EL9dsnmbM6aGKTv1MVCUkmP2X_M0F7mBOVOk1ZiAlG-q0r9i4kj96bE17QJsBiK37Z80JNrP7Am3ECQSxpduKg0wVOu7qIBS95x9HbIlPyDnRQN4Gy4AbcFggQdrLrcMe3-Z4BWnCphBobSleUzLFWBHx0KCeLxG4crgNKLeeCHR5eRDeeHkbDOOY70MeENHXiSMlZZiFVPsaKak4iMRokcgTMuLwlUAw1ZTJkS1vb8PxBYJc_Xk50cXyFYf99ddho1oEtGVXdJkEQvB50GuO7Z9bNn87Qi5Nt7ZSgQ-pDMNw5UjnYRz-ZYQhErSxhEtzrfIDjf4eC5k0mzKMAFPsZke6AQUTKWRkPajUWRJuCXt6C22XM_PxSmsALr52l3INu1t0BEWG798367AclxS_N_APl2rRMkIAuqC7pVulRFpkk2PmwVTcFc87baz_Ahha8yo7WX_Fx-E1dAzPq_FDIoj2lJFfES9KczFaK_u1TyTK1BahnDU3BfV-BkynjGL8iCBaX74SGNHM1YDfDJbh66W0JW6TwP--psO872_AucJ0HT2kqkEEUX6A7foRDqwnS0JEL1PpxYcex-2-50YbjGNsGCd9e5cFEA3qwHkQ6s6tIF6vWy2QrDwIQGiUy_AUjfbIzNFQllrw-kpKGssIjNW8DTYsidDZSkO-_qd0hzzC09wq4EaT_h0STKmeyeD0FHy0AhmePEpKC1OQJ_36XsFI5q_4BnjXmsGYuQJ78ZLwbdh2OHvB7H0NPnNKWZ2WCxGTQ5xqI5UFVRx1wXbpg_FNzMMRhdLDiH7YUpy6cLc1Xsk4Z21OVpFYw4IJxI-VaPCQNq38mCnZgLCpJ4VizQ_ZRNvkdaZZdqoJlXJyIkaXmJnp1-MSucf2o1sTyNOuLISosrGKGgSfzVi0TJfME0Blr7-9McBrfji0imdJNxx1EHU8sGOQpk_6CA0Pm32wIlLzjjNHZzDoivsk6H1D20FA-eCwrJKa0CROZUwrcXEReTpnP1FUtHpLtwOcYUOP4trZZhUT6EzFhr-nj1pWy8zVp4Q9v2il5GsaCj1zx3P_79cLPtdjtlpxsjifWXJ9ccGbkM6fYnC6FbTj3iZtYSyBy67QuQsIdH2ZSW3aZOJG7x0e_Bjj0of6Jz2ceyRbrUjKABedvUdN3lWErNd4zGC9zC0q6394J9W4brYlzWW1FtziFQwN-oKoD45b_co678JuJnlKgDKYGm1o-lU_vM8nVJLKpdxKHuaKkVkbfNpxgJWjE_PImY0n_rmbnJQioGL9sszfeAQtwE2qPY9r2VjnSLXWT8FJaHe9khJKFyueds7RYYylSkE8mcwgaAQBmB5layla1AqrqQfZZhS7TQkHbdxRfKBgO68ajozxjKqEnFr7BJeI9Lf3vX70Z_R_5E7dmKHowRumSDFHvhmD8AaBfS2_3tocBu6eT1Xbh0HgnczZh1MnZkmr8CS9t0hceRNjPpz2rKLGFsfsSdq8Z1fmDyCuDP11UeU4u0sQcSi5yMPZ4R7ufeGr2k-GqHEleFDuYbSkTmt6yJgTvoL1_ST_eTV3ua5ZmTVFNGaEzz_aN0KK5wbWgkx_l85Equ9dqtsKZNshizlyHbOd4z9Sni7xxX91H2I2YuteS_LpgwVDzWtIGu1PL8x5_Q63rV1NDCKOU2TgrLS8z09T66V8gsF5WS9fJ-enst5FMDqlxwtOh-vjmJlSJhOP7x2CTK5mDek0VoUkXvOcB3b-U95aC0E8zDfeaUQ2eaBfnMHeldSirVZ6ZAVqo8inPV1HGim5OjOEuPGKKS0fwLdQSbk6VwJFbOgHHCk8SkOCVTHwResV5LufvR8aFsycmCf5w2kIFJ9dxNa2e2M9KxjyQRTh9_G5DzRR3JU-9bG2t0FWPiXxTD9dmP4YW18kUg8YEHDDRBp-yd-XYXTYUobmoyYXEbzIrAJkezscjjJ5LM-DzFWqabcTHvErGMHFA7XrAXT2C739EnOp8-IKGqV6PhV40kh_vFWZxFLxmSCd0yrD0mRYJ-_tEW91S0GTjTRjIM4WcQN0XGXIIWBRp4X4vEYzD8ae2de41CCh4MnnZFoOFYODsDayS93Cy55g8ACR2u5_7kVVseT3P1Q2_M4fAtpxXP9FUakkpiSw_3tBDpk8RxzdYdVfCDyuI_WIHgbzncEOMnVcTYV7YOo6T5cCGHdkFbsLMTouI0TEwQisRA_rvNmmnUp_kQ07Ol9Xz4MT-0bLaHQ4PpiADI_xAMSpwOnptr84Mhrgy9P0fE7rNSNsZXgtQorj9iQa7J9iFqdrS-Fs8LO7AYe6NUqt0vKxUVfQK0ij5Qrl0M6nVI0jAp1vqQbAdbQRZSqL9M8Uz3p98M5AQF-MOQpzCh4-gme6Uie9MzW73VZdyclMNLud2uwX_thVuHhH2KZT2qIdmbg02wJ_RRA10rtwqF1BE7EVbOVuvyytLKZ6BLRoWW2ZYk9zozjblfT5tMpcruRY9SzzvLaGMABlJeY0lv5MoF4kBEjYmgID_wbcCv9fZegOqQbRxBM4Qv1Q94qG6sRn2A7RSbSi02_keVH8mNUW_RH9EKoPET1PUcLueQKu171VXc4RULv39FjFaMMf8HL16Az1K7BTQuLbjZ5TgleAuitOAOE2ZGP0GiXppdT4vsZ4yE028HDF1adS3qcZLEtZRq4GM9MU15DdTHNIAcJ7d9uG7KBj7b2fG_LtIkMHfaleQ&cid=CAASEuRoDim88wNVgJ2JqWa6zGAQhQ&rfl=2%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3f99e38a34329b2c3c8177ea8bf5e083326e392448f1e978dd261346b7b52146 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:26 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31077 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 4319	2 KB 1 KB	190ms 20ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:41:02 GMT content-encoding gzip x-content-type-options nosniff age 324 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1337 x-xss-protection 0 server cafe etag 17605089983984592854 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:41:02 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4319	119 KB 36 KB	236ms 36ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 11 Nov 2021 09:46:26 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 4319	15 KB 6 KB	182ms 12ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:40:16 GMT content-encoding gzip x-content-type-options nosniff age 370 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6461 x-xss-protection 0 server cafe etag 1157727964977547826 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:40:16 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 4319	0 0	15ms 14ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQx4J1yCdd579eEe6hRsTs4euA_Y64Bh2H9jjGspOruQhAcp9bxc3gccFBEkuHEUBajBYH7HLG5uKH0lJ82SGOHOax_jQ Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4319	42 B 107 B	40ms 39ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C6aMQNhXt1eW5OIYZcqAU17d3CWaD8mqtjuTgCCc9CgskiJe3gFqHep40jZyz86UCbT-jjUaeid2TgkJb9pNdpwDnEhopXjgBl7ATl8l4t2VLoywE Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 003C	624 B 340 B	18ms 18ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNVpV-NVy5x0kSOuPzPF7P_w8ts8_k_6n8kqPakQ3B5QSEi5ThInE4e34qtHoeVVpjhvLvvIhv4eddzdJM8aPujcRN6wwzSY1HYm9O32m0IMYRh-9giyPsC5rtZtUtgW8fK1tQiyXzP4hm_ljoVrvsavBzaB-Vyef7SSYEeKZf6F4z-anFq58dp2c1oE_v9ZaimLwi1RD2lVYbONRKQ5lySdsj2b3Q Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Thu, 11 Nov 2021 09:46:27 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 8C68	71 KB 30 KB	46ms 45ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AEJTru32Z-M8TK7W6pdixt4hmUyoC09ewr_n5jFeS2Y6jiT6fUscvPlyrnoFmgCa5b3kqkcb5LgVi3wZBNO3D7QLE5hls2dEHVspYtmjZFmjWnNmxX_7wD0CCMplGOhFEjY0l5Pkvhe2U1-E3MP0k3kvAAcA&dbm_d=AKAmf-BDn1lQlQN2ea0OJy2MTNSJDUKsdpdunByzgSMNikrVDNQmMCQXbCyrcwI732_THHtxFqQlRbf4H3HphlbxqTESJXTL-gkVouDaSmz_yt2GGipmVh7n769xl0ml7A4FL50cZQi5jve5A6IaBPqlInXhDC7Vt2xpQ612elHUpVuMbMnJxy93_wbaiZY9aP5faD3epFpjawXh_u4cBWYxAkLKez1n4ScPRQEBYjcPb0CtKYOsJ350PBe2L5b_wYUAnNnZGJizLUWk5c-nuC8YpTxPua92yftqsHV6AgTvb3HapTsjBKy35g-VDedZGfcDQQtApLosAflsbx4myXM89zE1cgfC7QGBHHwbYtieLDqODL0wisXDkvuHRT5zrujRn806wQF5xMYluXjmHW2Tx8V-X3elU16iliDRMUyZannnWD6vuP30Xy7xAQPIBvtn0j2PNkSmf0Tx7oVOtKmH1QI8gitaCI4jVplX5n_mMIhDJj1y9fDKNjG1PeI7P7Lk4viHsJwi2J5wronhSi60XqeRzFyCOhADjjU6ryoJpr-s5RK5NaLw5GU7NMr_G7Cd4XkMtCOC4O2siZNpDnCXGFMkqZWhTe_kMtWmp9xLyh52eRn0ccWEk9Ybyxz4dmoMCf51Zu8WUtWQ3lkd6cyO5MegSy3EW4ZVYgsHNMTvpNpknIlbC2JmpLwaLSCGpLSC-Hw_agtUPTBTrv53YbnENE8R9SNdoaJ9q0YmFLcNR-pjmAEuyRfYOG5zCH3pfXcR65EjafB0YOI6Ktb8153vzggZYf8dwArI7dic8IWPfWCjbJKvTF8XGp7WawiSsPXQyBAYWGFi4hl98w1QT0friAbk8jdH7N9EQQyQExYh2JILzaTkvZuVwYVEX2C0-X6QRiZv5oRVrJR7V4nxaF6y4zBaGjQ7gppX0P8kxqN6CPtvrfXy8cwCOik6RlL-0OrSr97Ww6FIlzKRumxOlOmtcDdoVM2EdlpIVUNmnJpcykemrg_YQzhTLC50nT9hle5aG9w5XrcWNQsU2VaU2aJA1UJyEK0bMokGE13_ko-rJ4qfSbPVpIgPnHAp3wL47r0bvtMqQUr-1nF28lSKEPuo0IR7nmcd221jWTd7lDbz-RpSlsbDHKXFBKpb9B-El-ftIu3PYQrc2QGepqTPIMSkNB87sL5uvip4WKEBtOw1q88j1AlALKoYBLcI9KIjJ-0pInzKbz6c_jDSUDb06y0hfdm580fY_FnG4pGPDKwDlL7KX-tqcyx6fIxFOeaJLF3GvElt0hPzLvChh_9lPvAoblqfUygl-dKbJ7YoyX_pEw4kR9w6iibM21lZhf84iOYYabnLWpqS4ZnMm0nWXjbZHibF0I_O8dR5TXIiwt4DhXrmybEVd6jrjtrsb3pIg_FsvkMpNvUKQ6ErXPfbYcWhr0TzJUFuowx2r9oDs0r1vsdlhBompMI7K52Uual3RXTWHWC0Qck4VaOs8sV5yAR-nKLguCafGvGgMpIwcawjbrZMmuTkcADBY42NG6_Lyis2YpatDFjSiVGnL-dKFuTiJJARc9A6IiPF1fsvZ_OUVDkejqv0L1zxDUvMPUVJhwsZxuY_4JY_ZWcCfAWj2yu-XenFZUuyWdvwCmEEHcdkLZroxRDrP7W28n5CtJ2NpvyGIvyCnXbIiFyqS376vQpNPuEi3ZbhhnutGiJWdENJa5PuIgTth1TAD62YQsn7qRBN3gLedxl3MYK6XuiqbIdxoMEJI2OMpsjW348YlDC0B1AUom48intd0O__pdT20i6o0vJ3Uid8TPZiOv5KJUYIAlGHnmsTY5Ozhzh52zJlYkRNPSKQhrIrg0o-r8ZWHDFCcMVeXgPcxjG-cE7UcWflnPJq2gku8cki6xEyFsWZOXab2ZLrVFzRV45586K9SgeEDN9M0jAyFdAmnYE8Dmub0ds4-fUdkOydy-HdPgqRuZ2aHCW72rvwDNHk3ker_LpdiFproT17c1xCV-sYC-4X9LSmaFZ2CREaCAqaEnHUHVks76e-8s3aZQzlS-iIYQmHOMAMDF6kv7-xT551Mr3bNSgYwJCAuz0hPjLHlwwVqJyjXsf52H96-Qx2vlyWXus_ZV9yMc0fYqBZZnPim6f2nokoo1gVZtpiP-YbkP3yhUDmv6faw9JysYOCkjIDoW2R32DA6jiJQhdrf8rkmK4jEpcS_vrIb9qX-OwLgb6XRBLg6TSJ35Az1sW-XpoclWpiDQ-6SHxJ73eMEF0hPPFr57nRjxHSYzNHUKvKTD0wjZ9CH-lqpzvAZ02l8-Ri6uRcqJhEkAMSGFPtkEyZx1jVdNqJrz11MKKxffwb4VCoJdbk-ZN2ZLpVera94OWpIs1SfTK16a2Fh693f4kZ8CY1QPo16cE5NMBymsOvz_uMALmpjW2QIuXAYcguSxrCSJWtSDiX1mKSI-ti_6V_FaSgx7cvptemCbb1Y-9a5NojNpPUeeOdEWF8b4p2jOaFeRnNSvkkJGnlylGenkhO7OsjkVpP6iaOIccwG3eFLp8yCfuCbtHHa5rZ-9Mn4u8iueadbi9AIfJr5vnKcVa2mdzuPWR961SsuLwSCBgkmAxzy_H6-S4Fg_mVWvUeYceL534qygKHCzzS4vhz9dBCwpyR1VgI0JL3gPACZJa17g5c-kN4QL0kK6zFLmuW6sETyu_nOXUPn1cGAfK1y7Kb53qhpVfpaH8FOlS4At335CQIpJysElpqzCxenYpfwm1ZwNHNhNrVzBOE5-LOkSpIncVRXCqQUWkNqfR00AojF5Z4APEBJvQ_C6mfVRf5_NiVk0Yj1CdtPO6KbuItOlEd23sFXheBnagKvTDUJBWcgm2LmLhqfzfandxVs7Gsz25QsvCY674RfTImtJQ5ZWm__6BEprGgTb1gcen8htoUIqtFqhX0lSGfczae_qsgQn5gPSzicUCFFiEZrWa-p7X1e_J4SztfJvuQRal8He7wgmx_pChgVQytenLaxcT70ePqzRxzXTJpp3L7pC6LRFFO_Inj5Wrduv2A3xfNLYvigMJatpKbZ1DpFc_y-4JB_4rVFZouu-KFwd5nHwcQ6uNucuqY76AO-AGaZDU5FKGw1YQ4ENh2TNOM7GV6kyz3Fw77gxG0cLtT613zqlar8soda9tbhWxff-MFpmN7vYc3smIDJKMFWUF_6wbEYC3e4kIQjz_jlkPzX95Ea95myCWGD-dSpamLKMog0o_fa2NK-vOdzuHYSMOekf4&cid=CAASFeRo4LHQur9bQqOFHKtbi8FHFN9lLw&rfl=2%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c24b64e9298b92792d3078ad79e8cc866c94227bce08beebc15f740b3fc6e0ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:26 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30999 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 8C68	2 KB 1 KB	151ms 21ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:41:02 GMT content-encoding gzip x-content-type-options nosniff age 324 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1337 x-xss-protection 0 server cafe etag 17605089983984592854 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:41:02 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8C68	119 KB 36 KB	196ms 36ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 11 Nov 2021 09:46:26 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 8C68	15 KB 6 KB	142ms 13ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:40:16 GMT content-encoding gzip x-content-type-options nosniff age 370 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6461 x-xss-protection 0 server cafe etag 1157727964977547826 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:40:16 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 8C68	0 0	16ms 15ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSS9GI6BASPICVos4YDGIq8qos0TGud_py2Irckfu4tHCfIaatXenFRhsE1ZilGeyjf9psklCE7VRPZi4cTn319BajOYg Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8C68	42 B 107 B	40ms 39ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B0ugQhijvLAuGKZQ7-UIC4--d7jq_7oUXYjHOrpwrdzT58uqRncY899pInNmaaYfros7Lq7Nt6pEHiXgOrP74nFe-XYtdJs995BbWS181GZlcul9o Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 8B7F	624 B 340 B	19ms 18ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNV42Nou9cUkUyHBtFDMDNCKlN1QdUMNlxQpdq3EOxuGpqZRA-PmO-AxBHB_xqN8a2b7vb3ajbdj4RAWrX8Ts4jgb395QD6GSqpJr-Ahe2Fwy8Gmp_0xAtiEcourLfm7pgpsqtpYwyTMNjaaqQ4z81c7bqvZ_3Tl5C3Up4GUG4EeGzltwi71LhfftmanpacK7DqHl7_1wC6eEzwuCr_WnebbgBYuKA Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Thu, 11 Nov 2021 09:46:27 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 7ECA	72 KB 30 KB	57ms 56ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B4QdpSoSG7rS9gnUXav5Qlo1oUYR-CdXtIid5w1FjCpoQzBsiw5Ak6pvnpgU1mRqOz0pdk1M1v4ebVDBcq9CL1buxZ90xKY5YaQ2fihQC2qPKKJEkN63iAfUUUb3fnmvd8Q7hJOWg2lYMaCOxbIlyY3uOrMQ&dbm_d=AKAmf-A-aGdyTQwi6SqSDYWxvqx4oT6nXTPuHox1FSTjnNmCz-fjz6xiwDpMRuOgAFK8nC3Y3wqgAt50kWCEqQsvWJpzMbeKcHrb8XQXLwuoNyaqMxziyJ3VwdX223itMXypeR0rid5qsUwv5YCTNrRRcdDGdB5uPE1qFJIuVO0vs0vAwv-ICXyAsC0v9Uve8zq_53f_4fy5eiBD0GIqfE8zkFy3DLk5GvzTsMgeoSeNPOASp24Ipz-hPaWdGfikdfzX-ExsJzXjeBxqvDCT57BUQmRA_ap4EXWMuTFLGdE-hSg41lEhg_NVDRsE6per6-c8HIbAJAzl6ADKuQ7jcWnHGXU4ouvJJVXBZYJASz9ppJMSheolHS6tKkpTmv6O3nUReiS-KJ1pDoBaZTOIWW_w6yd1QHMhiX8wWsmhDjsmJEqJYkCKA41L3rVGaoFL34g715S3uOEWbcJJ70t4DTUj89-cymSjNka99ZnyJH3lOW_aAl8X2JMVPyOgqcHAaUYVK0evDic5lSTMtAzjBGA-bFxk6QjxEQWRGnKFI0KSxaEAjRqUnSd6_ZE05BnJ4KUaanJJuyXVf1Rbsr_x9LESWKo_AmjG0zGH---M6mJTShhxeOa62FkyidILuZP4zUJ_icQgFlpoIb5ft1HrPmZqoNLGIWL3R6lALzyXZmdjnBlc5evDN5kOFQSKa_MaEK3TOhshAjaBoy9ve77ykghyatUxsMDCw51w2vCyqKVy20KddZpTuBnCFb9MoXgzgqyyhjoAdRV2MCd03Yt1s_47a8fpk-ZNFdIEBdLQbD9aQ9EvllLsGMp0t0XaTiQxbGFeHFMhf01b4DHpzOoFz80j90t3XfH7nZly6VPnUMerj4f6Y9342bEO5eNV8evkGR0jf4NmHL8N-boo6xxHwD0dorXezJ__Brr57C4Z4VboIcnyLiIPZrsEFU0lxhfQREIo_K8JCJUSO-1miFcWZJ5whZxL5h7aG17TW4HAmgFMO-JZEw8spK3i5cykT03TkU410M-lXG_7MaBhS2rSx_kJvxqlIZl2skruxTP7VGHoj0JibvDGpTm7_5sD-M_tjfReSlII7clortKTsm7V7Fz-ma88Bi25D-Rm6L14GOvtEVEdQWsIE6PqTYBzbYG8Jtm6bznjbeCGiRx-rq2XOfxuBMKyPXTNQ7nQq3edyHGgVWc4RtHoPRFpvjgWARYug97pR3B7z38UKporGL38fq7jYZhsgnGXRaTaIRsYMQzpSZmP4JRsOgpLEH8taWC-xxvhej-8urPn-t-crq1ghHErj108DIC0hLpUAUp0U96W_Apxw5IFLRAHOj1euidPN21ClivUTxu6OmWFsZuJe-k7Ad5SriPRK4Alz0WqJkncsrJScCUKhJ5BSjodscWNe7vxoQhYec_rbKxQ5pHh1nrcSBeoBOj-izAjUEhybCxt6aikU592JwUamUbNb4x9_IjEWZOn435Qj5_n8FlM7BzS2FWuQuWOwF6HE1cu1_KRhYZ8rtZ-C5y8MnTNEmCkEhcecd6nSYgDVmatigsA6l_wo1x0RfbogEPoq0mscxi25KjreFt-FjIVMSAIydRlyALr3NwUNlZ_dtVFtlNqQmfillnuTdCbLJip1Rl5YPMaQwOW_YiMHfoHbFB-MRJpNKBARaokSuPpIz-cFvVd6t42wccI3Ndsy_EOq2OQkvDby8sPZ-mbLzP_dDiA0EvrPmz77rAE4FpUKLJFOgHrLgI3HHORhQNv28VTz-J6WNi7oPEENTwznOJjZTQ0V9DfQ3Y0Z1kYuLq8bQHws14k6rlmG0_nAxa_pV89xngz5rEmYlZcXALSD1m46qYS2bBy3BX3gWAjv7K2qhScSAh7bQz0OEcJt4quHxipF-N_14uPD32c0rzcNQfxjfbIv-W2zuSysP1ph4u01roKeUq9nH5C6c9eop4QsXthfXJ_hioWchgyKgWWNtgkbfhINQZwuIrRcgfbe51Ik_VK9K92NWoSafLUhgXBrQncUJBsM-GEGtkk9CCVaMmbDqV3x8gQ-u9QDTcUDX_q5I_Ec_wMlH7_HDjd1LB4HBLLegNonKtIC0MghLi0pexZymzLThaMSmzZZq0ekvqhdDS6rFeMynD6gLinKFMHQxCQwiT07-K7UCuqadMtFOR3mSFXVf-HS_Ot_6wNAZQ08S4mfFsF0Zw07MxYPgfT7zUpOEFIrmOHptPYbACGS8Ja0Onbv3-JhDbhMnHXB3V0q5k3PKPQ3eFJzbVZ6i07ctaFOGC5cPtrB1EjYAr0VqiIw0uTx-sXirIUxUUofckzwvC8gxmFxuRCL2VswaoHhkYCAiE-PvrpL7AT1xjKgTt_W3dgpJ0s5FosELEpCDXgKVpYjNViyHMMGzaSigEQpnjGsM_sJmg2WVSMlnEmZYBWkxsAMfY4OxoVEkdfIn32mXeRTzGQj2uk7eGy0y_5BHWUHZIiYWLtkrCULX02AsnXUgv03ntXua9_3Y4DvNlwJT6j8iRee6rASJbHBqzTakCKQcT0Buv5nyNUZOIJLrE1S1Nts6DUaymJjmGuQqD26FmNsxda-0p6fPyk0e9HXxPLprLGQcgS2rs_qGQO5PD2yC_M08Q-zQXOz9W6TuV-CfpWSkBmSv87bL6DWO-9sx3zKY2emeJeKbPmx68vVVCmNyQbJFPlHLZy28EkX6vUceoqiNcpG2ECfwDgIC49eZEbE-VUUJTvz20R9rHMqM1etNNKc5c8UicXDwF8_vnzXC07adCVHbj3FfhLYftHBL8grtqLo6h12gLXEVqgaPgb2zArOljVkpfV7pOR6clbdVyS2j-EZP6D4JGhSTgJmzjj_lEd7MEiNVA_1IPzLO_0Z7g1S5BglJUVXOY9Htz413IiE2xUtjdheg_KRYwj6xgvS-UEyrHZpvilmKZOhaA9qtqT0tGh8xP5Mz5agkzFBG7bj3uUUV55_Djof_BkY1StdZt0q8XGYgDudUNL0TKrfNwfReafAZDNsSnsatlWdMs6vTruN1WaLVTgyewVWNgbE_jZ4huVZGMWVuXnuEM&cid=CAASEuRotZIG2qCeqVpKPD_hvRqLmQ&rfl=2%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d4ccd8af31917692b20707cc8bc1f1709b06017c462cac7455d011a4852bc08e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:26 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31078 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 7ECA	2 KB 1 KB	129ms 14ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:41:02 GMT content-encoding gzip x-content-type-options nosniff age 324 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1337 x-xss-protection 0 server cafe etag 17605089983984592854 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:41:02 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 7ECA	119 KB 36 KB	193ms 49ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 11 Nov 2021 09:46:26 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 7ECA	15 KB 6 KB	125ms 10ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:40:16 GMT content-encoding gzip x-content-type-options nosniff age 370 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6461 x-xss-protection 0 server cafe etag 1157727964977547826 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:40:16 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7ECA	42 B 107 B	40ms 40ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DwCJAzwlLNvu0TdWxUm5W7690oZIfdNgHO6U_RVlBF0xKHuXRADA_gt13pbDKZitpjwuIUeCI0E95N5mlXpvlp2u_ifQcVID5fjZYRHtaJFXMEyg4 Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/2687308855344198494/ Frame 0CAF	3 KB 4 KB	126ms 15ms	Image image/jpeg	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2687308855344198494/downsize_200k_v1?w=195&h=102 Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4bd75b688f3b422da943583e6435074d8be81934c2f3c12912d788bf59483f13 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 09 Nov 2021 18:02:26 GMT x-content-type-options nosniff age 143040 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3396 x-xss-protection 0 last-modified Wed, 31 Mar 2021 14:42:00 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 09 Nov 2022 18:02:26 GMT
GET DATA	200 OK	truncated / Frame 0CAF	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 0CAF	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1a46312170a946830bb43cf3cd3f0be574187be0de9db1e4ef4ef9e1bd730869 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H2	200	4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 fonts.gstatic.com/s/googlesans/v36/ Frame 0CAF	21 KB 21 KB	309ms 7ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://grandnoticias.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 02:15:39 GMT x-content-type-options nosniff age 27048 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21660 x-xss-protection 0 last-modified Wed, 01 Sep 2021 18:07:18 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 11 Nov 2022 02:15:39 GMT
GET H2	200	4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 fonts.gstatic.com/s/googlesans/v36/ Frame 0CAF	21 KB 21 KB	310ms 10ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://grandnoticias.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 18:21:26 GMT x-content-type-options nosniff age 228301 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21424 x-xss-protection 0 last-modified Wed, 01 Sep 2021 18:08:24 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 08 Nov 2022 18:21:26 GMT
GET H2	204	p ic.tynt.com/b/	0 227 B	113ms 113ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636623985308&dn=TC&iso=0 Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	express_html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame 2AFA	106 KB 38 KB	321ms 8ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Origin https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 14:16:35 GMT content-encoding gzip x-content-type-options nosniff age 70192 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37892 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:52 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 14:16:35 GMT
GET H2	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 2AFA	8 KB 3 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_Vmjz7P1jPuJJBMJymh6ZNs_ALQSfLETeV_jM6EKh00YUu6oWT29XItCapywJLm8WsLXUUyO2r9HU6NgLDpQQImVZabRWEbuTV2nQeDXwxCPIa-ryhym8muTUekcQBQUfDqHdr86WkeEgCe0WCOwlVQwsIg&dbm_d=AKAmf-DT539B0KU1zm-IC_5iDjP8c7ia9Bl1LCAnXtdr5llx0V-ITB7yWa_3FysOXayC84L9dgcCNqsmcbX2UetEKH64jD4P9IH5p6IBPtlkL4ETI7JpcV3-AAf0WLdD5gGncHSQhfGWnkG11BpiqDGECzTUb1yLnvNIs7b5M4Qpo0ngAA6uHQaNqo8aDy3mjzxvy_zMuU5C66A_jybMfFOPvQQD6dDWYQSV7GPlX3m6Up4xoHBavATGVYxta40mFWYwVS7UybplSFPcJ-JQDu2I9TLknVbksXhvbGcDIis3C2-vF3T0Oo9cL8GtGh2YTcv1ykTbflejVSz1e800gNpUHzL0C_2pStrfq1F3_I9ikjJ-XqXN2tZHgdKCEmVIDfIREHaO2JWEDFMl-9fxGIbDCGTeE49piQaZOPHkxDe056UmZcdwk32lmWE5s7YAeoeFn1TEQrzYRi1zm2z_Hf39XxZv0Dzu9ICTPt2m29R0jY75amW-EjObFvM3idLL5sKRbHnAHCgElpM2DEhi_bt-ce8IqOTS_acig54AF5jGuVuJdaTyOYS7ijJ0JytvhlpgLjljaMPsSz9BUNF04wcTcr1VirDlGevs18UAM7DPgYNBKnUYji-iZtHWIQnhWRnpdZkyFfNkDh2glzP5jOzRRqr6VJPC3B8mkRN_Xt0XZOW9Ldxv-6dS-Ui_FVi86EEyTiBg2nBlL-jHr1Px2PG7ZNE-GS2A1bnkKNe1w-47uRVNpu8QNB6Vwf6mhBGObtY8XnixgkJj3RkAJSsPd-VN7u6JLbla5XzbxPvEXDW4t0GWjRbf4E7_b3GcyO4_Mh5TfVHlPWXIML3_fK_BUKwfMSdFZTk7NyMnC2Khdy9k9T4Ak2ozf2PFcNMk8j6b8PCy39tgimOzjPp9Xv1WQuQ1HxwYeEeQoynWIdCVdlj9UxYwEp7s7DWMDCWAXxMZ4YfLjYgZx90Rukd26TPtHWSQWCsi3A-c2tt48vOZ70Uoz7daTQlHONu05OPvzW0wdjb0ixOmo5dLz8ebgvTZLim-pjQIcXSIonUCHQsnjkupkP2Vpn0ERPbi1wGSsbqBCQ_yxp5rjV5vAsA-Ls1hO2XMD6h3-qj9R_b03ZvXL84Yz6wFLVdq-hpVr3WDIb0_LUUS7tFhk5sygESkUVx1T0-LqlCa024gM-GJKOX6matZjZnZH3mYCrY1pJhi5dnZoKdclWMfSvhQdZOVJCxVro5Xl4yMAyvBmt7-4nKeQclVRn-CWFucRkif9DtMn7KoElYeaqozTQWa2knfiOF39UmJtmNneyadqqu2ZEy7-GFZZAvFL-CLiJkqAVntf237vbcnIiP9cBPL97Q48_KhxWgtgWsZhf7vreZP-LsGzXS9dPIp-BiAlD2MCcbAWkDXj4a3BS0syVotLqal20pkm8Ckh0pkd7ca5Ag2XadAZDRLaVuU1VsYeRvRH4Psqw_Cq3I1yvBtlocc93EtXJAiKYFznkfhMLJh4WnjhEQC3J_eYFeWhPQU2qtSNRurbrqrgunjLvOzT4RSMhlp89HI9PFjWtBb0iuFuX25Nn71JhmntF63GgA9wUeodjbCNrcSFmKwB6MGuHBim0Yl4BPp3NqHUZC1grARsp_3nKqPzepielSIlg4p36_De_7ZLL6YOEGBW1Om3w2JzIZI-84BcSuydKEHPr2VqEesDP-XrPVvmAXUQ8V06f8K_Yp2txBUVi_xW56D-vSTPRYPygTSZDS7OD3R2WpsC9YBY-bOKS7798HZ4lPiK5VzyWQKKy9nJGeKLk__ocmX_bptAp-b5Rg74ieTsjS1-YW3fQqzbCzBtKPJkqQZbsrB8EJwsYpnQyuhWZdk2SykwEBWhTFYgCt1KN5pP7nJ5TylmGALAxfXLCf-f2Wm40mVv03mZ3PrCxmMnMCKf-FaQI_AurRM_B4bfVXlvzUUPfwLzzlsYNfL1gKvoeaXBgCsmuZVutFIDZiO-OFyYYcf9VGhyajq-WJU_awVsIb7vIiMz12i1XCvXWrxCWOl-cC3tF9qeu3FofLD9rYiUJVoUpc5nQdA8_NzsYt_O6mnX-DXM1qNvlaVJr77CchpakV7If3lSIdSbcD_XT5FQP-bvskUm4WsDIgzB6mUZn2eeO8MKw9zo2lNmcK3SgV_PY3e20m6ygGavATvINTSIYqsFPVL0m6DEnW0jYZPWIbtSqoAOPBhPNvBRT_avnbNiZphbFRfCZDYuPhd70FcMdYNMDU5dKBWazhvAWrvEOkIeksx-zqX9j0l8jOZhbQBkVNfNmhPSaP4mbjTqbY1aOyPWzmaog46du4fU12xYBqqoKDXMjoXyMs0gq0G0J50j8eY1zmsBUwPmAz7SzCvseiUbxXL_sB0UvwprNQlfYVFIDhTFnSzJA_3LfMZv4KP23dF-f7tQvxRI9e0qjZrJtg2-2NoFeab1cJQk6l815lyE2PStSo5MeVDf0r7FAhGHQGAPgbAgtvVQ3kXkK_CFJpMwsaDfhd4a_kYGH1Ym0KbcPuZwaMI1DsD4A8sdw0CWGOtxlUV28Jwt1KJGbrdkEvtsWD1ZciuWNX8l6Lu3OQmQ-Cbtyzti5D1s8mK7-80XjZApV1WetPjIxcQWZiOwFS6r3MBE5ts0ouUOu7BQSxAKTjzlWwWDwwOQ9vgqYyiCE1bsbBnM6z6e6txDhqMJfzltkUG8PEdYMJQ537_fg2LBOHNdQdJbI4wWxXOCIq4dn8VOn0IS2Qpe-Zfi6o70-DxEgpCdVmhQQefnbauXI2bny_LLLiry6nfRE1b8lvLkOf8PyZm8tU8nQvOP_5i6goAwecPCQceyH33vI9vydt9asJMJ-Qwa0QC2lac0pvaS139soXjqT3tUgLL7TxeaifWnkPFy1YVXGtAHYlUm6NFg_1mBgFoptHg_N3bQZD_9avAW72u0ExIYTC_2NhbVTVtnAA_lEf1PsJjN87fSpEMpIjqxkRhoyqL9kEzf5OnzAQugjoKCrj7ceZCPwVR0zflUKCXwK2zeE-tZ835F36YFjVCgvs4Fr9w7k-_zq1Iyo3-LErEb1eWw0xHskK-0XJrv2Zy66riGdoeCabEADkUKyzUYTJUBtFo-mJEkxDE-P2l6AkkFxaxRGZnz2TQM_LQHX8t4uCk66HvsMdNDqn25Hje7j4Jv3G4D3b9BmloMb4oHeQHY3sWtagl60Twuaixyr33pPodZkg0o48dbWtIpO8ZueA6zpZyCIQo6SNwyU8&cid=CAASFeRoqM0KtZMU30H_mv1wrRD2bO2MEA&rfl=1%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:43:32 GMT content-encoding gzip x-content-type-options nosniff age 174 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3140 x-xss-protection 0 server cafe etag 17163059639670574047 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:43:32 GMT
GET H2	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 2AFA	24 KB 9 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_Vmjz7P1jPuJJBMJymh6ZNs_ALQSfLETeV_jM6EKh00YUu6oWT29XItCapywJLm8WsLXUUyO2r9HU6NgLDpQQImVZabRWEbuTV2nQeDXwxCPIa-ryhym8muTUekcQBQUfDqHdr86WkeEgCe0WCOwlVQwsIg&dbm_d=AKAmf-DT539B0KU1zm-IC_5iDjP8c7ia9Bl1LCAnXtdr5llx0V-ITB7yWa_3FysOXayC84L9dgcCNqsmcbX2UetEKH64jD4P9IH5p6IBPtlkL4ETI7JpcV3-AAf0WLdD5gGncHSQhfGWnkG11BpiqDGECzTUb1yLnvNIs7b5M4Qpo0ngAA6uHQaNqo8aDy3mjzxvy_zMuU5C66A_jybMfFOPvQQD6dDWYQSV7GPlX3m6Up4xoHBavATGVYxta40mFWYwVS7UybplSFPcJ-JQDu2I9TLknVbksXhvbGcDIis3C2-vF3T0Oo9cL8GtGh2YTcv1ykTbflejVSz1e800gNpUHzL0C_2pStrfq1F3_I9ikjJ-XqXN2tZHgdKCEmVIDfIREHaO2JWEDFMl-9fxGIbDCGTeE49piQaZOPHkxDe056UmZcdwk32lmWE5s7YAeoeFn1TEQrzYRi1zm2z_Hf39XxZv0Dzu9ICTPt2m29R0jY75amW-EjObFvM3idLL5sKRbHnAHCgElpM2DEhi_bt-ce8IqOTS_acig54AF5jGuVuJdaTyOYS7ijJ0JytvhlpgLjljaMPsSz9BUNF04wcTcr1VirDlGevs18UAM7DPgYNBKnUYji-iZtHWIQnhWRnpdZkyFfNkDh2glzP5jOzRRqr6VJPC3B8mkRN_Xt0XZOW9Ldxv-6dS-Ui_FVi86EEyTiBg2nBlL-jHr1Px2PG7ZNE-GS2A1bnkKNe1w-47uRVNpu8QNB6Vwf6mhBGObtY8XnixgkJj3RkAJSsPd-VN7u6JLbla5XzbxPvEXDW4t0GWjRbf4E7_b3GcyO4_Mh5TfVHlPWXIML3_fK_BUKwfMSdFZTk7NyMnC2Khdy9k9T4Ak2ozf2PFcNMk8j6b8PCy39tgimOzjPp9Xv1WQuQ1HxwYeEeQoynWIdCVdlj9UxYwEp7s7DWMDCWAXxMZ4YfLjYgZx90Rukd26TPtHWSQWCsi3A-c2tt48vOZ70Uoz7daTQlHONu05OPvzW0wdjb0ixOmo5dLz8ebgvTZLim-pjQIcXSIonUCHQsnjkupkP2Vpn0ERPbi1wGSsbqBCQ_yxp5rjV5vAsA-Ls1hO2XMD6h3-qj9R_b03ZvXL84Yz6wFLVdq-hpVr3WDIb0_LUUS7tFhk5sygESkUVx1T0-LqlCa024gM-GJKOX6matZjZnZH3mYCrY1pJhi5dnZoKdclWMfSvhQdZOVJCxVro5Xl4yMAyvBmt7-4nKeQclVRn-CWFucRkif9DtMn7KoElYeaqozTQWa2knfiOF39UmJtmNneyadqqu2ZEy7-GFZZAvFL-CLiJkqAVntf237vbcnIiP9cBPL97Q48_KhxWgtgWsZhf7vreZP-LsGzXS9dPIp-BiAlD2MCcbAWkDXj4a3BS0syVotLqal20pkm8Ckh0pkd7ca5Ag2XadAZDRLaVuU1VsYeRvRH4Psqw_Cq3I1yvBtlocc93EtXJAiKYFznkfhMLJh4WnjhEQC3J_eYFeWhPQU2qtSNRurbrqrgunjLvOzT4RSMhlp89HI9PFjWtBb0iuFuX25Nn71JhmntF63GgA9wUeodjbCNrcSFmKwB6MGuHBim0Yl4BPp3NqHUZC1grARsp_3nKqPzepielSIlg4p36_De_7ZLL6YOEGBW1Om3w2JzIZI-84BcSuydKEHPr2VqEesDP-XrPVvmAXUQ8V06f8K_Yp2txBUVi_xW56D-vSTPRYPygTSZDS7OD3R2WpsC9YBY-bOKS7798HZ4lPiK5VzyWQKKy9nJGeKLk__ocmX_bptAp-b5Rg74ieTsjS1-YW3fQqzbCzBtKPJkqQZbsrB8EJwsYpnQyuhWZdk2SykwEBWhTFYgCt1KN5pP7nJ5TylmGALAxfXLCf-f2Wm40mVv03mZ3PrCxmMnMCKf-FaQI_AurRM_B4bfVXlvzUUPfwLzzlsYNfL1gKvoeaXBgCsmuZVutFIDZiO-OFyYYcf9VGhyajq-WJU_awVsIb7vIiMz12i1XCvXWrxCWOl-cC3tF9qeu3FofLD9rYiUJVoUpc5nQdA8_NzsYt_O6mnX-DXM1qNvlaVJr77CchpakV7If3lSIdSbcD_XT5FQP-bvskUm4WsDIgzB6mUZn2eeO8MKw9zo2lNmcK3SgV_PY3e20m6ygGavATvINTSIYqsFPVL0m6DEnW0jYZPWIbtSqoAOPBhPNvBRT_avnbNiZphbFRfCZDYuPhd70FcMdYNMDU5dKBWazhvAWrvEOkIeksx-zqX9j0l8jOZhbQBkVNfNmhPSaP4mbjTqbY1aOyPWzmaog46du4fU12xYBqqoKDXMjoXyMs0gq0G0J50j8eY1zmsBUwPmAz7SzCvseiUbxXL_sB0UvwprNQlfYVFIDhTFnSzJA_3LfMZv4KP23dF-f7tQvxRI9e0qjZrJtg2-2NoFeab1cJQk6l815lyE2PStSo5MeVDf0r7FAhGHQGAPgbAgtvVQ3kXkK_CFJpMwsaDfhd4a_kYGH1Ym0KbcPuZwaMI1DsD4A8sdw0CWGOtxlUV28Jwt1KJGbrdkEvtsWD1ZciuWNX8l6Lu3OQmQ-Cbtyzti5D1s8mK7-80XjZApV1WetPjIxcQWZiOwFS6r3MBE5ts0ouUOu7BQSxAKTjzlWwWDwwOQ9vgqYyiCE1bsbBnM6z6e6txDhqMJfzltkUG8PEdYMJQ537_fg2LBOHNdQdJbI4wWxXOCIq4dn8VOn0IS2Qpe-Zfi6o70-DxEgpCdVmhQQefnbauXI2bny_LLLiry6nfRE1b8lvLkOf8PyZm8tU8nQvOP_5i6goAwecPCQceyH33vI9vydt9asJMJ-Qwa0QC2lac0pvaS139soXjqT3tUgLL7TxeaifWnkPFy1YVXGtAHYlUm6NFg_1mBgFoptHg_N3bQZD_9avAW72u0ExIYTC_2NhbVTVtnAA_lEf1PsJjN87fSpEMpIjqxkRhoyqL9kEzf5OnzAQugjoKCrj7ceZCPwVR0zflUKCXwK2zeE-tZ835F36YFjVCgvs4Fr9w7k-_zq1Iyo3-LErEb1eWw0xHskK-0XJrv2Zy66riGdoeCabEADkUKyzUYTJUBtFo-mJEkxDE-P2l6AkkFxaxRGZnz2TQM_LQHX8t4uCk66HvsMdNDqn25Hje7j4Jv3G4D3b9BmloMb4oHeQHY3sWtagl60Twuaixyr33pPodZkg0o48dbWtIpO8ZueA6zpZyCIQo6SNwyU8&cid=CAASFeRoqM0KtZMU30H_mv1wrRD2bO2MEA&rfl=1%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:45:14 GMT content-encoding gzip x-content-type-options nosniff age 72 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9506 x-xss-protection 0 server cafe etag 11173536317444432557 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:45:14 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame D12D	624 B 340 B	18ms 17ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNUQvELHMfI4OwUgSqBvyhiexLOc9hmx1J8Tx3RmXHmmOLq3qQ7zI9PaSMvYhCSPL0ceYhpVfJ34VmCFCidSwyLeOPR1WhTK6yAtXWqTBsUE2gGTAO88Fs7Fsc5fj4UNLrDRKUgp5q0ajVRlnf9dD4HKrnB9aYxzTRDBZAwx-ItHCyEqZTGyPWqqd-pDiNeAr05Fw1J2VgtXJy8k_y9xbgNeM17UMQ Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Thu, 11 Nov 2021 09:46:27 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame E933	72 KB 31 KB	56ms 53ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHlSYki84r__5NdI9NKPJxK4udNB3g4uIhsy561TvxHMKJM9xLvcYfGuckNGKKAKMK5OdJvfAAYygGfOM8R9VLjw6qw-wL7rXlF49F41gBgpq3Jtfwp3LL61dYcS1JB6EJB77ljTranVL186tScinaCwfRhA&dbm_d=AKAmf-ALNvdQQJcFsscJfoXFMu4oxv6sYwYXTDtfCSRID-EQp01l61BiUGaNX1H1W-pewrsE0rw2XqPi2MpsbBy5f_SmvajYZJXOxvFFRn1sdFuibVJVw_6oXbdIMzC5inOm0IFOgtd4IikwziJfcOXa4Hy8gIPANn9IppdFgZyh4BKV5xjG-nvYU91MXPaKXEbx2S0PuviiRkSch1X2jz7s1YmJ5qVs9JK88nkxWlqUQEufua67cZJccv2QxQ0_nnL_KXpqGd_aD3fVWJsdoUiD8wAL5JoPwXlJHpn0PF4wO71Zm02K7rpwBhOkOphk0qTa7XpgtzNBWOios6neUiekTqJocgGBN3mzb0gJm56ZelX9uPk2CfXV912guS8PDFeUoZPaAdaL-270uO93Jkd5_X-G3Ne8LOGM1ex-4T2dYP1fw16mcr2ZUS8LzPu4k_BpmsQEHZVmhQVsTJL8CEDze2NHlhi_BTqCpt3c1T_T-cgfXbjjNje6aG2TmEIIk0eGe0egDWWAaOsd4kahs83ljq1WXETeQt10VTTdMyWXtUAO8h5PXvbFfpi2pbA3SGgHV_o03VhYo2CxG6Hgl1j8KY6f4i90TYvymCfle50TfnVHDaCrCCFGSCwdN4skyQA0vzUXMld-ucxWWkjRwKtVmfS_xNgJ3_2BjZLbPiZ8BbFySAxXKsxaJl_gGLhdB5HCYQ8fT9NqB4QuAHTNcQ7Wxs8_AWcVH53AGNjwHxdKmECdZizHiUj0S1wAGcyb30eS6c5RXFXOykGLxXTg-lD_xcFpdVYcrNIY3F6HoB8FkUzz0iCEAxcdevsPzvVX9l7D3k5g8J7ucXRJPyDzuzpGqLF1ph9AkrzMKZSlk6iBcUyITiDOjCOW8q1aQ2JBoMaIa0otwzleHN9KogY8ixs2eZ70xqubDyTIiEDhgAOxtoxlK6DjAKm1mE3vr3Laa-6W32EZNSzJHrZvUjl_B9q5NwSME_sPlwkURyK05de3HJdPkQruVKE0AwbHft5LIW_Q-sTlOrTbhg2G5KKKbMkyww6G9tYbnf9EcfKKPSDH7rw0ard-PGtbRClVyuMMBOleqOstvcNdwYnYcQe-uJOsZg2u0WefYMvQXTZdq6fHNPMyiPCow0I9BYvrgHGwtmsZBti_oScTtj0nNkLS1YJYujUE8t2sytk7FX66tqGVya6KdOVTzg0LMAlp1q6ItDPaqFlMV7-iOqjO85jJOvefU9We2w7Noa08BqEFs-oiiY_ZIKMmREX4sywpOz7Ax3kQZb9-nqOdMAeNx5wkZUMj2gLzHSONUmBL9kdB4x3E2VM6MwrT5dZ-D9sQHJPX9BMsapKKIu6Jy7kjPiwz6gb5X3q8M2BFHhGbdj-BZVwJ16LG7bMb3WLu3imOZxPcGTdWCF0aEmzmjk2ssH2j9B0_uYrKs1fIw_pHSJylf6lhKpRaelzMaugctV363Lllv-Koqd977ANY6cbXVpQT40V-cbT0y4RD2vISk2CWDGefSDiLAWGVIQO0YLWAB-YOEuVNJlHZHGZMJYDmsFJrHHbg0pRorEXLO7Gw6V8LT9Bu7B1R83p0_iZ-Bq_nzkpC7afYnbRmVAwWPzQNzcQAuDGHbIF4tOX2n7_yc4NYxqAUVj-unR6gTn4TyqmEqvwdoaToJtXs_30zUO3tWLNr3VMa6_-iCtZhum0bGUcPV5v-610ogCCl1t9r0qpJhh2uZt5mEyP8iFLsGicK4U-T_juyaBC7tk1DHW9s-yd___G5FEma1OEIl0aLe_tSVRpG9eWBxSOUqi9qV74BMdpjZ7NFnNoL-aPlH9RI26QC9zcG3qTWWuroO8v07QgLhz8ML3L63ARa0wu4DNWLkZQVijueZMTVovlHCbjYyvk59A_PPetFyzgguEZYj_qbWOM2x56K6NcpTrogXAPLQlwu-9tTDw3ZO69qarGyafNK69gAEdBaoMEfbB2IzfApxNNOycTsrZbkhQVOn6I7EG3k1pcLndhc0dd1DZZAPjP91HwVZmGUJ2e5ndWnXeDU-llEZc3Gz8Z43VrbVptnbMxPgRFxuGJiaD5OQLHesGS8ho5okJ9ttkzGKeZ-jxGuMfQDgbuznbHS4H_ouv2iKIUuy8j5GehEjF-yU8_je78kXSWM6ve7hj2mCZCeQR5wxv_7sasaapbD5r9QLjK1OyZx4Jjreq7ogF9Vh9x8MCxDoBN0o-ET_MLq6Kc3l8NUPgnJ6r3-WSMIVpjsdpaHTk0ZB9zq2Jo8QKs2IwFmyPw3hKjkQp6DvJiBqqi3LljOQSfQ6WspyRcsRwfJD9f7yBn9F_XPUYBKBVbPrNizDwtHwSvbteVZRrXsSIBAXFRk8TS5U5rpLeph-O6MjBQnS45-9Rnd3W3JZw-xv2fH0VVVkEwkQuZru_ku2RbNhQwZgmQuFV1VPNl58P0ODoBIdQ9YQDJ3HGvx-Pi880j7LxLA_QPDliLoeLzM9A86P07TMcJguu-Z7DhyRrAn35ZMoY89auVCbCRHp7ukZVsugBpX5Mv9gkpLissmYnAik1bltjFGorSPE6-stmW3XGanlTaQbHcO9ZvplJnssa188Ekh-C_U09IzjhN2lxoUmZ2XDyUsRlNpfD6HEYvAUd6xCpZ8M8dlaMs1ktk5kfhVhlzUu9ODRaXbov8U0IxSwTqiCmvRvq89xgG1vq5ltWe57u_PuRkCy-NB2nXnObGPVKqccgc-7PQTk8S-9p8FZJ3Ds4JVe9Rrd0vY3odupb9X7UngsmKyYs6yj9YBVh1s1ih8F76gW_l-WFDDgTMyylTUu0ZUyQ5Y7CMfh7jHOYkfEabOJ3Aruu0gaNZKMxTA2JnDKzbD9tHAKZIqUUsRTeS02ObfCGDWlr4qFBbmVUj_B6KK-EzMhqh2fqG4Nja7hXyIpEnhxZj0nlIDwZc7Zvt6HlM3Uigr5p6M0Ivv9cJZII-r7NGJHhYiHBAvISsJd6kG_KWxzhhp8CiuZ4l_-qd8oQa-X0KOtVjsYGQVBykjoeYjdgF-xVYGp7vPwN_4gIlYkMY5XytJ8p1vPI4&cid=CAASEuRo98GIUbCWG321DCmnh4-H9A&rfl=2%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6a710af59098b6631523a47b9086bcc429ad8cc6ad68e6ed4148292426ed9a2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:26 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31153 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame E933	2 KB 1 KB	74ms 18ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:41:02 GMT content-encoding gzip x-content-type-options nosniff age 324 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1337 x-xss-protection 0 server cafe etag 17605089983984592854 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:41:02 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame E933	119 KB 36 KB	137ms 52ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 11 Nov 2021 09:46:26 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame E933	15 KB 6 KB	64ms 9ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:40:16 GMT content-encoding gzip x-content-type-options nosniff age 370 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6461 x-xss-protection 0 server cafe etag 1157727964977547826 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:40:16 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame E933	0 0	15ms 15ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLB3KWmAva0UbZAP4ZiQL3wkTocy6w1keyt9X9yHNOiO0CcaNjvB1qGBixPAB6IdNNrwmPIjn5rD28G3zraziNs-3oTA Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame E933	42 B 107 B	40ms 39ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BeUeoimhmodyJxzaH9NNFuWh1sVjStHjM002lbkq5sLBFMuZUfGUZhNJMsHRhMTE0VaNMYZOxSbe4W81a5EjVROtZZJjo_X-J9cA5opLUACTkDyyM Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ww.mjs Show response cdn.ampproject.org/rtv/012110042008000/ Frame 0CAF	44 KB 14 KB	334ms 9ms	Fetch text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012110042008000/ww.mjs Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 512ea2efe356559ffc497f107a88730beee6782fdfcad15d68c8f3e017269aa9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept text/plain Referer https://grandnoticias.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 424849 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13123 x-xss-protection 0 server sffe date Sat, 06 Nov 2021 11:45:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "fd369686404e1b29" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 06 Nov 2022 11:45:38 GMT
GET H2	204	p ic.tynt.com/b/	0 227 B	111ms 110ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636623985308&dn=TC&iso=0 Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:26 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	114ms 113ms	Image text/plain	208.100.17.188 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!victorxone&lm=0&ts=1636623985308&dn=TC&iso=0 Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.188 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip188.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:27 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 2AFA	41 KB 15 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 00:41:17 GMT content-encoding gzip x-content-type-options nosniff age 119110 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 10 Nov 2022 00:41:17 GMT
GET DATA	200 OK	truncated / Frame 2AFA	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 66fb7122384668c7f18d01b177ae5fab6783ab30ad359daa2e51539477ead2ab Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 783E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1	43 B 1014 B	72ms 39ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYkc2kuAEwAQ&v=APEucNW_NqGEMPn7n-Dd6d54fg2KD2v4TfyCas1nI_HLilnzCCceptifRX0DVEmNV2KjBaB3ADEVALuPj3_XPy2huxMIGGOKjw0LBOF9LOQ81rXMHKQwqxv4_iLpGInRT2C7c8dupuqSeZJWM8DzW4fkz1v4-MKhgG85lEzjhS0FXCSnDEG-KOaLrr7XzG2RuA4Ki-_lzDgZgj0_LEL8URKCQhn3HDEYEA Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 11 Nov 2021 09:46:27 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 783E Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzmczAgIHWxfUe5hI804gAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1	43 B 894 B	28ms 27ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYkc2kuAEwAQ&v=APEucNW_NqGEMPn7n-Dd6d54fg2KD2v4TfyCas1nI_HLilnzCCceptifRX0DVEmNV2KjBaB3ADEVALuPj3_XPy2huxMIGGOKjw0LBOF9LOQ81rXMHKQwqxv4_iLpGInRT2C7c8dupuqSeZJWM8DzW4fkz1v4-MKhgG85lEzjhS0FXCSnDEG-KOaLrr7XzG2RuA4Ki-_lzDgZgj0_LEL8URKCQhn3HDEYEA Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 11 Nov 2021 09:46:27 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 783E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1	43 B 1002 B	23ms 20ms	Image image/gif	185.33.221.89 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYkc2kuAEwAQ&v=APEucNW_NqGEMPn7n-Dd6d54fg2KD2v4TfyCas1nI_HLilnzCCceptifRX0DVEmNV2KjBaB3ADEVALuPj3_XPy2huxMIGGOKjw0LBOF9LOQ81rXMHKQwqxv4_iLpGInRT2C7c8dupuqSeZJWM8DzW4fkz1v4-MKhgG85lEzjhS0FXCSnDEG-KOaLrr7XzG2RuA4Ki-_lzDgZgj0_LEL8URKCQhn3HDEYEA Protocol HTTP/1.1 Server 185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT X-Proxy-Origin 194.36.108.20; 194.36.108.20; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid d2bb393b-f09d-4b86-8f40-addd76e2b265 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 783E Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D	170 B 188 B	18ms 18ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYkc2kuAEwAQ&v=APEucNW_NqGEMPn7n-Dd6d54fg2KD2v4TfyCas1nI_HLilnzCCceptifRX0DVEmNV2KjBaB3ADEVALuPj3_XPy2huxMIGGOKjw0LBOF9LOQ81rXMHKQwqxv4_iLpGInRT2C7c8dupuqSeZJWM8DzW4fkz1v4-MKhgG85lEzjhS0FXCSnDEG-KOaLrr7XzG2RuA4Ki-_lzDgZgj0_LEL8URKCQhn3HDEYEA Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT X-Proxy-Origin 194.36.108.20; 194.36.108.20; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 5a82ee72-309b-4d30-a6cb-092d0f31db15 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	express_html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame 4319	106 KB 37 KB	310ms 6ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Origin https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 14:16:35 GMT content-encoding gzip x-content-type-options nosniff age 70192 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37892 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:52 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 14:16:35 GMT
GET H2	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 4319	8 KB 3 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4Kya6-jheDwapP_huYD_5Fpa-yszA-zda19OAk2pgp_1M-nhV0DWyqiVDdoqJMGzo-mOFE-zV_nAtRP9CtNQt7VKCKpyaL4nQwH9nXAZyxuq7803h_eRWDbF2zrGbJFYNhgSccAqTPZvtKaK_ZoB_wAdQMg&dbm_d=AKAmf-Cbd5fBBW_t4RL4BBEikl1FeEpFtiZcrGBQZV0IE4JyTD8mj1_CjoMyTsCsi1d8rOP7BYjP5iRfvkGtp7m34WQOPV1ccq_E-XAP0o2sy1kb9KrWbVJxUa8V91YsIYsMH2aQrsc9UBx_NVxA05Qhnr-WUFOnmhQqwXwUaxE0EqfPPICEGVQe2ErLmrYY0WLTaeGUJD2gVqSaA4uW6dkP7SyxW7DF_SA22_ZXy8mawjdj5cK0e-BPbhCAFCLaoh6_uIPMs8oQlNMGDAiWsUduoW2QmNNnOJjNKOHMNzf_niN9C-ugzmUol5T9EL9dsnmbM6aGKTv1MVCUkmP2X_M0F7mBOVOk1ZiAlG-q0r9i4kj96bE17QJsBiK37Z80JNrP7Am3ECQSxpduKg0wVOu7qIBS95x9HbIlPyDnRQN4Gy4AbcFggQdrLrcMe3-Z4BWnCphBobSleUzLFWBHx0KCeLxG4crgNKLeeCHR5eRDeeHkbDOOY70MeENHXiSMlZZiFVPsaKak4iMRokcgTMuLwlUAw1ZTJkS1vb8PxBYJc_Xk50cXyFYf99ddho1oEtGVXdJkEQvB50GuO7Z9bNn87Qi5Nt7ZSgQ-pDMNw5UjnYRz-ZYQhErSxhEtzrfIDjf4eC5k0mzKMAFPsZke6AQUTKWRkPajUWRJuCXt6C22XM_PxSmsALr52l3INu1t0BEWG798367AclxS_N_APl2rRMkIAuqC7pVulRFpkk2PmwVTcFc87baz_Ahha8yo7WX_Fx-E1dAzPq_FDIoj2lJFfES9KczFaK_u1TyTK1BahnDU3BfV-BkynjGL8iCBaX74SGNHM1YDfDJbh66W0JW6TwP--psO872_AucJ0HT2kqkEEUX6A7foRDqwnS0JEL1PpxYcex-2-50YbjGNsGCd9e5cFEA3qwHkQ6s6tIF6vWy2QrDwIQGiUy_AUjfbIzNFQllrw-kpKGssIjNW8DTYsidDZSkO-_qd0hzzC09wq4EaT_h0STKmeyeD0FHy0AhmePEpKC1OQJ_36XsFI5q_4BnjXmsGYuQJ78ZLwbdh2OHvB7H0NPnNKWZ2WCxGTQ5xqI5UFVRx1wXbpg_FNzMMRhdLDiH7YUpy6cLc1Xsk4Z21OVpFYw4IJxI-VaPCQNq38mCnZgLCpJ4VizQ_ZRNvkdaZZdqoJlXJyIkaXmJnp1-MSucf2o1sTyNOuLISosrGKGgSfzVi0TJfME0Blr7-9McBrfji0imdJNxx1EHU8sGOQpk_6CA0Pm32wIlLzjjNHZzDoivsk6H1D20FA-eCwrJKa0CROZUwrcXEReTpnP1FUtHpLtwOcYUOP4trZZhUT6EzFhr-nj1pWy8zVp4Q9v2il5GsaCj1zx3P_79cLPtdjtlpxsjifWXJ9ccGbkM6fYnC6FbTj3iZtYSyBy67QuQsIdH2ZSW3aZOJG7x0e_Bjj0of6Jz2ceyRbrUjKABedvUdN3lWErNd4zGC9zC0q6394J9W4brYlzWW1FtziFQwN-oKoD45b_co678JuJnlKgDKYGm1o-lU_vM8nVJLKpdxKHuaKkVkbfNpxgJWjE_PImY0n_rmbnJQioGL9sszfeAQtwE2qPY9r2VjnSLXWT8FJaHe9khJKFyueds7RYYylSkE8mcwgaAQBmB5layla1AqrqQfZZhS7TQkHbdxRfKBgO68ajozxjKqEnFr7BJeI9Lf3vX70Z_R_5E7dmKHowRumSDFHvhmD8AaBfS2_3tocBu6eT1Xbh0HgnczZh1MnZkmr8CS9t0hceRNjPpz2rKLGFsfsSdq8Z1fmDyCuDP11UeU4u0sQcSi5yMPZ4R7ufeGr2k-GqHEleFDuYbSkTmt6yJgTvoL1_ST_eTV3ua5ZmTVFNGaEzz_aN0KK5wbWgkx_l85Equ9dqtsKZNshizlyHbOd4z9Sni7xxX91H2I2YuteS_LpgwVDzWtIGu1PL8x5_Q63rV1NDCKOU2TgrLS8z09T66V8gsF5WS9fJ-enst5FMDqlxwtOh-vjmJlSJhOP7x2CTK5mDek0VoUkXvOcB3b-U95aC0E8zDfeaUQ2eaBfnMHeldSirVZ6ZAVqo8inPV1HGim5OjOEuPGKKS0fwLdQSbk6VwJFbOgHHCk8SkOCVTHwResV5LufvR8aFsycmCf5w2kIFJ9dxNa2e2M9KxjyQRTh9_G5DzRR3JU-9bG2t0FWPiXxTD9dmP4YW18kUg8YEHDDRBp-yd-XYXTYUobmoyYXEbzIrAJkezscjjJ5LM-DzFWqabcTHvErGMHFA7XrAXT2C739EnOp8-IKGqV6PhV40kh_vFWZxFLxmSCd0yrD0mRYJ-_tEW91S0GTjTRjIM4WcQN0XGXIIWBRp4X4vEYzD8ae2de41CCh4MnnZFoOFYODsDayS93Cy55g8ACR2u5_7kVVseT3P1Q2_M4fAtpxXP9FUakkpiSw_3tBDpk8RxzdYdVfCDyuI_WIHgbzncEOMnVcTYV7YOo6T5cCGHdkFbsLMTouI0TEwQisRA_rvNmmnUp_kQ07Ol9Xz4MT-0bLaHQ4PpiADI_xAMSpwOnptr84Mhrgy9P0fE7rNSNsZXgtQorj9iQa7J9iFqdrS-Fs8LO7AYe6NUqt0vKxUVfQK0ij5Qrl0M6nVI0jAp1vqQbAdbQRZSqL9M8Uz3p98M5AQF-MOQpzCh4-gme6Uie9MzW73VZdyclMNLud2uwX_thVuHhH2KZT2qIdmbg02wJ_RRA10rtwqF1BE7EVbOVuvyytLKZ6BLRoWW2ZYk9zozjblfT5tMpcruRY9SzzvLaGMABlJeY0lv5MoF4kBEjYmgID_wbcCv9fZegOqQbRxBM4Qv1Q94qG6sRn2A7RSbSi02_keVH8mNUW_RH9EKoPET1PUcLueQKu171VXc4RULv39FjFaMMf8HL16Az1K7BTQuLbjZ5TgleAuitOAOE2ZGP0GiXppdT4vsZ4yE028HDF1adS3qcZLEtZRq4GM9MU15DdTHNIAcJ7d9uG7KBj7b2fG_LtIkMHfaleQ&cid=CAASEuRoDim88wNVgJ2JqWa6zGAQhQ&rfl=2%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:43:32 GMT content-encoding gzip x-content-type-options nosniff age 175 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3140 x-xss-protection 0 server cafe etag 17163059639670574047 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:43:32 GMT
GET H2	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 4319	24 KB 9 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4Kya6-jheDwapP_huYD_5Fpa-yszA-zda19OAk2pgp_1M-nhV0DWyqiVDdoqJMGzo-mOFE-zV_nAtRP9CtNQt7VKCKpyaL4nQwH9nXAZyxuq7803h_eRWDbF2zrGbJFYNhgSccAqTPZvtKaK_ZoB_wAdQMg&dbm_d=AKAmf-Cbd5fBBW_t4RL4BBEikl1FeEpFtiZcrGBQZV0IE4JyTD8mj1_CjoMyTsCsi1d8rOP7BYjP5iRfvkGtp7m34WQOPV1ccq_E-XAP0o2sy1kb9KrWbVJxUa8V91YsIYsMH2aQrsc9UBx_NVxA05Qhnr-WUFOnmhQqwXwUaxE0EqfPPICEGVQe2ErLmrYY0WLTaeGUJD2gVqSaA4uW6dkP7SyxW7DF_SA22_ZXy8mawjdj5cK0e-BPbhCAFCLaoh6_uIPMs8oQlNMGDAiWsUduoW2QmNNnOJjNKOHMNzf_niN9C-ugzmUol5T9EL9dsnmbM6aGKTv1MVCUkmP2X_M0F7mBOVOk1ZiAlG-q0r9i4kj96bE17QJsBiK37Z80JNrP7Am3ECQSxpduKg0wVOu7qIBS95x9HbIlPyDnRQN4Gy4AbcFggQdrLrcMe3-Z4BWnCphBobSleUzLFWBHx0KCeLxG4crgNKLeeCHR5eRDeeHkbDOOY70MeENHXiSMlZZiFVPsaKak4iMRokcgTMuLwlUAw1ZTJkS1vb8PxBYJc_Xk50cXyFYf99ddho1oEtGVXdJkEQvB50GuO7Z9bNn87Qi5Nt7ZSgQ-pDMNw5UjnYRz-ZYQhErSxhEtzrfIDjf4eC5k0mzKMAFPsZke6AQUTKWRkPajUWRJuCXt6C22XM_PxSmsALr52l3INu1t0BEWG798367AclxS_N_APl2rRMkIAuqC7pVulRFpkk2PmwVTcFc87baz_Ahha8yo7WX_Fx-E1dAzPq_FDIoj2lJFfES9KczFaK_u1TyTK1BahnDU3BfV-BkynjGL8iCBaX74SGNHM1YDfDJbh66W0JW6TwP--psO872_AucJ0HT2kqkEEUX6A7foRDqwnS0JEL1PpxYcex-2-50YbjGNsGCd9e5cFEA3qwHkQ6s6tIF6vWy2QrDwIQGiUy_AUjfbIzNFQllrw-kpKGssIjNW8DTYsidDZSkO-_qd0hzzC09wq4EaT_h0STKmeyeD0FHy0AhmePEpKC1OQJ_36XsFI5q_4BnjXmsGYuQJ78ZLwbdh2OHvB7H0NPnNKWZ2WCxGTQ5xqI5UFVRx1wXbpg_FNzMMRhdLDiH7YUpy6cLc1Xsk4Z21OVpFYw4IJxI-VaPCQNq38mCnZgLCpJ4VizQ_ZRNvkdaZZdqoJlXJyIkaXmJnp1-MSucf2o1sTyNOuLISosrGKGgSfzVi0TJfME0Blr7-9McBrfji0imdJNxx1EHU8sGOQpk_6CA0Pm32wIlLzjjNHZzDoivsk6H1D20FA-eCwrJKa0CROZUwrcXEReTpnP1FUtHpLtwOcYUOP4trZZhUT6EzFhr-nj1pWy8zVp4Q9v2il5GsaCj1zx3P_79cLPtdjtlpxsjifWXJ9ccGbkM6fYnC6FbTj3iZtYSyBy67QuQsIdH2ZSW3aZOJG7x0e_Bjj0of6Jz2ceyRbrUjKABedvUdN3lWErNd4zGC9zC0q6394J9W4brYlzWW1FtziFQwN-oKoD45b_co678JuJnlKgDKYGm1o-lU_vM8nVJLKpdxKHuaKkVkbfNpxgJWjE_PImY0n_rmbnJQioGL9sszfeAQtwE2qPY9r2VjnSLXWT8FJaHe9khJKFyueds7RYYylSkE8mcwgaAQBmB5layla1AqrqQfZZhS7TQkHbdxRfKBgO68ajozxjKqEnFr7BJeI9Lf3vX70Z_R_5E7dmKHowRumSDFHvhmD8AaBfS2_3tocBu6eT1Xbh0HgnczZh1MnZkmr8CS9t0hceRNjPpz2rKLGFsfsSdq8Z1fmDyCuDP11UeU4u0sQcSi5yMPZ4R7ufeGr2k-GqHEleFDuYbSkTmt6yJgTvoL1_ST_eTV3ua5ZmTVFNGaEzz_aN0KK5wbWgkx_l85Equ9dqtsKZNshizlyHbOd4z9Sni7xxX91H2I2YuteS_LpgwVDzWtIGu1PL8x5_Q63rV1NDCKOU2TgrLS8z09T66V8gsF5WS9fJ-enst5FMDqlxwtOh-vjmJlSJhOP7x2CTK5mDek0VoUkXvOcB3b-U95aC0E8zDfeaUQ2eaBfnMHeldSirVZ6ZAVqo8inPV1HGim5OjOEuPGKKS0fwLdQSbk6VwJFbOgHHCk8SkOCVTHwResV5LufvR8aFsycmCf5w2kIFJ9dxNa2e2M9KxjyQRTh9_G5DzRR3JU-9bG2t0FWPiXxTD9dmP4YW18kUg8YEHDDRBp-yd-XYXTYUobmoyYXEbzIrAJkezscjjJ5LM-DzFWqabcTHvErGMHFA7XrAXT2C739EnOp8-IKGqV6PhV40kh_vFWZxFLxmSCd0yrD0mRYJ-_tEW91S0GTjTRjIM4WcQN0XGXIIWBRp4X4vEYzD8ae2de41CCh4MnnZFoOFYODsDayS93Cy55g8ACR2u5_7kVVseT3P1Q2_M4fAtpxXP9FUakkpiSw_3tBDpk8RxzdYdVfCDyuI_WIHgbzncEOMnVcTYV7YOo6T5cCGHdkFbsLMTouI0TEwQisRA_rvNmmnUp_kQ07Ol9Xz4MT-0bLaHQ4PpiADI_xAMSpwOnptr84Mhrgy9P0fE7rNSNsZXgtQorj9iQa7J9iFqdrS-Fs8LO7AYe6NUqt0vKxUVfQK0ij5Qrl0M6nVI0jAp1vqQbAdbQRZSqL9M8Uz3p98M5AQF-MOQpzCh4-gme6Uie9MzW73VZdyclMNLud2uwX_thVuHhH2KZT2qIdmbg02wJ_RRA10rtwqF1BE7EVbOVuvyytLKZ6BLRoWW2ZYk9zozjblfT5tMpcruRY9SzzvLaGMABlJeY0lv5MoF4kBEjYmgID_wbcCv9fZegOqQbRxBM4Qv1Q94qG6sRn2A7RSbSi02_keVH8mNUW_RH9EKoPET1PUcLueQKu171VXc4RULv39FjFaMMf8HL16Az1K7BTQuLbjZ5TgleAuitOAOE2ZGP0GiXppdT4vsZ4yE028HDF1adS3qcZLEtZRq4GM9MU15DdTHNIAcJ7d9uG7KBj7b2fG_LtIkMHfaleQ&cid=CAASEuRoDim88wNVgJ2JqWa6zGAQhQ&rfl=2%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:45:14 GMT content-encoding gzip x-content-type-options nosniff age 73 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9506 x-xss-protection 0 server cafe etag 11173536317444432557 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:45:14 GMT
GET H2	200	express_html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame 8C68	106 KB 37 KB	303ms 13ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Origin https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 14:16:35 GMT content-encoding gzip x-content-type-options nosniff age 70192 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37892 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:52 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 14:16:35 GMT
GET H2	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 8C68	8 KB 3 KB	9ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AEJTru32Z-M8TK7W6pdixt4hmUyoC09ewr_n5jFeS2Y6jiT6fUscvPlyrnoFmgCa5b3kqkcb5LgVi3wZBNO3D7QLE5hls2dEHVspYtmjZFmjWnNmxX_7wD0CCMplGOhFEjY0l5Pkvhe2U1-E3MP0k3kvAAcA&dbm_d=AKAmf-BDn1lQlQN2ea0OJy2MTNSJDUKsdpdunByzgSMNikrVDNQmMCQXbCyrcwI732_THHtxFqQlRbf4H3HphlbxqTESJXTL-gkVouDaSmz_yt2GGipmVh7n769xl0ml7A4FL50cZQi5jve5A6IaBPqlInXhDC7Vt2xpQ612elHUpVuMbMnJxy93_wbaiZY9aP5faD3epFpjawXh_u4cBWYxAkLKez1n4ScPRQEBYjcPb0CtKYOsJ350PBe2L5b_wYUAnNnZGJizLUWk5c-nuC8YpTxPua92yftqsHV6AgTvb3HapTsjBKy35g-VDedZGfcDQQtApLosAflsbx4myXM89zE1cgfC7QGBHHwbYtieLDqODL0wisXDkvuHRT5zrujRn806wQF5xMYluXjmHW2Tx8V-X3elU16iliDRMUyZannnWD6vuP30Xy7xAQPIBvtn0j2PNkSmf0Tx7oVOtKmH1QI8gitaCI4jVplX5n_mMIhDJj1y9fDKNjG1PeI7P7Lk4viHsJwi2J5wronhSi60XqeRzFyCOhADjjU6ryoJpr-s5RK5NaLw5GU7NMr_G7Cd4XkMtCOC4O2siZNpDnCXGFMkqZWhTe_kMtWmp9xLyh52eRn0ccWEk9Ybyxz4dmoMCf51Zu8WUtWQ3lkd6cyO5MegSy3EW4ZVYgsHNMTvpNpknIlbC2JmpLwaLSCGpLSC-Hw_agtUPTBTrv53YbnENE8R9SNdoaJ9q0YmFLcNR-pjmAEuyRfYOG5zCH3pfXcR65EjafB0YOI6Ktb8153vzggZYf8dwArI7dic8IWPfWCjbJKvTF8XGp7WawiSsPXQyBAYWGFi4hl98w1QT0friAbk8jdH7N9EQQyQExYh2JILzaTkvZuVwYVEX2C0-X6QRiZv5oRVrJR7V4nxaF6y4zBaGjQ7gppX0P8kxqN6CPtvrfXy8cwCOik6RlL-0OrSr97Ww6FIlzKRumxOlOmtcDdoVM2EdlpIVUNmnJpcykemrg_YQzhTLC50nT9hle5aG9w5XrcWNQsU2VaU2aJA1UJyEK0bMokGE13_ko-rJ4qfSbPVpIgPnHAp3wL47r0bvtMqQUr-1nF28lSKEPuo0IR7nmcd221jWTd7lDbz-RpSlsbDHKXFBKpb9B-El-ftIu3PYQrc2QGepqTPIMSkNB87sL5uvip4WKEBtOw1q88j1AlALKoYBLcI9KIjJ-0pInzKbz6c_jDSUDb06y0hfdm580fY_FnG4pGPDKwDlL7KX-tqcyx6fIxFOeaJLF3GvElt0hPzLvChh_9lPvAoblqfUygl-dKbJ7YoyX_pEw4kR9w6iibM21lZhf84iOYYabnLWpqS4ZnMm0nWXjbZHibF0I_O8dR5TXIiwt4DhXrmybEVd6jrjtrsb3pIg_FsvkMpNvUKQ6ErXPfbYcWhr0TzJUFuowx2r9oDs0r1vsdlhBompMI7K52Uual3RXTWHWC0Qck4VaOs8sV5yAR-nKLguCafGvGgMpIwcawjbrZMmuTkcADBY42NG6_Lyis2YpatDFjSiVGnL-dKFuTiJJARc9A6IiPF1fsvZ_OUVDkejqv0L1zxDUvMPUVJhwsZxuY_4JY_ZWcCfAWj2yu-XenFZUuyWdvwCmEEHcdkLZroxRDrP7W28n5CtJ2NpvyGIvyCnXbIiFyqS376vQpNPuEi3ZbhhnutGiJWdENJa5PuIgTth1TAD62YQsn7qRBN3gLedxl3MYK6XuiqbIdxoMEJI2OMpsjW348YlDC0B1AUom48intd0O__pdT20i6o0vJ3Uid8TPZiOv5KJUYIAlGHnmsTY5Ozhzh52zJlYkRNPSKQhrIrg0o-r8ZWHDFCcMVeXgPcxjG-cE7UcWflnPJq2gku8cki6xEyFsWZOXab2ZLrVFzRV45586K9SgeEDN9M0jAyFdAmnYE8Dmub0ds4-fUdkOydy-HdPgqRuZ2aHCW72rvwDNHk3ker_LpdiFproT17c1xCV-sYC-4X9LSmaFZ2CREaCAqaEnHUHVks76e-8s3aZQzlS-iIYQmHOMAMDF6kv7-xT551Mr3bNSgYwJCAuz0hPjLHlwwVqJyjXsf52H96-Qx2vlyWXus_ZV9yMc0fYqBZZnPim6f2nokoo1gVZtpiP-YbkP3yhUDmv6faw9JysYOCkjIDoW2R32DA6jiJQhdrf8rkmK4jEpcS_vrIb9qX-OwLgb6XRBLg6TSJ35Az1sW-XpoclWpiDQ-6SHxJ73eMEF0hPPFr57nRjxHSYzNHUKvKTD0wjZ9CH-lqpzvAZ02l8-Ri6uRcqJhEkAMSGFPtkEyZx1jVdNqJrz11MKKxffwb4VCoJdbk-ZN2ZLpVera94OWpIs1SfTK16a2Fh693f4kZ8CY1QPo16cE5NMBymsOvz_uMALmpjW2QIuXAYcguSxrCSJWtSDiX1mKSI-ti_6V_FaSgx7cvptemCbb1Y-9a5NojNpPUeeOdEWF8b4p2jOaFeRnNSvkkJGnlylGenkhO7OsjkVpP6iaOIccwG3eFLp8yCfuCbtHHa5rZ-9Mn4u8iueadbi9AIfJr5vnKcVa2mdzuPWR961SsuLwSCBgkmAxzy_H6-S4Fg_mVWvUeYceL534qygKHCzzS4vhz9dBCwpyR1VgI0JL3gPACZJa17g5c-kN4QL0kK6zFLmuW6sETyu_nOXUPn1cGAfK1y7Kb53qhpVfpaH8FOlS4At335CQIpJysElpqzCxenYpfwm1ZwNHNhNrVzBOE5-LOkSpIncVRXCqQUWkNqfR00AojF5Z4APEBJvQ_C6mfVRf5_NiVk0Yj1CdtPO6KbuItOlEd23sFXheBnagKvTDUJBWcgm2LmLhqfzfandxVs7Gsz25QsvCY674RfTImtJQ5ZWm__6BEprGgTb1gcen8htoUIqtFqhX0lSGfczae_qsgQn5gPSzicUCFFiEZrWa-p7X1e_J4SztfJvuQRal8He7wgmx_pChgVQytenLaxcT70ePqzRxzXTJpp3L7pC6LRFFO_Inj5Wrduv2A3xfNLYvigMJatpKbZ1DpFc_y-4JB_4rVFZouu-KFwd5nHwcQ6uNucuqY76AO-AGaZDU5FKGw1YQ4ENh2TNOM7GV6kyz3Fw77gxG0cLtT613zqlar8soda9tbhWxff-MFpmN7vYc3smIDJKMFWUF_6wbEYC3e4kIQjz_jlkPzX95Ea95myCWGD-dSpamLKMog0o_fa2NK-vOdzuHYSMOekf4&cid=CAASFeRo4LHQur9bQqOFHKtbi8FHFN9lLw&rfl=2%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:43:32 GMT content-encoding gzip x-content-type-options nosniff age 175 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3140 x-xss-protection 0 server cafe etag 17163059639670574047 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:43:32 GMT
GET H2	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 8C68	24 KB 9 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AEJTru32Z-M8TK7W6pdixt4hmUyoC09ewr_n5jFeS2Y6jiT6fUscvPlyrnoFmgCa5b3kqkcb5LgVi3wZBNO3D7QLE5hls2dEHVspYtmjZFmjWnNmxX_7wD0CCMplGOhFEjY0l5Pkvhe2U1-E3MP0k3kvAAcA&dbm_d=AKAmf-BDn1lQlQN2ea0OJy2MTNSJDUKsdpdunByzgSMNikrVDNQmMCQXbCyrcwI732_THHtxFqQlRbf4H3HphlbxqTESJXTL-gkVouDaSmz_yt2GGipmVh7n769xl0ml7A4FL50cZQi5jve5A6IaBPqlInXhDC7Vt2xpQ612elHUpVuMbMnJxy93_wbaiZY9aP5faD3epFpjawXh_u4cBWYxAkLKez1n4ScPRQEBYjcPb0CtKYOsJ350PBe2L5b_wYUAnNnZGJizLUWk5c-nuC8YpTxPua92yftqsHV6AgTvb3HapTsjBKy35g-VDedZGfcDQQtApLosAflsbx4myXM89zE1cgfC7QGBHHwbYtieLDqODL0wisXDkvuHRT5zrujRn806wQF5xMYluXjmHW2Tx8V-X3elU16iliDRMUyZannnWD6vuP30Xy7xAQPIBvtn0j2PNkSmf0Tx7oVOtKmH1QI8gitaCI4jVplX5n_mMIhDJj1y9fDKNjG1PeI7P7Lk4viHsJwi2J5wronhSi60XqeRzFyCOhADjjU6ryoJpr-s5RK5NaLw5GU7NMr_G7Cd4XkMtCOC4O2siZNpDnCXGFMkqZWhTe_kMtWmp9xLyh52eRn0ccWEk9Ybyxz4dmoMCf51Zu8WUtWQ3lkd6cyO5MegSy3EW4ZVYgsHNMTvpNpknIlbC2JmpLwaLSCGpLSC-Hw_agtUPTBTrv53YbnENE8R9SNdoaJ9q0YmFLcNR-pjmAEuyRfYOG5zCH3pfXcR65EjafB0YOI6Ktb8153vzggZYf8dwArI7dic8IWPfWCjbJKvTF8XGp7WawiSsPXQyBAYWGFi4hl98w1QT0friAbk8jdH7N9EQQyQExYh2JILzaTkvZuVwYVEX2C0-X6QRiZv5oRVrJR7V4nxaF6y4zBaGjQ7gppX0P8kxqN6CPtvrfXy8cwCOik6RlL-0OrSr97Ww6FIlzKRumxOlOmtcDdoVM2EdlpIVUNmnJpcykemrg_YQzhTLC50nT9hle5aG9w5XrcWNQsU2VaU2aJA1UJyEK0bMokGE13_ko-rJ4qfSbPVpIgPnHAp3wL47r0bvtMqQUr-1nF28lSKEPuo0IR7nmcd221jWTd7lDbz-RpSlsbDHKXFBKpb9B-El-ftIu3PYQrc2QGepqTPIMSkNB87sL5uvip4WKEBtOw1q88j1AlALKoYBLcI9KIjJ-0pInzKbz6c_jDSUDb06y0hfdm580fY_FnG4pGPDKwDlL7KX-tqcyx6fIxFOeaJLF3GvElt0hPzLvChh_9lPvAoblqfUygl-dKbJ7YoyX_pEw4kR9w6iibM21lZhf84iOYYabnLWpqS4ZnMm0nWXjbZHibF0I_O8dR5TXIiwt4DhXrmybEVd6jrjtrsb3pIg_FsvkMpNvUKQ6ErXPfbYcWhr0TzJUFuowx2r9oDs0r1vsdlhBompMI7K52Uual3RXTWHWC0Qck4VaOs8sV5yAR-nKLguCafGvGgMpIwcawjbrZMmuTkcADBY42NG6_Lyis2YpatDFjSiVGnL-dKFuTiJJARc9A6IiPF1fsvZ_OUVDkejqv0L1zxDUvMPUVJhwsZxuY_4JY_ZWcCfAWj2yu-XenFZUuyWdvwCmEEHcdkLZroxRDrP7W28n5CtJ2NpvyGIvyCnXbIiFyqS376vQpNPuEi3ZbhhnutGiJWdENJa5PuIgTth1TAD62YQsn7qRBN3gLedxl3MYK6XuiqbIdxoMEJI2OMpsjW348YlDC0B1AUom48intd0O__pdT20i6o0vJ3Uid8TPZiOv5KJUYIAlGHnmsTY5Ozhzh52zJlYkRNPSKQhrIrg0o-r8ZWHDFCcMVeXgPcxjG-cE7UcWflnPJq2gku8cki6xEyFsWZOXab2ZLrVFzRV45586K9SgeEDN9M0jAyFdAmnYE8Dmub0ds4-fUdkOydy-HdPgqRuZ2aHCW72rvwDNHk3ker_LpdiFproT17c1xCV-sYC-4X9LSmaFZ2CREaCAqaEnHUHVks76e-8s3aZQzlS-iIYQmHOMAMDF6kv7-xT551Mr3bNSgYwJCAuz0hPjLHlwwVqJyjXsf52H96-Qx2vlyWXus_ZV9yMc0fYqBZZnPim6f2nokoo1gVZtpiP-YbkP3yhUDmv6faw9JysYOCkjIDoW2R32DA6jiJQhdrf8rkmK4jEpcS_vrIb9qX-OwLgb6XRBLg6TSJ35Az1sW-XpoclWpiDQ-6SHxJ73eMEF0hPPFr57nRjxHSYzNHUKvKTD0wjZ9CH-lqpzvAZ02l8-Ri6uRcqJhEkAMSGFPtkEyZx1jVdNqJrz11MKKxffwb4VCoJdbk-ZN2ZLpVera94OWpIs1SfTK16a2Fh693f4kZ8CY1QPo16cE5NMBymsOvz_uMALmpjW2QIuXAYcguSxrCSJWtSDiX1mKSI-ti_6V_FaSgx7cvptemCbb1Y-9a5NojNpPUeeOdEWF8b4p2jOaFeRnNSvkkJGnlylGenkhO7OsjkVpP6iaOIccwG3eFLp8yCfuCbtHHa5rZ-9Mn4u8iueadbi9AIfJr5vnKcVa2mdzuPWR961SsuLwSCBgkmAxzy_H6-S4Fg_mVWvUeYceL534qygKHCzzS4vhz9dBCwpyR1VgI0JL3gPACZJa17g5c-kN4QL0kK6zFLmuW6sETyu_nOXUPn1cGAfK1y7Kb53qhpVfpaH8FOlS4At335CQIpJysElpqzCxenYpfwm1ZwNHNhNrVzBOE5-LOkSpIncVRXCqQUWkNqfR00AojF5Z4APEBJvQ_C6mfVRf5_NiVk0Yj1CdtPO6KbuItOlEd23sFXheBnagKvTDUJBWcgm2LmLhqfzfandxVs7Gsz25QsvCY674RfTImtJQ5ZWm__6BEprGgTb1gcen8htoUIqtFqhX0lSGfczae_qsgQn5gPSzicUCFFiEZrWa-p7X1e_J4SztfJvuQRal8He7wgmx_pChgVQytenLaxcT70ePqzRxzXTJpp3L7pC6LRFFO_Inj5Wrduv2A3xfNLYvigMJatpKbZ1DpFc_y-4JB_4rVFZouu-KFwd5nHwcQ6uNucuqY76AO-AGaZDU5FKGw1YQ4ENh2TNOM7GV6kyz3Fw77gxG0cLtT613zqlar8soda9tbhWxff-MFpmN7vYc3smIDJKMFWUF_6wbEYC3e4kIQjz_jlkPzX95Ea95myCWGD-dSpamLKMog0o_fa2NK-vOdzuHYSMOekf4&cid=CAASFeRo4LHQur9bQqOFHKtbi8FHFN9lLw&rfl=2%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:45:14 GMT content-encoding gzip x-content-type-options nosniff age 73 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9506 x-xss-protection 0 server cafe etag 11173536317444432557 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:45:14 GMT
GET H2	200	express_html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame 7ECA	106 KB 37 KB	300ms 22ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Origin https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 14:16:35 GMT content-encoding gzip x-content-type-options nosniff age 70192 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37892 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:52 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 14:16:35 GMT
GET H2	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 7ECA	8 KB 3 KB	12ms 8ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B4QdpSoSG7rS9gnUXav5Qlo1oUYR-CdXtIid5w1FjCpoQzBsiw5Ak6pvnpgU1mRqOz0pdk1M1v4ebVDBcq9CL1buxZ90xKY5YaQ2fihQC2qPKKJEkN63iAfUUUb3fnmvd8Q7hJOWg2lYMaCOxbIlyY3uOrMQ&dbm_d=AKAmf-A-aGdyTQwi6SqSDYWxvqx4oT6nXTPuHox1FSTjnNmCz-fjz6xiwDpMRuOgAFK8nC3Y3wqgAt50kWCEqQsvWJpzMbeKcHrb8XQXLwuoNyaqMxziyJ3VwdX223itMXypeR0rid5qsUwv5YCTNrRRcdDGdB5uPE1qFJIuVO0vs0vAwv-ICXyAsC0v9Uve8zq_53f_4fy5eiBD0GIqfE8zkFy3DLk5GvzTsMgeoSeNPOASp24Ipz-hPaWdGfikdfzX-ExsJzXjeBxqvDCT57BUQmRA_ap4EXWMuTFLGdE-hSg41lEhg_NVDRsE6per6-c8HIbAJAzl6ADKuQ7jcWnHGXU4ouvJJVXBZYJASz9ppJMSheolHS6tKkpTmv6O3nUReiS-KJ1pDoBaZTOIWW_w6yd1QHMhiX8wWsmhDjsmJEqJYkCKA41L3rVGaoFL34g715S3uOEWbcJJ70t4DTUj89-cymSjNka99ZnyJH3lOW_aAl8X2JMVPyOgqcHAaUYVK0evDic5lSTMtAzjBGA-bFxk6QjxEQWRGnKFI0KSxaEAjRqUnSd6_ZE05BnJ4KUaanJJuyXVf1Rbsr_x9LESWKo_AmjG0zGH---M6mJTShhxeOa62FkyidILuZP4zUJ_icQgFlpoIb5ft1HrPmZqoNLGIWL3R6lALzyXZmdjnBlc5evDN5kOFQSKa_MaEK3TOhshAjaBoy9ve77ykghyatUxsMDCw51w2vCyqKVy20KddZpTuBnCFb9MoXgzgqyyhjoAdRV2MCd03Yt1s_47a8fpk-ZNFdIEBdLQbD9aQ9EvllLsGMp0t0XaTiQxbGFeHFMhf01b4DHpzOoFz80j90t3XfH7nZly6VPnUMerj4f6Y9342bEO5eNV8evkGR0jf4NmHL8N-boo6xxHwD0dorXezJ__Brr57C4Z4VboIcnyLiIPZrsEFU0lxhfQREIo_K8JCJUSO-1miFcWZJ5whZxL5h7aG17TW4HAmgFMO-JZEw8spK3i5cykT03TkU410M-lXG_7MaBhS2rSx_kJvxqlIZl2skruxTP7VGHoj0JibvDGpTm7_5sD-M_tjfReSlII7clortKTsm7V7Fz-ma88Bi25D-Rm6L14GOvtEVEdQWsIE6PqTYBzbYG8Jtm6bznjbeCGiRx-rq2XOfxuBMKyPXTNQ7nQq3edyHGgVWc4RtHoPRFpvjgWARYug97pR3B7z38UKporGL38fq7jYZhsgnGXRaTaIRsYMQzpSZmP4JRsOgpLEH8taWC-xxvhej-8urPn-t-crq1ghHErj108DIC0hLpUAUp0U96W_Apxw5IFLRAHOj1euidPN21ClivUTxu6OmWFsZuJe-k7Ad5SriPRK4Alz0WqJkncsrJScCUKhJ5BSjodscWNe7vxoQhYec_rbKxQ5pHh1nrcSBeoBOj-izAjUEhybCxt6aikU592JwUamUbNb4x9_IjEWZOn435Qj5_n8FlM7BzS2FWuQuWOwF6HE1cu1_KRhYZ8rtZ-C5y8MnTNEmCkEhcecd6nSYgDVmatigsA6l_wo1x0RfbogEPoq0mscxi25KjreFt-FjIVMSAIydRlyALr3NwUNlZ_dtVFtlNqQmfillnuTdCbLJip1Rl5YPMaQwOW_YiMHfoHbFB-MRJpNKBARaokSuPpIz-cFvVd6t42wccI3Ndsy_EOq2OQkvDby8sPZ-mbLzP_dDiA0EvrPmz77rAE4FpUKLJFOgHrLgI3HHORhQNv28VTz-J6WNi7oPEENTwznOJjZTQ0V9DfQ3Y0Z1kYuLq8bQHws14k6rlmG0_nAxa_pV89xngz5rEmYlZcXALSD1m46qYS2bBy3BX3gWAjv7K2qhScSAh7bQz0OEcJt4quHxipF-N_14uPD32c0rzcNQfxjfbIv-W2zuSysP1ph4u01roKeUq9nH5C6c9eop4QsXthfXJ_hioWchgyKgWWNtgkbfhINQZwuIrRcgfbe51Ik_VK9K92NWoSafLUhgXBrQncUJBsM-GEGtkk9CCVaMmbDqV3x8gQ-u9QDTcUDX_q5I_Ec_wMlH7_HDjd1LB4HBLLegNonKtIC0MghLi0pexZymzLThaMSmzZZq0ekvqhdDS6rFeMynD6gLinKFMHQxCQwiT07-K7UCuqadMtFOR3mSFXVf-HS_Ot_6wNAZQ08S4mfFsF0Zw07MxYPgfT7zUpOEFIrmOHptPYbACGS8Ja0Onbv3-JhDbhMnHXB3V0q5k3PKPQ3eFJzbVZ6i07ctaFOGC5cPtrB1EjYAr0VqiIw0uTx-sXirIUxUUofckzwvC8gxmFxuRCL2VswaoHhkYCAiE-PvrpL7AT1xjKgTt_W3dgpJ0s5FosELEpCDXgKVpYjNViyHMMGzaSigEQpnjGsM_sJmg2WVSMlnEmZYBWkxsAMfY4OxoVEkdfIn32mXeRTzGQj2uk7eGy0y_5BHWUHZIiYWLtkrCULX02AsnXUgv03ntXua9_3Y4DvNlwJT6j8iRee6rASJbHBqzTakCKQcT0Buv5nyNUZOIJLrE1S1Nts6DUaymJjmGuQqD26FmNsxda-0p6fPyk0e9HXxPLprLGQcgS2rs_qGQO5PD2yC_M08Q-zQXOz9W6TuV-CfpWSkBmSv87bL6DWO-9sx3zKY2emeJeKbPmx68vVVCmNyQbJFPlHLZy28EkX6vUceoqiNcpG2ECfwDgIC49eZEbE-VUUJTvz20R9rHMqM1etNNKc5c8UicXDwF8_vnzXC07adCVHbj3FfhLYftHBL8grtqLo6h12gLXEVqgaPgb2zArOljVkpfV7pOR6clbdVyS2j-EZP6D4JGhSTgJmzjj_lEd7MEiNVA_1IPzLO_0Z7g1S5BglJUVXOY9Htz413IiE2xUtjdheg_KRYwj6xgvS-UEyrHZpvilmKZOhaA9qtqT0tGh8xP5Mz5agkzFBG7bj3uUUV55_Djof_BkY1StdZt0q8XGYgDudUNL0TKrfNwfReafAZDNsSnsatlWdMs6vTruN1WaLVTgyewVWNgbE_jZ4huVZGMWVuXnuEM&cid=CAASEuRotZIG2qCeqVpKPD_hvRqLmQ&rfl=2%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:43:32 GMT content-encoding gzip x-content-type-options nosniff age 175 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3140 x-xss-protection 0 server cafe etag 17163059639670574047 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:43:32 GMT
GET H2	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 7ECA	24 KB 9 KB	14ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B4QdpSoSG7rS9gnUXav5Qlo1oUYR-CdXtIid5w1FjCpoQzBsiw5Ak6pvnpgU1mRqOz0pdk1M1v4ebVDBcq9CL1buxZ90xKY5YaQ2fihQC2qPKKJEkN63iAfUUUb3fnmvd8Q7hJOWg2lYMaCOxbIlyY3uOrMQ&dbm_d=AKAmf-A-aGdyTQwi6SqSDYWxvqx4oT6nXTPuHox1FSTjnNmCz-fjz6xiwDpMRuOgAFK8nC3Y3wqgAt50kWCEqQsvWJpzMbeKcHrb8XQXLwuoNyaqMxziyJ3VwdX223itMXypeR0rid5qsUwv5YCTNrRRcdDGdB5uPE1qFJIuVO0vs0vAwv-ICXyAsC0v9Uve8zq_53f_4fy5eiBD0GIqfE8zkFy3DLk5GvzTsMgeoSeNPOASp24Ipz-hPaWdGfikdfzX-ExsJzXjeBxqvDCT57BUQmRA_ap4EXWMuTFLGdE-hSg41lEhg_NVDRsE6per6-c8HIbAJAzl6ADKuQ7jcWnHGXU4ouvJJVXBZYJASz9ppJMSheolHS6tKkpTmv6O3nUReiS-KJ1pDoBaZTOIWW_w6yd1QHMhiX8wWsmhDjsmJEqJYkCKA41L3rVGaoFL34g715S3uOEWbcJJ70t4DTUj89-cymSjNka99ZnyJH3lOW_aAl8X2JMVPyOgqcHAaUYVK0evDic5lSTMtAzjBGA-bFxk6QjxEQWRGnKFI0KSxaEAjRqUnSd6_ZE05BnJ4KUaanJJuyXVf1Rbsr_x9LESWKo_AmjG0zGH---M6mJTShhxeOa62FkyidILuZP4zUJ_icQgFlpoIb5ft1HrPmZqoNLGIWL3R6lALzyXZmdjnBlc5evDN5kOFQSKa_MaEK3TOhshAjaBoy9ve77ykghyatUxsMDCw51w2vCyqKVy20KddZpTuBnCFb9MoXgzgqyyhjoAdRV2MCd03Yt1s_47a8fpk-ZNFdIEBdLQbD9aQ9EvllLsGMp0t0XaTiQxbGFeHFMhf01b4DHpzOoFz80j90t3XfH7nZly6VPnUMerj4f6Y9342bEO5eNV8evkGR0jf4NmHL8N-boo6xxHwD0dorXezJ__Brr57C4Z4VboIcnyLiIPZrsEFU0lxhfQREIo_K8JCJUSO-1miFcWZJ5whZxL5h7aG17TW4HAmgFMO-JZEw8spK3i5cykT03TkU410M-lXG_7MaBhS2rSx_kJvxqlIZl2skruxTP7VGHoj0JibvDGpTm7_5sD-M_tjfReSlII7clortKTsm7V7Fz-ma88Bi25D-Rm6L14GOvtEVEdQWsIE6PqTYBzbYG8Jtm6bznjbeCGiRx-rq2XOfxuBMKyPXTNQ7nQq3edyHGgVWc4RtHoPRFpvjgWARYug97pR3B7z38UKporGL38fq7jYZhsgnGXRaTaIRsYMQzpSZmP4JRsOgpLEH8taWC-xxvhej-8urPn-t-crq1ghHErj108DIC0hLpUAUp0U96W_Apxw5IFLRAHOj1euidPN21ClivUTxu6OmWFsZuJe-k7Ad5SriPRK4Alz0WqJkncsrJScCUKhJ5BSjodscWNe7vxoQhYec_rbKxQ5pHh1nrcSBeoBOj-izAjUEhybCxt6aikU592JwUamUbNb4x9_IjEWZOn435Qj5_n8FlM7BzS2FWuQuWOwF6HE1cu1_KRhYZ8rtZ-C5y8MnTNEmCkEhcecd6nSYgDVmatigsA6l_wo1x0RfbogEPoq0mscxi25KjreFt-FjIVMSAIydRlyALr3NwUNlZ_dtVFtlNqQmfillnuTdCbLJip1Rl5YPMaQwOW_YiMHfoHbFB-MRJpNKBARaokSuPpIz-cFvVd6t42wccI3Ndsy_EOq2OQkvDby8sPZ-mbLzP_dDiA0EvrPmz77rAE4FpUKLJFOgHrLgI3HHORhQNv28VTz-J6WNi7oPEENTwznOJjZTQ0V9DfQ3Y0Z1kYuLq8bQHws14k6rlmG0_nAxa_pV89xngz5rEmYlZcXALSD1m46qYS2bBy3BX3gWAjv7K2qhScSAh7bQz0OEcJt4quHxipF-N_14uPD32c0rzcNQfxjfbIv-W2zuSysP1ph4u01roKeUq9nH5C6c9eop4QsXthfXJ_hioWchgyKgWWNtgkbfhINQZwuIrRcgfbe51Ik_VK9K92NWoSafLUhgXBrQncUJBsM-GEGtkk9CCVaMmbDqV3x8gQ-u9QDTcUDX_q5I_Ec_wMlH7_HDjd1LB4HBLLegNonKtIC0MghLi0pexZymzLThaMSmzZZq0ekvqhdDS6rFeMynD6gLinKFMHQxCQwiT07-K7UCuqadMtFOR3mSFXVf-HS_Ot_6wNAZQ08S4mfFsF0Zw07MxYPgfT7zUpOEFIrmOHptPYbACGS8Ja0Onbv3-JhDbhMnHXB3V0q5k3PKPQ3eFJzbVZ6i07ctaFOGC5cPtrB1EjYAr0VqiIw0uTx-sXirIUxUUofckzwvC8gxmFxuRCL2VswaoHhkYCAiE-PvrpL7AT1xjKgTt_W3dgpJ0s5FosELEpCDXgKVpYjNViyHMMGzaSigEQpnjGsM_sJmg2WVSMlnEmZYBWkxsAMfY4OxoVEkdfIn32mXeRTzGQj2uk7eGy0y_5BHWUHZIiYWLtkrCULX02AsnXUgv03ntXua9_3Y4DvNlwJT6j8iRee6rASJbHBqzTakCKQcT0Buv5nyNUZOIJLrE1S1Nts6DUaymJjmGuQqD26FmNsxda-0p6fPyk0e9HXxPLprLGQcgS2rs_qGQO5PD2yC_M08Q-zQXOz9W6TuV-CfpWSkBmSv87bL6DWO-9sx3zKY2emeJeKbPmx68vVVCmNyQbJFPlHLZy28EkX6vUceoqiNcpG2ECfwDgIC49eZEbE-VUUJTvz20R9rHMqM1etNNKc5c8UicXDwF8_vnzXC07adCVHbj3FfhLYftHBL8grtqLo6h12gLXEVqgaPgb2zArOljVkpfV7pOR6clbdVyS2j-EZP6D4JGhSTgJmzjj_lEd7MEiNVA_1IPzLO_0Z7g1S5BglJUVXOY9Htz413IiE2xUtjdheg_KRYwj6xgvS-UEyrHZpvilmKZOhaA9qtqT0tGh8xP5Mz5agkzFBG7bj3uUUV55_Djof_BkY1StdZt0q8XGYgDudUNL0TKrfNwfReafAZDNsSnsatlWdMs6vTruN1WaLVTgyewVWNgbE_jZ4huVZGMWVuXnuEM&cid=CAASEuRotZIG2qCeqVpKPD_hvRqLmQ&rfl=2%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:45:14 GMT content-encoding gzip x-content-type-options nosniff age 73 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9506 x-xss-protection 0 server cafe etag 11173536317444432557 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:45:14 GMT
GET H2	200	express_html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame E933	106 KB 37 KB	278ms 17ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Origin https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 14:16:35 GMT content-encoding gzip x-content-type-options nosniff age 70192 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37892 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:52 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 11 Nov 2021 14:16:35 GMT
GET H2	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame E933	8 KB 3 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHlSYki84r__5NdI9NKPJxK4udNB3g4uIhsy561TvxHMKJM9xLvcYfGuckNGKKAKMK5OdJvfAAYygGfOM8R9VLjw6qw-wL7rXlF49F41gBgpq3Jtfwp3LL61dYcS1JB6EJB77ljTranVL186tScinaCwfRhA&dbm_d=AKAmf-ALNvdQQJcFsscJfoXFMu4oxv6sYwYXTDtfCSRID-EQp01l61BiUGaNX1H1W-pewrsE0rw2XqPi2MpsbBy5f_SmvajYZJXOxvFFRn1sdFuibVJVw_6oXbdIMzC5inOm0IFOgtd4IikwziJfcOXa4Hy8gIPANn9IppdFgZyh4BKV5xjG-nvYU91MXPaKXEbx2S0PuviiRkSch1X2jz7s1YmJ5qVs9JK88nkxWlqUQEufua67cZJccv2QxQ0_nnL_KXpqGd_aD3fVWJsdoUiD8wAL5JoPwXlJHpn0PF4wO71Zm02K7rpwBhOkOphk0qTa7XpgtzNBWOios6neUiekTqJocgGBN3mzb0gJm56ZelX9uPk2CfXV912guS8PDFeUoZPaAdaL-270uO93Jkd5_X-G3Ne8LOGM1ex-4T2dYP1fw16mcr2ZUS8LzPu4k_BpmsQEHZVmhQVsTJL8CEDze2NHlhi_BTqCpt3c1T_T-cgfXbjjNje6aG2TmEIIk0eGe0egDWWAaOsd4kahs83ljq1WXETeQt10VTTdMyWXtUAO8h5PXvbFfpi2pbA3SGgHV_o03VhYo2CxG6Hgl1j8KY6f4i90TYvymCfle50TfnVHDaCrCCFGSCwdN4skyQA0vzUXMld-ucxWWkjRwKtVmfS_xNgJ3_2BjZLbPiZ8BbFySAxXKsxaJl_gGLhdB5HCYQ8fT9NqB4QuAHTNcQ7Wxs8_AWcVH53AGNjwHxdKmECdZizHiUj0S1wAGcyb30eS6c5RXFXOykGLxXTg-lD_xcFpdVYcrNIY3F6HoB8FkUzz0iCEAxcdevsPzvVX9l7D3k5g8J7ucXRJPyDzuzpGqLF1ph9AkrzMKZSlk6iBcUyITiDOjCOW8q1aQ2JBoMaIa0otwzleHN9KogY8ixs2eZ70xqubDyTIiEDhgAOxtoxlK6DjAKm1mE3vr3Laa-6W32EZNSzJHrZvUjl_B9q5NwSME_sPlwkURyK05de3HJdPkQruVKE0AwbHft5LIW_Q-sTlOrTbhg2G5KKKbMkyww6G9tYbnf9EcfKKPSDH7rw0ard-PGtbRClVyuMMBOleqOstvcNdwYnYcQe-uJOsZg2u0WefYMvQXTZdq6fHNPMyiPCow0I9BYvrgHGwtmsZBti_oScTtj0nNkLS1YJYujUE8t2sytk7FX66tqGVya6KdOVTzg0LMAlp1q6ItDPaqFlMV7-iOqjO85jJOvefU9We2w7Noa08BqEFs-oiiY_ZIKMmREX4sywpOz7Ax3kQZb9-nqOdMAeNx5wkZUMj2gLzHSONUmBL9kdB4x3E2VM6MwrT5dZ-D9sQHJPX9BMsapKKIu6Jy7kjPiwz6gb5X3q8M2BFHhGbdj-BZVwJ16LG7bMb3WLu3imOZxPcGTdWCF0aEmzmjk2ssH2j9B0_uYrKs1fIw_pHSJylf6lhKpRaelzMaugctV363Lllv-Koqd977ANY6cbXVpQT40V-cbT0y4RD2vISk2CWDGefSDiLAWGVIQO0YLWAB-YOEuVNJlHZHGZMJYDmsFJrHHbg0pRorEXLO7Gw6V8LT9Bu7B1R83p0_iZ-Bq_nzkpC7afYnbRmVAwWPzQNzcQAuDGHbIF4tOX2n7_yc4NYxqAUVj-unR6gTn4TyqmEqvwdoaToJtXs_30zUO3tWLNr3VMa6_-iCtZhum0bGUcPV5v-610ogCCl1t9r0qpJhh2uZt5mEyP8iFLsGicK4U-T_juyaBC7tk1DHW9s-yd___G5FEma1OEIl0aLe_tSVRpG9eWBxSOUqi9qV74BMdpjZ7NFnNoL-aPlH9RI26QC9zcG3qTWWuroO8v07QgLhz8ML3L63ARa0wu4DNWLkZQVijueZMTVovlHCbjYyvk59A_PPetFyzgguEZYj_qbWOM2x56K6NcpTrogXAPLQlwu-9tTDw3ZO69qarGyafNK69gAEdBaoMEfbB2IzfApxNNOycTsrZbkhQVOn6I7EG3k1pcLndhc0dd1DZZAPjP91HwVZmGUJ2e5ndWnXeDU-llEZc3Gz8Z43VrbVptnbMxPgRFxuGJiaD5OQLHesGS8ho5okJ9ttkzGKeZ-jxGuMfQDgbuznbHS4H_ouv2iKIUuy8j5GehEjF-yU8_je78kXSWM6ve7hj2mCZCeQR5wxv_7sasaapbD5r9QLjK1OyZx4Jjreq7ogF9Vh9x8MCxDoBN0o-ET_MLq6Kc3l8NUPgnJ6r3-WSMIVpjsdpaHTk0ZB9zq2Jo8QKs2IwFmyPw3hKjkQp6DvJiBqqi3LljOQSfQ6WspyRcsRwfJD9f7yBn9F_XPUYBKBVbPrNizDwtHwSvbteVZRrXsSIBAXFRk8TS5U5rpLeph-O6MjBQnS45-9Rnd3W3JZw-xv2fH0VVVkEwkQuZru_ku2RbNhQwZgmQuFV1VPNl58P0ODoBIdQ9YQDJ3HGvx-Pi880j7LxLA_QPDliLoeLzM9A86P07TMcJguu-Z7DhyRrAn35ZMoY89auVCbCRHp7ukZVsugBpX5Mv9gkpLissmYnAik1bltjFGorSPE6-stmW3XGanlTaQbHcO9ZvplJnssa188Ekh-C_U09IzjhN2lxoUmZ2XDyUsRlNpfD6HEYvAUd6xCpZ8M8dlaMs1ktk5kfhVhlzUu9ODRaXbov8U0IxSwTqiCmvRvq89xgG1vq5ltWe57u_PuRkCy-NB2nXnObGPVKqccgc-7PQTk8S-9p8FZJ3Ds4JVe9Rrd0vY3odupb9X7UngsmKyYs6yj9YBVh1s1ih8F76gW_l-WFDDgTMyylTUu0ZUyQ5Y7CMfh7jHOYkfEabOJ3Aruu0gaNZKMxTA2JnDKzbD9tHAKZIqUUsRTeS02ObfCGDWlr4qFBbmVUj_B6KK-EzMhqh2fqG4Nja7hXyIpEnhxZj0nlIDwZc7Zvt6HlM3Uigr5p6M0Ivv9cJZII-r7NGJHhYiHBAvISsJd6kG_KWxzhhp8CiuZ4l_-qd8oQa-X0KOtVjsYGQVBykjoeYjdgF-xVYGp7vPwN_4gIlYkMY5XytJ8p1vPI4&cid=CAASEuRo98GIUbCWG321DCmnh4-H9A&rfl=2%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:43:32 GMT content-encoding gzip x-content-type-options nosniff age 175 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3140 x-xss-protection 0 server cafe etag 17163059639670574047 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:43:32 GMT
GET H2	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame E933	24 KB 9 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHlSYki84r__5NdI9NKPJxK4udNB3g4uIhsy561TvxHMKJM9xLvcYfGuckNGKKAKMK5OdJvfAAYygGfOM8R9VLjw6qw-wL7rXlF49F41gBgpq3Jtfwp3LL61dYcS1JB6EJB77ljTranVL186tScinaCwfRhA&dbm_d=AKAmf-ALNvdQQJcFsscJfoXFMu4oxv6sYwYXTDtfCSRID-EQp01l61BiUGaNX1H1W-pewrsE0rw2XqPi2MpsbBy5f_SmvajYZJXOxvFFRn1sdFuibVJVw_6oXbdIMzC5inOm0IFOgtd4IikwziJfcOXa4Hy8gIPANn9IppdFgZyh4BKV5xjG-nvYU91MXPaKXEbx2S0PuviiRkSch1X2jz7s1YmJ5qVs9JK88nkxWlqUQEufua67cZJccv2QxQ0_nnL_KXpqGd_aD3fVWJsdoUiD8wAL5JoPwXlJHpn0PF4wO71Zm02K7rpwBhOkOphk0qTa7XpgtzNBWOios6neUiekTqJocgGBN3mzb0gJm56ZelX9uPk2CfXV912guS8PDFeUoZPaAdaL-270uO93Jkd5_X-G3Ne8LOGM1ex-4T2dYP1fw16mcr2ZUS8LzPu4k_BpmsQEHZVmhQVsTJL8CEDze2NHlhi_BTqCpt3c1T_T-cgfXbjjNje6aG2TmEIIk0eGe0egDWWAaOsd4kahs83ljq1WXETeQt10VTTdMyWXtUAO8h5PXvbFfpi2pbA3SGgHV_o03VhYo2CxG6Hgl1j8KY6f4i90TYvymCfle50TfnVHDaCrCCFGSCwdN4skyQA0vzUXMld-ucxWWkjRwKtVmfS_xNgJ3_2BjZLbPiZ8BbFySAxXKsxaJl_gGLhdB5HCYQ8fT9NqB4QuAHTNcQ7Wxs8_AWcVH53AGNjwHxdKmECdZizHiUj0S1wAGcyb30eS6c5RXFXOykGLxXTg-lD_xcFpdVYcrNIY3F6HoB8FkUzz0iCEAxcdevsPzvVX9l7D3k5g8J7ucXRJPyDzuzpGqLF1ph9AkrzMKZSlk6iBcUyITiDOjCOW8q1aQ2JBoMaIa0otwzleHN9KogY8ixs2eZ70xqubDyTIiEDhgAOxtoxlK6DjAKm1mE3vr3Laa-6W32EZNSzJHrZvUjl_B9q5NwSME_sPlwkURyK05de3HJdPkQruVKE0AwbHft5LIW_Q-sTlOrTbhg2G5KKKbMkyww6G9tYbnf9EcfKKPSDH7rw0ard-PGtbRClVyuMMBOleqOstvcNdwYnYcQe-uJOsZg2u0WefYMvQXTZdq6fHNPMyiPCow0I9BYvrgHGwtmsZBti_oScTtj0nNkLS1YJYujUE8t2sytk7FX66tqGVya6KdOVTzg0LMAlp1q6ItDPaqFlMV7-iOqjO85jJOvefU9We2w7Noa08BqEFs-oiiY_ZIKMmREX4sywpOz7Ax3kQZb9-nqOdMAeNx5wkZUMj2gLzHSONUmBL9kdB4x3E2VM6MwrT5dZ-D9sQHJPX9BMsapKKIu6Jy7kjPiwz6gb5X3q8M2BFHhGbdj-BZVwJ16LG7bMb3WLu3imOZxPcGTdWCF0aEmzmjk2ssH2j9B0_uYrKs1fIw_pHSJylf6lhKpRaelzMaugctV363Lllv-Koqd977ANY6cbXVpQT40V-cbT0y4RD2vISk2CWDGefSDiLAWGVIQO0YLWAB-YOEuVNJlHZHGZMJYDmsFJrHHbg0pRorEXLO7Gw6V8LT9Bu7B1R83p0_iZ-Bq_nzkpC7afYnbRmVAwWPzQNzcQAuDGHbIF4tOX2n7_yc4NYxqAUVj-unR6gTn4TyqmEqvwdoaToJtXs_30zUO3tWLNr3VMa6_-iCtZhum0bGUcPV5v-610ogCCl1t9r0qpJhh2uZt5mEyP8iFLsGicK4U-T_juyaBC7tk1DHW9s-yd___G5FEma1OEIl0aLe_tSVRpG9eWBxSOUqi9qV74BMdpjZ7NFnNoL-aPlH9RI26QC9zcG3qTWWuroO8v07QgLhz8ML3L63ARa0wu4DNWLkZQVijueZMTVovlHCbjYyvk59A_PPetFyzgguEZYj_qbWOM2x56K6NcpTrogXAPLQlwu-9tTDw3ZO69qarGyafNK69gAEdBaoMEfbB2IzfApxNNOycTsrZbkhQVOn6I7EG3k1pcLndhc0dd1DZZAPjP91HwVZmGUJ2e5ndWnXeDU-llEZc3Gz8Z43VrbVptnbMxPgRFxuGJiaD5OQLHesGS8ho5okJ9ttkzGKeZ-jxGuMfQDgbuznbHS4H_ouv2iKIUuy8j5GehEjF-yU8_je78kXSWM6ve7hj2mCZCeQR5wxv_7sasaapbD5r9QLjK1OyZx4Jjreq7ogF9Vh9x8MCxDoBN0o-ET_MLq6Kc3l8NUPgnJ6r3-WSMIVpjsdpaHTk0ZB9zq2Jo8QKs2IwFmyPw3hKjkQp6DvJiBqqi3LljOQSfQ6WspyRcsRwfJD9f7yBn9F_XPUYBKBVbPrNizDwtHwSvbteVZRrXsSIBAXFRk8TS5U5rpLeph-O6MjBQnS45-9Rnd3W3JZw-xv2fH0VVVkEwkQuZru_ku2RbNhQwZgmQuFV1VPNl58P0ODoBIdQ9YQDJ3HGvx-Pi880j7LxLA_QPDliLoeLzM9A86P07TMcJguu-Z7DhyRrAn35ZMoY89auVCbCRHp7ukZVsugBpX5Mv9gkpLissmYnAik1bltjFGorSPE6-stmW3XGanlTaQbHcO9ZvplJnssa188Ekh-C_U09IzjhN2lxoUmZ2XDyUsRlNpfD6HEYvAUd6xCpZ8M8dlaMs1ktk5kfhVhlzUu9ODRaXbov8U0IxSwTqiCmvRvq89xgG1vq5ltWe57u_PuRkCy-NB2nXnObGPVKqccgc-7PQTk8S-9p8FZJ3Ds4JVe9Rrd0vY3odupb9X7UngsmKyYs6yj9YBVh1s1ih8F76gW_l-WFDDgTMyylTUu0ZUyQ5Y7CMfh7jHOYkfEabOJ3Aruu0gaNZKMxTA2JnDKzbD9tHAKZIqUUsRTeS02ObfCGDWlr4qFBbmVUj_B6KK-EzMhqh2fqG4Nja7hXyIpEnhxZj0nlIDwZc7Zvt6HlM3Uigr5p6M0Ivv9cJZII-r7NGJHhYiHBAvISsJd6kG_KWxzhhp8CiuZ4l_-qd8oQa-X0KOtVjsYGQVBykjoeYjdgF-xVYGp7vPwN_4gIlYkMY5XytJ8p1vPI4&cid=CAASEuRo98GIUbCWG321DCmnh4-H9A&rfl=2%2Chttps%253A%252F%252Fgrandnoticias.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:45:14 GMT content-encoding gzip x-content-type-options nosniff age 73 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9506 x-xss-protection 0 server cafe etag 11173536317444432557 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Nov 2021 09:45:14 GMT
GET H2	200	index.html Show response s0.2mdn.net/sadbundle/10966854445168883950/ Frame C97A	96 KB 22 KB	30ms 8ms	Document text/html	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/10966854445168883950/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dc173ce7391f793bd7f9fab38563f10295a3e0227e225e6b9cd8163742ae2c25 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * date Fri, 05 Nov 2021 02:54:12 GMT expires Sat, 05 Nov 2022 02:54:12 GMT last-modified Thu, 21 Oct 2021 08:42:59 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 content-length 21788 age 543135 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 2AFA	0 571 B	113ms 55ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvl3bGDklmPv_KkdlSyrpwE5F5ZQrduvDq6XCPbqlvfy2uqoqaX5ifoRDSJ5LiJF2XMaIumDy-Dzx8D3XgL8mpk4K6OSo9uTCXKPJvCCzcpQvMVXIAzc343H7QnCtEJQO5R8m4L51d7gc3pThAxZOrr-ezsjiBkWeWHWv4vV_b8Hr3mokC5Sy7zcfmUqywDth5VjQ9kS6oD1GIcKdMeoFnSl_rQzO0BDVptN7SxJDJKAn7nqKfJv34deXydMphifhiPeviIzWgmECESjxauXbJ2q6wpL2pnrI8yPh4CQRAJgrm2MUyp-Z2ILgk17II7o_7u9y3hgSh66iJx1WKqu3pH2CoQtUQiqC-I322FitEYIR71bh_662JAp6sDISP3ZtraPXXwn03otVjL9z8-BAK7VPNGXyw-FWDE_uoCL3N58XUmSaI-wqCylLZq9eXMYaSUJb03FFfYHmJOSPVWoBYKwZnmA7tZqTNs1HrFGVWno6u4q1VwA27RrgZNYMdVhte6Qp_4EAZP10jnei4t3XaLMLQaDr44rpQLu2V1-cdZixaJ-BgjKXFuSRyDYf4JfsQzhC1w5K1IFnN6ph5-Bb-xnsXU-yPB5lv2FM2na7yFYeiBVGIFgUdfaO6JifkNoVTTk8-9rH-mlqnCxSerHp8r55lcis02pcWPgaexOXyE_cvQ55TaW4kXG1DuTsSEJsPWWhRf12xGRhe-v90nVNSEhR-P3CwX-63Zo0WtyF4tcZJ8ypm9VkeG5DMsgGAGdcmnp7AC8wseWLFa3PtST7Mm2Xhf44dIsI0X8Zd-6De8JKvPt6nRUZOxjf4Uq6iA7hTkBQxrGsvB8C0zGADq2HWhF5VKqjq7d3iGbQbgBwXVic9RResE1KygZfmLx5qoKffMtZA3NuNHCAegAJymafQLJomKE-3aaf_XygGGqI3FY-hoF20Hf5ysgJjToDpXk4kpnt7SSsYQI8x68hQ1e6Rq1UClf2N7r5qRo6NICxBIVJno7d0c6y69Y4mp99d1wRFWHQ8Lc3u-6vcIoM0_1wprse4yqRpEn1cvU7OLjQVHUjkBd7Dpf1FpQqISEuSoipy0gnA8Ktz6f7b6N13jp6GrVJgtES3JKHfOtR72s8An4-hXbc03mHXvc_HsopdimeX3EsOjuNSpFx9IuPIpinqowzXhHGtIHqKjNOlgi6992XLQXNTMU5U&sai=AMfl-YQRIHsZ0Rkti_cCNeS1CqKlohi346WhLLuBv-jq8mvH99kMy7QDeBhpocpkBGKuVjg4La03piz44FgbNjafYxGyV7CKNLnmRYIKw9PIfdoErkEP5FyFVFoT07ZVX1wyRXF9C-FoexbrdSVe4n2m8aJCjJ_xWclsoP2zw7M&sig=Cg0ArKJSzKO3L-bqeAfwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=468&cbvp=1&cstd=462&cisv=r20211108.74223&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Thu, 11 Nov 2021 09:46:27 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame F590 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1	43 B 894 B	106ms 26ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwsGkuAEwAQ&v=APEucNUcqF8u4aDrFXvexDaGQqWF_-QG9P6TN9U6_ILxVfj5kCkyItVcBZoncySqaBvvas9FJaWj5c1WB2eQDW7-ykaZasHgNTaM08XVhSEw0Turstakihh4IgkKBLYLWpKJ79YicXwY2BbZO_XN5kcd6WMgtYemhddYKDWMsLVY9rUKU7BRsHIWDbfVX2Dge7svEGJUge5nbMkoGCnUC-rVaG5mG-1w5A Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 11 Nov 2021 09:46:27 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame F590 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzmczAgIHWxfUe5hI804gAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1	43 B 894 B	24ms 24ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwsGkuAEwAQ&v=APEucNUcqF8u4aDrFXvexDaGQqWF_-QG9P6TN9U6_ILxVfj5kCkyItVcBZoncySqaBvvas9FJaWj5c1WB2eQDW7-ykaZasHgNTaM08XVhSEw0Turstakihh4IgkKBLYLWpKJ79YicXwY2BbZO_XN5kcd6WMgtYemhddYKDWMsLVY9rUKU7BRsHIWDbfVX2Dge7svEGJUge5nbMkoGCnUC-rVaG5mG-1w5A Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 11 Nov 2021 09:46:27 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame F590 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1	43 B 1002 B	90ms 86ms	Image image/gif	185.33.221.89 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwsGkuAEwAQ&v=APEucNUcqF8u4aDrFXvexDaGQqWF_-QG9P6TN9U6_ILxVfj5kCkyItVcBZoncySqaBvvas9FJaWj5c1WB2eQDW7-ykaZasHgNTaM08XVhSEw0Turstakihh4IgkKBLYLWpKJ79YicXwY2BbZO_XN5kcd6WMgtYemhddYKDWMsLVY9rUKU7BRsHIWDbfVX2Dge7svEGJUge5nbMkoGCnUC-rVaG5mG-1w5A Protocol HTTP/1.1 Server 185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT X-Proxy-Origin 194.36.108.20; 194.36.108.20; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 763a2324-a624-454b-b59e-554a89224a55 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame F590 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D	170 B 188 B	18ms 18ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwsGkuAEwAQ&v=APEucNUcqF8u4aDrFXvexDaGQqWF_-QG9P6TN9U6_ILxVfj5kCkyItVcBZoncySqaBvvas9FJaWj5c1WB2eQDW7-ykaZasHgNTaM08XVhSEw0Turstakihh4IgkKBLYLWpKJ79YicXwY2BbZO_XN5kcd6WMgtYemhddYKDWMsLVY9rUKU7BRsHIWDbfVX2Dge7svEGJUge5nbMkoGCnUC-rVaG5mG-1w5A Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT X-Proxy-Origin 194.36.108.20; 194.36.108.20; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 84c0e7f3-f24b-434d-966c-a406835097e2 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 003C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1	43 B 894 B	42ms 27ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNVpV-NVy5x0kSOuPzPF7P_w8ts8_k_6n8kqPakQ3B5QSEi5ThInE4e34qtHoeVVpjhvLvvIhv4eddzdJM8aPujcRN6wwzSY1HYm9O32m0IMYRh-9giyPsC5rtZtUtgW8fK1tQiyXzP4hm_ljoVrvsavBzaB-Vyef7SSYEeKZf6F4z-anFq58dp2c1oE_v9ZaimLwi1RD2lVYbONRKQ5lySdsj2b3Q Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 11 Nov 2021 09:46:27 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 003C Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzmczAgIHWxfUe5hI804gAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1	43 B 894 B	28ms 28ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNVpV-NVy5x0kSOuPzPF7P_w8ts8_k_6n8kqPakQ3B5QSEi5ThInE4e34qtHoeVVpjhvLvvIhv4eddzdJM8aPujcRN6wwzSY1HYm9O32m0IMYRh-9giyPsC5rtZtUtgW8fK1tQiyXzP4hm_ljoVrvsavBzaB-Vyef7SSYEeKZf6F4z-anFq58dp2c1oE_v9ZaimLwi1RD2lVYbONRKQ5lySdsj2b3Q Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 11 Nov 2021 09:46:27 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 003C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1	43 B 1002 B	125ms 33ms	Image image/gif	185.33.221.89 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNVpV-NVy5x0kSOuPzPF7P_w8ts8_k_6n8kqPakQ3B5QSEi5ThInE4e34qtHoeVVpjhvLvvIhv4eddzdJM8aPujcRN6wwzSY1HYm9O32m0IMYRh-9giyPsC5rtZtUtgW8fK1tQiyXzP4hm_ljoVrvsavBzaB-Vyef7SSYEeKZf6F4z-anFq58dp2c1oE_v9ZaimLwi1RD2lVYbONRKQ5lySdsj2b3Q Protocol HTTP/1.1 Server 185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT X-Proxy-Origin 194.36.108.20; 194.36.108.20; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 442cc085-ed9e-4f4b-905f-b00e9b2d5d66 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 003C Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D	170 B 188 B	17ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNVpV-NVy5x0kSOuPzPF7P_w8ts8_k_6n8kqPakQ3B5QSEi5ThInE4e34qtHoeVVpjhvLvvIhv4eddzdJM8aPujcRN6wwzSY1HYm9O32m0IMYRh-9giyPsC5rtZtUtgW8fK1tQiyXzP4hm_ljoVrvsavBzaB-Vyef7SSYEeKZf6F4z-anFq58dp2c1oE_v9ZaimLwi1RD2lVYbONRKQ5lySdsj2b3Q Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT X-Proxy-Origin 194.36.108.20; 194.36.108.20; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid aaa9dea2-82d9-451e-bf4c-f2bfda9c0e97 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 8B7F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1	43 B 894 B	78ms 35ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNV42Nou9cUkUyHBtFDMDNCKlN1QdUMNlxQpdq3EOxuGpqZRA-PmO-AxBHB_xqN8a2b7vb3ajbdj4RAWrX8Ts4jgb395QD6GSqpJr-Ahe2Fwy8Gmp_0xAtiEcourLfm7pgpsqtpYwyTMNjaaqQ4z81c7bqvZ_3Tl5C3Up4GUG4EeGzltwi71LhfftmanpacK7DqHl7_1wC6eEzwuCr_WnebbgBYuKA Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 11 Nov 2021 09:46:27 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 8B7F Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzmczAgIHWxfUe5hI804gAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1	43 B 894 B	26ms 26ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNV42Nou9cUkUyHBtFDMDNCKlN1QdUMNlxQpdq3EOxuGpqZRA-PmO-AxBHB_xqN8a2b7vb3ajbdj4RAWrX8Ts4jgb395QD6GSqpJr-Ahe2Fwy8Gmp_0xAtiEcourLfm7pgpsqtpYwyTMNjaaqQ4z81c7bqvZ_3Tl5C3Up4GUG4EeGzltwi71LhfftmanpacK7DqHl7_1wC6eEzwuCr_WnebbgBYuKA Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 11 Nov 2021 09:46:27 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 8B7F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1	43 B 1002 B	14ms 13ms	Image image/gif	185.33.221.89 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNV42Nou9cUkUyHBtFDMDNCKlN1QdUMNlxQpdq3EOxuGpqZRA-PmO-AxBHB_xqN8a2b7vb3ajbdj4RAWrX8Ts4jgb395QD6GSqpJr-Ahe2Fwy8Gmp_0xAtiEcourLfm7pgpsqtpYwyTMNjaaqQ4z81c7bqvZ_3Tl5C3Up4GUG4EeGzltwi71LhfftmanpacK7DqHl7_1wC6eEzwuCr_WnebbgBYuKA Protocol HTTP/1.1 Server 185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT X-Proxy-Origin 194.36.108.20; 194.36.108.20; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid d512c0fb-6358-431b-a2b2-4153c33ca2b1 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8B7F Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D	170 B 188 B	19ms 19ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNV42Nou9cUkUyHBtFDMDNCKlN1QdUMNlxQpdq3EOxuGpqZRA-PmO-AxBHB_xqN8a2b7vb3ajbdj4RAWrX8Ts4jgb395QD6GSqpJr-Ahe2Fwy8Gmp_0xAtiEcourLfm7pgpsqtpYwyTMNjaaqQ4z81c7bqvZ_3Tl5C3Up4GUG4EeGzltwi71LhfftmanpacK7DqHl7_1wC6eEzwuCr_WnebbgBYuKA Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT X-Proxy-Origin 194.36.108.20; 194.36.108.20; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid fa120def-e722-451d-97fb-fcd2ed827b71 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame D12D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1	43 B 894 B	79ms 39ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNUQvELHMfI4OwUgSqBvyhiexLOc9hmx1J8Tx3RmXHmmOLq3qQ7zI9PaSMvYhCSPL0ceYhpVfJ34VmCFCidSwyLeOPR1WhTK6yAtXWqTBsUE2gGTAO88Fs7Fsc5fj4UNLrDRKUgp5q0ajVRlnf9dD4HKrnB9aYxzTRDBZAwx-ItHCyEqZTGyPWqqd-pDiNeAr05Fw1J2VgtXJy8k_y9xbgNeM17UMQ Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 11 Nov 2021 09:46:27 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame D12D Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYzmczAgIHWxfUe5hI804gAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1	43 B 894 B	26ms 24ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNUQvELHMfI4OwUgSqBvyhiexLOc9hmx1J8Tx3RmXHmmOLq3qQ7zI9PaSMvYhCSPL0ceYhpVfJ34VmCFCidSwyLeOPR1WhTK6yAtXWqTBsUE2gGTAO88Fs7Fsc5fj4UNLrDRKUgp5q0ajVRlnf9dD4HKrnB9aYxzTRDBZAwx-ItHCyEqZTGyPWqqd-pDiNeAr05Fw1J2VgtXJy8k_y9xbgNeM17UMQ Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 11 Nov 2021 09:46:27 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-L3F-0kgLfiY0BG2-kQnI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame D12D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1	43 B 1002 B	69ms 53ms	Image image/gif	185.33.221.89 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNUQvELHMfI4OwUgSqBvyhiexLOc9hmx1J8Tx3RmXHmmOLq3qQ7zI9PaSMvYhCSPL0ceYhpVfJ34VmCFCidSwyLeOPR1WhTK6yAtXWqTBsUE2gGTAO88Fs7Fsc5fj4UNLrDRKUgp5q0ajVRlnf9dD4HKrnB9aYxzTRDBZAwx-ItHCyEqZTGyPWqqd-pDiNeAr05Fw1J2VgtXJy8k_y9xbgNeM17UMQ Protocol HTTP/1.1 Server 185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT X-Proxy-Origin 194.36.108.20; 194.36.108.20; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 98090401-76d2-4dcb-8748-e5f5ad45c28f Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEEgwE6Z_1Uf2qGTfRIUZm7M&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame D12D Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D	170 B 188 B	20ms 20ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYnsykuAEwAQ&v=APEucNUQvELHMfI4OwUgSqBvyhiexLOc9hmx1J8Tx3RmXHmmOLq3qQ7zI9PaSMvYhCSPL0ceYhpVfJ34VmCFCidSwyLeOPR1WhTK6yAtXWqTBsUE2gGTAO88Fs7Fsc5fj4UNLrDRKUgp5q0ajVRlnf9dD4HKrnB9aYxzTRDBZAwx-ItHCyEqZTGyPWqqd-pDiNeAr05Fw1J2VgtXJy8k_y9xbgNeM17UMQ Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT X-Proxy-Origin 194.36.108.20; 194.36.108.20; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 69b05c39-4ed3-4f97-b001-0191bee1ae74 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTY0NzM4NTY3Mjg1NjE5NDk%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 5E71	22 KB 8 KB	10ms 7ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Wed, 10 Nov 2021 00:41:17 GMT expires Thu, 10 Nov 2022 00:41:17 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 119110 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 4319	41 KB 15 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 00:41:17 GMT content-encoding gzip x-content-type-options nosniff age 119110 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 10 Nov 2022 00:41:17 GMT
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 5B76	1 KB 864 B	12ms 12ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 10 Nov 2021 21:11:57 GMT expires Thu, 11 Nov 2021 21:11:57 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 45270 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 4319	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fbce3f62bf0484bb0eb41ef7a164f9b1024cd60efd5218fd355acc111b744fba Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 7ECA	41 KB 15 KB	10ms 10ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 00:41:17 GMT content-encoding gzip x-content-type-options nosniff age 119110 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 10 Nov 2022 00:41:17 GMT
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame DDCB	1 KB 783 B	8ms 7ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 10 Nov 2021 21:11:57 GMT expires Thu, 11 Nov 2021 21:11:57 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 45270 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 7ECA	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0b78c7730bb3ae12752bbba59ea46644de70f6883345760b6871e8cc9bb93260 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 8C68	41 KB 15 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 00:41:17 GMT content-encoding gzip x-content-type-options nosniff age 119110 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 10 Nov 2022 00:41:17 GMT
GET DATA	200 OK	truncated / Frame 8C68	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6dfa463fe58f58a70658075cb2053017b2505e7bdd987601b949fd0b690fb80b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame E933	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 00:41:17 GMT content-encoding gzip x-content-type-options nosniff age 119110 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 10 Nov 2022 00:41:17 GMT
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 19E2	1 KB 783 B	7ms 7ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 10 Nov 2021 21:11:57 GMT expires Thu, 11 Nov 2021 21:11:57 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 45270 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame E933	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 823a84e2a08e02508ad9e5b82ae8613150804c0ecbeff7e965bfec4d2f31cfc6 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	11131242-8b3a-4338-a168-152341cd9fea https://grandnoticias.com/ Frame 0CAF	44 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://grandnoticias.com/11131242-8b3a-4338-a168-152341cd9fea Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash fdb677f563ffc81ee5a25e73f8a1a5a75dc1bc98f805b7f999b9fc2b0906cd30 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Length 45108 Content-Type text/javascript
GET H2	200	css fonts.googleapis.com/ Frame C97A	6 KB 796 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,regular,700italic Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10966854445168883950/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 872890c5623628fc32f2bfcacd96f0cbf2226304412a28475ef6567a784c4082 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Nov 2021 08:23:38 GMT server ESF date Thu, 11 Nov 2021 09:46:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Nov 2021 09:46:27 GMT
GET H2	200	DcmEnabler_01_247.js Show response s0.2mdn.net/879366/ Frame C97A	29 KB 10 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10966854445168883950/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10966854445168883950/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 06:00:54 GMT content-encoding gzip x-content-type-options nosniff age 13533 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10136 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 12 Nov 2021 06:00:54 GMT
GET H2	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 66B6	22 KB 8 KB	7ms 7ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Wed, 10 Nov 2021 00:41:17 GMT expires Thu, 10 Nov 2022 00:41:17 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 119110 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 9499	22 KB 8 KB	8ms 8ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Wed, 10 Nov 2021 00:41:17 GMT expires Thu, 10 Nov 2022 00:41:17 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 119110 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame C518	22 KB 8 KB	25ms 9ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Wed, 10 Nov 2021 00:41:17 GMT expires Thu, 10 Nov 2022 00:41:17 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 119110 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8C68	0 58 B	54ms 39ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BBftPcuaMYeuFLZP-3wP1kJmoBAAAAAA4AeAEAg Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 7AD0	22 KB 8 KB	11ms 10ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Wed, 10 Nov 2021 00:41:17 GMT expires Thu, 10 Nov 2022 00:41:17 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 119110 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	index.html Show response s0.2mdn.net/sadbundle/5350200476806826224/ Frame 6238	100 KB 22 KB	8ms 8ms	Document text/html	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/5350200476806826224/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0fe7da36c43cf40d2a03e0ed11c5268c28e99e42f07dbdff8547d3ae4eba604 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * date Thu, 04 Nov 2021 16:07:54 GMT expires Fri, 04 Nov 2022 16:07:54 GMT last-modified Thu, 21 Oct 2021 08:43:00 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 content-length 21948 age 581913 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 4319	0 24 B	71ms 51ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRv5Oux0kWiRS3oP22rKX2OwpN4YHcxR49ErZCSuLNwEoW-Y_Juu6-o8Bve41PDJTwaVZN_KHQGvKrlLg1A6QS7DauQGvX57ZOXXJClNVsC_TvxBkWEzenDwf_xg22OU0hKuhyB6jk1wKnPjG_QwYSe3Bcq7ebbgMB2EBIyyr5q0jelv-DaRe3rFHzbif3bhtUD1i_Q7ZpkJbyrvjDL2gwoUFven4Rh6XNSMKchPJPyuRj2idNANY1rJN7pbcQZYjK9YDB74g8_lY2QuHPLmOPFNF6sUiUxXUiWjAIZhY0YZqLMufhQUBhReNAX_YKFwtqUU4sloZ9FKYqRGzWEwjUfrXRgdODjnHX5pPxKZ2x6RfCG5-JC-WgvzWLz59OEfMYUA4WY8qVZuEUbLnJKnMYB96ap2nqLKttGunEr41naCaO_qIaWDgNmmZn_uxtPm0aRq0tdTZB04YtZ2Hr9alGWEn4nUJNEtN9uxvhur_GXk7jCLIWAv-HIYLbFOpk-0i7gX64yD4vyo2AuZfm9gYS1N92UgN1dFc-BryDBtXNkL_MI7WCIw1grDRFtgZX_7_7YstE18VZph8PCxUN_RtpMZYpd6N4YaB6aVun9ZA32n1q3EJ1v0d14ai6FOh-FSMI4Es6Qq00nA8HrPJ4gSuCsODpoCwGoEOpOdA6jKR-QlnEMvfs0qH-fFz-ryRthhe-t-fgHbHMSnzA-0vzb-HgaNVv5fo7d9NM__B7FCAC4bUd41gD5r_hmN1qGuHAUu7wXDYVp8bHSVVxq5JVgMiGHY6lsIlYCLHZBeC-PAajJBWMv64js6IiiibZZ892To8_gNns6GKAwYlm7zHTjujoqgWAS8hHz2d78xO7_Bf11YzrP_oHRS24GMyke37gbce4Cj9XuVTcbGTaOlN9wvmDvrXpbhhjv3Bu983uPtaAx0AO6Hy_UORd-oVgOe_9mzAJ5LNT5_lIkH6NJBl7AcwQMcVcb0Q6wjSINvwpgvufzaFFln4dcyVF1bdYSLK-TLZLRS02LUcQbuh9ziYnARY8Gy3N3t19QjP4D1pJY3bgbWswBLIIoC4UK5dJ_9XASAk4vaqZLovFhc2PrkUjWD1_U7n__a9X0Erbm85tuIbRAxK4CROIqxJxO-ehxU7O8aHYKqTOQ8K5qxvxm9yYAr5aROPlTe75gBHCwhjLE5SdxSH42TJEw5tDilcZZUNmasmk_BuwxcKyAZAD2QbWu3N_h7OTYgsoVg3wcVE4xeV0bKdMZDDD4e71Dw&sai=AMfl-YSfx_FRvqCnirTR4OsKg7k0rKFmCK3QprjBBNz4c9PNzvTs43G5GB6JN2JybEc7qzMSv1GLh2uZVGOEBCA6VidfCjtbKr6_ec37DXc0KR3UEaBQxaGf0eUErZNi3Os8eAS5feqkAkGtRDDUGpvwofRg8CvXOwE-HuSY_k0gwDNo4CJc&sig=Cg0ArKJSzK7j7m_hF-qHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=437&cbvp=1&cstd=432&cisv=r20211108.66415&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Thu, 11 Nov 2021 09:46:27 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	index.html Show response s0.2mdn.net/sadbundle/17146908626802631825/ Frame 0AD6	113 KB 23 KB	10ms 9ms	Document text/html	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c7a36881c7dd33d1a620f1426a69acbeb5305eca7aea1db691c9286a4901a08b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * date Mon, 08 Nov 2021 21:12:27 GMT expires Tue, 08 Nov 2022 21:12:27 GMT last-modified Thu, 21 Oct 2021 08:42:39 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 content-length 22946 age 218040 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 7ECA	0 24 B	61ms 51ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssS4z0SQ88kLIv-Wxrpz8VM3lcliBekwZJrsmcQDClZxXeedNYQk13RUJcNZjFJx4EGkp0cO3qz8YMVAAcPidyuwikvtLzI4obmAmMH8gUIP_YT_5Hr90xPf5yrTw_t65JCggE2INm3tU3vK7dZOmvaKvCYxKDedLJDdlZ0PuvojhF-8lciDWjtW2eLNtDc5aHBMSFbF227Cl8r7FO2gCud9f0flfI6cq_H7yNK34kZ9SYrv3TLY_yTHv6U6O5U8IxSF4j7b9z0b2g1BePMa1aHUV6pQSbE0prnOiITRNz8dFUu2IxF4pJ2zcDs9s7D43pAUZtTrc0wbQniO-H7YwCG62_l6NjAUw_txFyNZMqxjvRg0G2HCfK94BIkQhnDE-xPkWTL7dstEoDKzxLhd-PIQKNkFFYcEj9Ai0SOYZSxcAsXx-IQMymM8LZtYW_sx1W_8N_NKckkz4GgrBzT1Wv75V0gx0uFZDYtuQT17xeKgUXdYxaqrB8X5W6W9COlOV1229t__78dW6NR8r2Nbl7Bs3e6DCJmYXxpgIR_126vu6qxtzLbFCcmfPHREeEvJuHVU5wvmmtEgGxOWmLVwQ-2B0UsCItXS37pd0fMqMTMPhwQSjagAVpA1c4ASWUFpyDkHMsW8vsECdLwRRcgb7w7ZV8WW7IFlvO0cpH0Zpp0eSEy2TqNcFeoFF77TQUKJ0Bi3KX5-2E7lKg2jz6HcmnT4JmgU-is0o1mVaYkkNhGK0ISxJJBzRGI-2m2n2xQ5XuW3f6ZOLypXGzDycbZKd-jJelaZoZQwokKI6MB_NGHoA1_U8QIEmtpd8AryBW8ewwp-AzhCjdam3jl1AsKqQv6xIt7hz4WNthAUgJDCbXF5yV7QhWz2ZmGkYawcoSHiEva28dldpn0SgpkN5HqdphB4WDCGQENFHnE0chONnAO2wNLLvpwXzx8eXdqLjkt2YzyVE9RSn5oBvn0631k5utLlivUcAKiVeY3i3kG-wux6gVlYgIRQYKpaXv9I_SrDzAtkLJ3LYqRatZLR5TH8rzvC9w_v4yVDUwuklsKpFCjKev2vadxmIFwlv7A6_ia3V4G-wB3YT2576w-yuph1JyGxq016kjBYjeSmzLBb3L06HnuQ2L3OoPd8MmwZU7T1fYIjM6njzLVST9zkrJJJQYo4T_HkCXCJ6HrMOOxlk5l9nHnoDTlE9RHR5W1YEar_Brx15tObSYgVKrIQm_G3Jo9bAvWJjvcvBhuSPQkkfZZ32C7PFh9-z4UQGJZLjau&sai=AMfl-YRWo9XzHAhMSF9bOZTBMQDmFC7RLCl7HTguvvLPZjb5CiEoiHhyNXi6nA48GnbF1SU3KnXkF4ttjq1TYaS0GVFgLRlljD2GmIfdVIw3JMdBpQzU7qxLU55gzopbNoa0Ca_G3l2H-4QIyyQNIQwOz8g7MisIkCbX3l6Zd5t1lDDlgA-g&sig=Cg0ArKJSzIkH7fNVqqBhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=417&cbvp=1&cstd=415&cisv=r20211108.90715&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Thu, 11 Nov 2021 09:46:27 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	index.html Show response s0.2mdn.net/sadbundle/17146908626802631825/ Frame 86CC	113 KB 22 KB	8ms 8ms	Document text/html	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c7a36881c7dd33d1a620f1426a69acbeb5305eca7aea1db691c9286a4901a08b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * date Mon, 08 Nov 2021 21:12:27 GMT expires Tue, 08 Nov 2022 21:12:27 GMT last-modified Thu, 21 Oct 2021 08:42:39 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 content-length 22946 age 218040 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 8C68	0 24 B	65ms 61ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYQtEst2kcwxe5GkXURmUT8gbZx3O_csPFM7lCMzIN73dmfbl3500B6yW8D0QJ-3KVOpq3gPhTGsWlKxhdlsWOYYcd3RuOR1uM4e8z_pLzALhP5csh_ek5Z5nYnYJVBA3jzrB4ofbsTZpFazoXeyX7Sl08uTegVTRktesjE4KTjevUqPsc1Hzo91VikW9G10hXKWYj91_4d9WdG30zP0F6LDyTIsa05od7Lc5IXF_g3kGsXHFvpk56H0iGjwnETx0L66agGek1xGKcIJ0BynlLJjuct1KyGNFo2gp9yIN6L9I-meVfc4dRr-52J0Yu3xxvBFJJZ9XAPBBwUDNePcQZePxG1taUO8vcCImA79LWkQbaqY_x0EGjsiCZpJJfUv3tH3MSmSLFjzu8EOZZYlCk-aLGKhbV71dzPKPZW94X4pwWp0e9KpDQM7G5gnUShlzSiahmUSCI5NvjYY3-5POzmaFnidGYbrHzuHITwWJQnubzicggGy5fxttVRLrAYAEEhjwjPYYJnDfMJ8ABRoqReMHUGdcUBMvxiB1Q3fbGWOPr8-8Q1PP2WfMc4y84O8rFmlHAYZ6UXGwN_4K7QMgSNR8Z5e8ke7iFSV3BwAO0b2fV3AHgY3ObgxGrjsYl7tbKy7yhlTE8meyrg7ROTlXMNADC_AfRhYE904MoY3e3pBKcTSk1WZkXOCpUYPq9qv4whdG2W-RWRNaZ9wylNWRU0n4BlN5SWdhvPja3GouPgqJ1eim2-S0pNimEiAZXB9dLN5ZS3coc7AeHoyX-XEtB6XvESget5ck1eqyU7mb2293S48EVy_gneUlrg7rtR1XVEV42eVTWWuZ9mTHXG2SDGYX5zBl6fstmI_XThYBS7SXOBfZ7hDwjQA2ZrZPCKhzcnAzyys7rEXRvyQq4AfmRLf1DnHPLJ3obSzx0x1z2dV7OmwhnckT3dkcgqWJJDes57Z1Lw1F5TLTUOAlGjYkbkdqbSOSB5B6PmSzeUsN2axq1iEDz-DjTvxurvPk4Fx3uipoBbn-bThizNjonWw1DwHdxpbBNVMJhzrS2Q7hlCWB-7q5OtOAmPGtzFVqC_ytvipaWOXTAlTBhcEU5Jx8Ri3sATaMxmGNOAVrB7xrt0e-NA46NXBiV1efTTjtXapnO9TEC7nTe84p5xglNBkQxQimiLuGP25z3lWF915mwY5RtuZOKvX4&sai=AMfl-YSxcZxTjVH2nVkwm27Re4tWld1Ks3QW9UR_YIvVEeWlu35KcLSMAa9iqD8W8oIBv5rxq_dWSMR2EQjGcnt-6Wv0SOWqO0vub6VFobTBr5suWmrnT719ypjI2w83H5hvgoFm_LM9aoWssUEopgfYFZ7cPKXQAImGhy9qxGM&sig=Cg0ArKJSzJfm3iXcuZK-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=436&cbvp=1&cstd=434&cisv=r20211108.48255&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Thu, 11 Nov 2021 09:46:27 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	index.html Show response s0.2mdn.net/sadbundle/17146908626802631825/ Frame B448	113 KB 22 KB	7ms 7ms	Document text/html	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c7a36881c7dd33d1a620f1426a69acbeb5305eca7aea1db691c9286a4901a08b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * date Mon, 08 Nov 2021 21:12:27 GMT expires Tue, 08 Nov 2022 21:12:27 GMT last-modified Thu, 21 Oct 2021 08:42:39 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 content-length 22946 age 218040 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame E933	0 24 B	58ms 57ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssZoZTnjutZQPcEg1ylMErJCUER9-_xTdFGEOEUk-BnFZV85-wM-OPUB-aeVNClRKCS49SVNs32MNez9tv0_aXGGIv9pzWdoNoq3ATb0-VWEPi5_Vugr4azbGiKkcRuXClFTH5i-nMsAfPlUYKAwvKTbmsoAzVx4SXwKmS5V_2DXsZ0D2UAwoue19FXxZXa-2rVs-25a_7mvxjbeRvuZmMb3L9OzaVhz5M6R1PPxLf7Focmjr14s_auG1vJSue-_8HhU6KR0xLGtYKH_APeABnv3HlUy-INjkpdBZc4V-nIQyXHP9rwAhgf3dNc-i9e9cPNzHlO1GE_ySsONQYIoQvdd7liBPcidMjVR330vHLUbYHd9USKt7vtFMITbkwQSkb38SZqUrtjOfTgyPpoWKc9jvRfWy1GjFyhjMWYZcanCbrQmrwPDxlbu5mvddcCTCjmQ1E19oFOfTW81tGskRI1saEXRK0o-6CE6oNHUV9nFIfjhmNd_ZeTV6VtaEPCZOmKGuaHngBQ8_ldwHcl6dhyUZxGQJMlw-L5LV_PJteQO8eYwLMLUoff5509tJs0hpyp_72ICtdQbVB5XdEOIMnCiIYc0hPlJV_w5fg_t2pAgWw4u-9sbQG6w_xr7krvq1F3M7qpWupxYbqT44nk-KfO6_eqkAV81mJAWRDd16FGP3WjbnUpCr51Kd05VLixgloloMyD8i9-AArBDciittpSjy9B4_Ca4fcEwTWj8njhRuWCZrH9_rp831SNBa2VM70CYUZTBys7TKgBmUNbBbGuu6uZ33nPcgAaqCxgsecDZYWzuWOn1jC_-_aMYfxPYXjpUrSqiqQysHUoujdfTHWV8E_rdB0aMhM0UMy-MvSHoR5dophUZiB1dZ9UEDO1-zKk5x7BX8YQmWS-G3HX7IJujnrIpYbxYr_thc7PM4k9h6mJqv8fyLj84e2g66wit9h5ANHHu6zjeZGoAoQm02ul4oTEGtcq27bGj4iVNoBeIoWrxakDx9PDeSMp7LxnGDkbJuBz9X53RaTe7jvDofD0UgPYMT7CQ0Yd2VJM7wPR89sjrZsDxr8gyVIQuzNhDvUR880DttjlB-LroOr1XTh7PYxVKpDY2IbpnQARE0u0dv34rHdBToa-OUZ_HZ5A04txzuQQaRBuOZyIdMf87dPXf_ZRQUIgfjS_ptVHhpflWy5RsCyEvea7J9kuVQDR9Zf-z8rBSOh6NdNnc1i3IS7RCjxc-5oxQVZMkDfGRe9d-9JvgKlHEA&sai=AMfl-YTtSbAaaWNN5-ANXNYkgkRe43RxwJGF6Z6lCRndaWoZLLNm61fAfjOh_RiDWSGgfjzlhDLCoA1jKzQhM6-_O3colt2JEC_aizxHl7b_LFRzD4L5hss5d3oGkL9BO8S1Z67M0dBc-djaP98eA4dp4Z6mrtsbKXozKV8m6Qinyc0exBhK&sig=Cg0ArKJSzON9_rZ9z-f2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=421&cbvp=1&cstd=419&cisv=r20211108.09762&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Thu, 11 Nov 2021 09:46:27 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/ Frame C97A	15 KB 16 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,regular,700italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://s0.2mdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 01:55:14 GMT x-content-type-options nosniff age 546673 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 05 Nov 2022 01:55:14 GMT
GET H2	200	NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response pagead2.googlesyndication.com/bg/ Frame 5E71	35 KB 14 KB	10ms 10ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 20:23:11 GMT content-encoding br x-content-type-options nosniff age 566596 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13531 x-xss-protection 0 last-modified Wed, 03 Nov 2021 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 04 Nov 2022 20:23:11 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame 5B76 Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEOZfkJU7HbS1pnfJl69avmg&google_cver=1&google_push=AYg5qPIWkwoKodr9OjBemuXRe9dsSqLRkoGKjhEWmgcg0mzVut0texoPomrcvBYXQxunUwuNHkspRXoyYw-RyMRcuwQDLqQJyfK2&... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOZfkJU7HbS1pnfJl69avmg&google_cver=1&google_push=AYg5qPIWkwoKodr9OjBemuXRe9dsSqLRkoGKjhEWmgcg0mzVut0texoPomrcvBYXQxunUwuNHkspRXoyYw-RyMRcuwQDLqQJyfK...	43 B 451 B	171ms 164ms	Image image/gif	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOZfkJU7HbS1pnfJl69avmg&google_cver=1&google_push=AYg5qPIWkwoKodr9OjBemuXRe9dsSqLRkoGKjhEWmgcg0mzVut0texoPomrcvBYXQxunUwuNHkspRXoyYw-RyMRcuwQDLqQJyfK2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIWkwoKodr9OjBemuXRe9dsSqLRkoGKjhEWmgcg0mzVut0texoPomrcvBYXQxunUwuNHkspRXoyYw-RyMRcuwQDLqQJyfK2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:28 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6ac697f57d5b4aaf-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 24 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6ac697f3ca5a4aaf-FRA p3p CP="NOI DEVo TAIa OUR BUS" location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOZfkJU7HbS1pnfJl69avmg&google_cver=1&google_push=AYg5qPIWkwoKodr9OjBemuXRe9dsSqLRkoGKjhEWmgcg0mzVut0texoPomrcvBYXQxunUwuNHkspRXoyYw-RyMRcuwQDLqQJyfK2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIWkwoKodr9OjBemuXRe9dsSqLRkoGKjhEWmgcg0mzVut0texoPomrcvBYXQxunUwuNHkspRXoyYw-RyMRcuwQDLqQJyfK2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 cache-control no-cache, private content-type text/html alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5B76 Redirect Chain https://fksnk.com/cs/google?google_gid=CAESEJfXAAzqWb_GpwRfnrOK1hI&google_cver=1&google_push=AYg5qPIfLGWJYQM36hvfsmuGmIlfgTPbgbyJhzuVcFjyQa6PCyemRABTMVFr0cugE-CmzGIJU4TgHnJIDZdKf9YP_lsH3j9N7ABj https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NkJENjgwRjg1RDNDRjBDOQ==	170 B 188 B	19ms 18ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NkJENjgwRjg1RDNDRjBDOQ== Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:28 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NkJENjgwRjg1RDNDRjBDOQ== date Thu, 11 Nov 2021 09:46:28 GMT content-language en-US content-type text/html;charset=ISO-8859-1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5B76 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELoloN8v820tRWWe-mltR0M&google_cver=1&google_push=AYg5qPIbRftc2tDtjZDFacCyXwtAKToumDtKr7of8JpxraKC_L0D6R5LluXMknos9iyt6gTEIzkz3jjQnP9H4Z... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyOTI0NjUwMDAyODU0NTE2OQ%3D%3D&google_push=AYg5qPIbRftc2tDtjZDFacCyXwtAKToumDtKr7of8JpxraKC_L0D6R5LluXMknos9iyt6gTEIzkz3jjQnP9H4Z-KiJ...	170 B 188 B	36ms 33ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyOTI0NjUwMDAyODU0NTE2OQ%3D%3D&google_push=AYg5qPIbRftc2tDtjZDFacCyXwtAKToumDtKr7of8JpxraKC_L0D6R5LluXMknos9iyt6gTEIzkz3jjQnP9H4Z-KiJrTBCgfLGDS Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyOTI0NjUwMDAyODU0NTE2OQ%3D%3D&google_push=AYg5qPIbRftc2tDtjZDFacCyXwtAKToumDtKr7of8JpxraKC_L0D6R5LluXMknos9iyt6gTEIzkz3jjQnP9H4Z-KiJrTBCgfLGDS Date Thu, 11 Nov 2021 09:46:27 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5B76 Redirect Chain https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEMBRNmbtMnv349zz2EML2IY&google_cver=1&google_push=AYg5qPKBOImWoSxVbkuFzY5GM6duffZpe9KfWtyF1vLUT36l0A4iU3JArPh98... https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEMBRNmbtMnv349zz2EML2IY&google_cver=1&google_push=AYg5qPKBOImWoSxVbkuFzY5GM6duffZpe9KfWtyF1vLUT36l0A4iU3JArPh98... https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=W2PBa7hHa3ks7EI_iH2ryw&google_push=AYg5qPKBOImWoSxVbkuFzY5GM6duffZpe9KfWtyF1vLUT36l0A4iU3JArPh98_uOjidLthg12WQFnb_vs...	170 B 188 B	20ms 19ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=W2PBa7hHa3ks7EI_iH2ryw&google_push=AYg5qPKBOImWoSxVbkuFzY5GM6duffZpe9KfWtyF1vLUT36l0A4iU3JArPh98_uOjidLthg12WQFnb_vsObCfplXZ7dq0-OhueaR Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:28 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Thu, 11 Nov 2021 09:46:27 GMT Server nginx Vary Accept P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=W2PBa7hHa3ks7EI_iH2ryw&google_push=AYg5qPKBOImWoSxVbkuFzY5GM6duffZpe9KfWtyF1vLUT36l0A4iU3JArPh98_uOjidLthg12WQFnb_vsObCfplXZ7dq0-OhueaR Connection close Content-Type text/plain; charset=utf-8 Content-Length 238
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5B76 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJCscSAysi7vM5O7NRb6n0g&google_cver=1&google_push=AYg5qPIRAn3Fw_TFcUjsD9dv7BWy1NegtNFKJ1_E7RZmAhNiH7H_B2NRtcaicsn57e_J171gNg_fg2Pb... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJCscSAysi7vM5O7NRb6n0g&google_cver=1&google_push=AYg5qPIRAn3Fw_TFcUjsD9dv7BWy1NegtNFKJ1_E7RZmAhNiH7H_B2NRtcaicsn57e_J171gNg_... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc5Njk2Nzg1MjgxNjc3NDU0NA&google_push=AYg5qPIRAn3Fw_TFcUjsD9dv7BWy1NegtNFKJ1_E7RZmAhNiH7H_B2NRtcaicsn57e_J171gNg_fg2...	170 B 188 B	25ms 23ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc5Njk2Nzg1MjgxNjc3NDU0NA&google_push=AYg5qPIRAn3Fw_TFcUjsD9dv7BWy1NegtNFKJ1_E7RZmAhNiH7H_B2NRtcaicsn57e_J171gNg_fg2PbAVWShbtZCy0IOfKKWY0 Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server nginx location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc5Njk2Nzg1MjgxNjc3NDU0NA&google_push=AYg5qPIRAn3Fw_TFcUjsD9dv7BWy1NegtNFKJ1_E7RZmAhNiH7H_B2NRtcaicsn57e_J171gNg_fg2PbAVWShbtZCy0IOfKKWY0 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame 5B76	0 474 B	90ms 20ms	Image text/plain	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJ0tAfxkD_1iGObO_YmbybBWjU2HYrxALtVI_6rF7tpZRL1xwPDhKp2XlLFZ9lmBkxQ3ub4emxrviJs8YYi2d9kZt3Sh84%26google_hm%3D%5BUID%5D&google_gid=CAESEAAIHdsWyXndV4KkOdBu-no&google_cver=1 Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type text/plain; charset=utf8 Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5B76 Redirect Chain https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDV49W-9MaZRpUcgwNgct1g&google_cver=1&google_push=AYg5qPJAIS1DrKFb04Mze_9wPALoqwXi4M41jxnhop98G4twpRiFwJfVQiv30XNYTjo2Ta7S706L1Q6QI0uQQfIs5lnHx4s... https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJAIS1DrKFb04Mze_9wPALoqwXi4M41jxnhop98G4twpRiFwJfVQiv30XNYTjo2Ta7S706L1Q6QI0uQQfIs5lnHx4s0BzLp9w&google_hm=NjY1MzY0N...	170 B 188 B	21ms 21ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJAIS1DrKFb04Mze_9wPALoqwXi4M41jxnhop98G4twpRiFwJfVQiv30XNYTjo2Ta7S706L1Q6QI0uQQfIs5lnHx4s0BzLp9w&google_hm=NjY1MzY0NjUzOTY2Mzk1NjYwOQ== Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJAIS1DrKFb04Mze_9wPALoqwXi4M41jxnhop98G4twpRiFwJfVQiv30XNYTjo2Ta7S706L1Q6QI0uQQfIs5lnHx4s0BzLp9w&google_hm=NjY1MzY0NjUzOTY2Mzk1NjYwOQ== Date Thu, 11 Nov 2021 09:46:27 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 5B76	0 12 B	16ms 14ms	Image text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Llg3H7p9SHucRcq0dNlhnn8ORdDyGWbWrbM3-fgISUrC2Y3-s6wHkh2U_3HDoI5wyH59Oy1Q Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 2AFA	0 23 B	52ms 51ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvl3bGDklmPv_KkdlSyrpwE5F5ZQrduvDq6XCPbqlvfy2uqoqaX5ifoRDSJ5LiJF2XMaIumDy-Dzx8D3XgL8mpk4K6OSo9uTCXKPJvCCzcpQvMVXIAzc343H7QnCtEJQO5R8m4L51d7gc3pThAxZOrr-ezsjiBkWeWHWv4vV_b8Hr3mokC5Sy7zcfmUqywDth5VjQ9kS6oD1GIcKdMeoFnSl_rQzO0BDVptN7SxJDJKAn7nqKfJv34deXydMphifhiPeviIzWgmECESjxauXbJ2q6wpL2pnrI8yPh4CQRAJgrm2MUyp-Z2ILgk17II7o_7u9y3hgSh66iJx1WKqu3pH2CoQtUQiqC-I322FitEYIR71bh_662JAp6sDISP3ZtraPXXwn03otVjL9z8-BAK7VPNGXyw-FWDE_uoCL3N58XUmSaI-wqCylLZq9eXMYaSUJb03FFfYHmJOSPVWoBYKwZnmA7tZqTNs1HrFGVWno6u4q1VwA27RrgZNYMdVhte6Qp_4EAZP10jnei4t3XaLMLQaDr44rpQLu2V1-cdZixaJ-BgjKXFuSRyDYf4JfsQzhC1w5K1IFnN6ph5-Bb-xnsXU-yPB5lv2FM2na7yFYeiBVGIFgUdfaO6JifkNoVTTk8-9rH-mlqnCxSerHp8r55lcis02pcWPgaexOXyE_cvQ55TaW4kXG1DuTsSEJsPWWhRf12xGRhe-v90nVNSEhR-P3CwX-63Zo0WtyF4tcZJ8ypm9VkeG5DMsgGAGdcmnp7AC8wseWLFa3PtST7Mm2Xhf44dIsI0X8Zd-6De8JKvPt6nRUZOxjf4Uq6iA7hTkBQxrGsvB8C0zGADq2HWhF5VKqjq7d3iGbQbgBwXVic9RResE1KygZfmLx5qoKffMtZA3NuNHCAegAJymafQLJomKE-3aaf_XygGGqI3FY-hoF20Hf5ysgJjToDpXk4kpnt7SSsYQI8x68hQ1e6Rq1UClf2N7r5qRo6NICxBIVJno7d0c6y69Y4mp99d1wRFWHQ8Lc3u-6vcIoM0_1wprse4yqRpEn1cvU7OLjQVHUjkBd7Dpf1FpQqISEuSoipy0gnA8Ktz6f7b6N13jp6GrVJgtES3JKHfOtR72s8An4-hXbc03mHXvc_HsopdimeX3EsOjuNSpFx9IuPIpinqowzXhHGtIHqKjNOlgi6992XLQXNTMU5U&sai=AMfl-YQRIHsZ0Rkti_cCNeS1CqKlohi346WhLLuBv-jq8mvH99kMy7QDeBhpocpkBGKuVjg4La03piz44FgbNjafYxGyV7CKNLnmRYIKw9PIfdoErkEP5FyFVFoT07ZVX1wyRXF9C-FoexbrdSVe4n2m8aJCjJ_xWclsoP2zw7M&sig=Cg0ArKJSzKO3L-bqeAfwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=989&vt=11&dtpt=521&dett=3&cstd=462&cisv=r20211108.74223&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:46:27 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET		dpixel cms.quantserve.com/ Frame DDCB	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame DDCB Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFK4VgeZzjpSbLv5NVD4_LA&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFK4VgeZzjpSbLv5NVD4_LA&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YXVNU1JtTWMxTUw2RjU1&google_gid=CAESEFK4VgeZzjpSbLv5NVD4_LA&google_cver=1&google_push=AYg5qPIb1NBZ70WB4UsLgLMxRcEkI10Ra01gYoYiJlpX04R...	170 B 188 B	21ms 18ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YXVNU1JtTWMxTUw2RjU1&google_gid=CAESEFK4VgeZzjpSbLv5NVD4_LA&google_cver=1&google_push=AYg5qPIb1NBZ70WB4UsLgLMxRcEkI10Ra01gYoYiJlpX04RnKRuN23yq6nBNEVJ-hRymRsvgCGuz6duNFOy4FMxBScy0syncfa1S Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:27 GMT Server PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg Strict-Transport-Security max-age=2592000; includeSubDomains P3P policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI" Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YXVNU1JtTWMxTUw2RjU1&google_gid=CAESEFK4VgeZzjpSbLv5NVD4_LA&google_cver=1&google_push=AYg5qPIb1NBZ70WB4UsLgLMxRcEkI10Ra01gYoYiJlpX04RnKRuN23yq6nBNEVJ-hRymRsvgCGuz6duNFOy4FMxBScy0syncfa1S Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	pixelSync pixel-sync.sitescout.com/dmp/ Frame DDCB	0 191 B	106ms 27ms	Image text/plain	66.155.71.149 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEOW2IB5uvM2SZD6jpLJtgvw&google_cver=1&google_push=AYg5qPLm0hRjSbC22rQA-UU0f1FEj6vMjIHxaX1sHxpGULSzeGUMliE7ZlxbHblPVD95VuZNp40xhUInkK3k69LgU6Y6NMO9Anu2 Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT cache-control max-age=0,no-cache,no-store server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" expires Tue, 11 Oct 1977 12:34:56 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame DDCB Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOsFsxQrqy5L1lboxU2adic&google_cver=1&google_push=AYg5qPLMDwWvmcqXcJzmQn3cdyV4AxG3pq3UcPNhH5M4TvTQT46Dm0BDFYZWBCJXj0QJhCMToWy0u7r0EFS... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLMDwWvmcqXcJzmQn3cdyV4AxG3pq3UcPNhH5M4TvTQT46Dm0BDFYZWBCJXj0QJhCMToWy0u7r0EFSzu7kfQ53HwJ8GGXs5&google_hm=t4Ndjup8RCW966Cu4TX2BxQ	170 B 188 B	18ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLMDwWvmcqXcJzmQn3cdyV4AxG3pq3UcPNhH5M4TvTQT46Dm0BDFYZWBCJXj0QJhCMToWy0u7r0EFSzu7kfQ53HwJ8GGXs5&google_hm=t4Ndjup8RCW966Cu4TX2BxQ Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT via 1.1 google server Apache-Coyote/1.1 status 302 p3p CP="NOI DSP COR NID CUR OUR NOR" location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLMDwWvmcqXcJzmQn3cdyV4AxG3pq3UcPNhH5M4TvTQT46Dm0BDFYZWBCJXj0QJhCMToWy0u7r0EFSzu7kfQ53HwJ8GGXs5&google_hm=t4Ndjup8RCW966Cu4TX2BxQ cache-control no-cache, must-revalidate content-type text/html;charset=UTF-8 alt-svc clear content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame DDCB Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEL50vTHRug6CWjfLEon0qQk&google_cver=1&google_push=AYg5qPIAItBnWOX2CLz_KiV3WMdYJuQYpLnjE5bFZH6YzmJrJDJPQnM4B3GkwqPhBHtmAWuVJoOD2GpP2AOgbr5CsMqazpSFfbgr https://rtb.openx.net/sync/dds?google_gid=CAESEL50vTHRug6CWjfLEon0qQk&google_cver=1&google_push=AYg5qPIAItBnWOX2CLz_KiV3WMdYJuQYpLnjE5bFZH6YzmJrJDJPQnM4B3GkwqPhBHtmAWuVJoOD2GpP2AOgbr5CsMqazpSFfbgr&... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIAItBnWOX2CLz_KiV3WMdYJuQYpLnjE5bFZH6YzmJrJDJPQnM4B3GkwqPhBHtmAWuVJoOD2GpP2AOgbr5CsMqazpSFfbgr&google_hm=6kNnqTPJzz47bEFNgfWtwQ==	170 B 188 B	17ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIAItBnWOX2CLz_KiV3WMdYJuQYpLnjE5bFZH6YzmJrJDJPQnM4B3GkwqPhBHtmAWuVJoOD2GpP2AOgbr5CsMqazpSFfbgr&google_hm=6kNnqTPJzz47bEFNgfWtwQ== Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIAItBnWOX2CLz_KiV3WMdYJuQYpLnjE5bFZH6YzmJrJDJPQnM4B3GkwqPhBHtmAWuVJoOD2GpP2AOgbr5CsMqazpSFfbgr&google_hm=6kNnqTPJzz47bEFNgfWtwQ== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-request-id ato4k715b602dgknb7udb18ovjtqhchm
GET		pixel cm.g.doubleclick.net/ Frame DDCB Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL...	0 0
GET H2	200	dot.gif s0.2mdn.net/ Frame DDCB	43 B 158 B	23ms 20ms	Image image/gif	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_gid=CAESEJBLhKpD_qxSXI873opaQjE&google_cver=1&google_push=AYg5qPIVBcgwGXVqMLEV9Gl-D9T5NHsbK3buOEw6nylu5U4My5PigfxnEdd244MbhAbpSKshIQ2EjaPAKQXZLPAwZyQiEoh5fQdffg Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:27 GMT x-content-type-options nosniff last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 12 Nov 2021 09:46:27 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame DDCB	0 12 B	26ms 24ms	Image text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LW-1lFgBjJbKPgGodA6nOHaYe-V9iSoQ06z1_YjhyH2b8dnip9kXRwWsw8EuOxccWSXZYfLA Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	pixel cm.g.doubleclick.net/ Frame 19E2 Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEDotXsTpJ93kzW8EyMF7ZkY&google_cver=1&google_push=AYg5qPKTEhPa3ztAgIoCLC3zHLIKYSjCEFFJ4zXmyLhf3o8PliDGWUFkDhC5rB7ndfeXXkp-Ua9cXMGXb6EAcfq0YYkUZ1sXLgU https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=007DA06BC83445ADB92E92CB12A677BD&google_push=AYg5qPKTEhPa3ztAgIoCLC3zHLIKYSjCEFFJ4zXmyLhf3o8PliDGWUFkDhC5rB7ndfeXXkp-Ua9cXMGXb6EAcfq...	170 B 188 B	18ms 18ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=007DA06BC83445ADB92E92CB12A677BD&google_push=AYg5qPKTEhPa3ztAgIoCLC3zHLIKYSjCEFFJ4zXmyLhf3o8PliDGWUFkDhC5rB7ndfeXXkp-Ua9cXMGXb6EAcfq0YYkUZ1sXLgU Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 11 Nov 2021 09:46:27 GMT x-content-type-options nosniff server nginx location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=007DA06BC83445ADB92E92CB12A677BD&google_push=AYg5qPKTEhPa3ztAgIoCLC3zHLIKYSjCEFFJ4zXmyLhf3o8PliDGWUFkDhC5rB7ndfeXXkp-Ua9cXMGXb6EAcfq0YYkUZ1sXLgU strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 138 expires Wed, 10 Nov 2021 09:46:27 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 19E2 Redirect Chain https://fksnk.com/cs/google?google_gid=CAESEFesiuSiW8pGJxMBCNVeqIo&google_cver=1&google_push=AYg5qPK16ErKhzlQSeEl_zcmxsSOfGIY1KBwdPv4FNYjyqDFhfGjOFYZPUS9foUyX8N-f4HzsvEokV_GcZbPse2m5soz5k-6j9E https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjExQzE5N0JBNTAwQkM2Nw==	170 B 188 B	17ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjExQzE5N0JBNTAwQkM2Nw== Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:28 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjExQzE5N0JBNTAwQkM2Nw== date Thu, 11 Nov 2021 09:46:28 GMT content-language en-US content-type text/html;charset=ISO-8859-1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 19E2 Redirect Chain https://px.adhigh.net/p/gm/rub?google_gid=CAESEBWUGVbRjwedfwPd3c3yb6k&google_cver=1&google_push=AYg5qPIz0GdOs2hteA66FsMBIQVdFTCSuJUMjQNdEGyL1TnWLjiKeBVJg51aEYiutYREgV1upzM06WYsLUTd8jVsUrldgyl-U64 https://px.adhigh.net/p/gm/rub?google_gid=CAESEBWUGVbRjwedfwPd3c3yb6k&google_cver=1&google_push=AYg5qPIz0GdOs2hteA66FsMBIQVdFTCSuJUMjQNdEGyL1TnWLjiKeBVJg51aEYiutYREgV1upzM06WYsLUTd8jVsUrldgyl-U64&b... https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIz0GdOs2hteA66FsMBIQVdFTCSuJUMjQNdEGyL1TnWLjiKeBVJg51aEYiutYREgV1upzM06WYsLUTd8jVsUrldgyl-U64&google_hm=o1YTNjm4-tEAAikABlF9DmQ1...	170 B 188 B	18ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIz0GdOs2hteA66FsMBIQVdFTCSuJUMjQNdEGyL1TnWLjiKeBVJg51aEYiutYREgV1upzM06WYsLUTd8jVsUrldgyl-U64&google_hm=o1YTNjm4-tEAAikABlF9DmQ1TQ%3D%3D Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:28 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Nov 2021 09:46:28 GMT server nginx access-control-allow-origin * x-backend-id f21-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIz0GdOs2hteA66FsMBIQVdFTCSuJUMjQNdEGyL1TnWLjiKeBVJg51aEYiutYREgV1upzM06WYsLUTd8jVsUrldgyl-U64&google_hm=o1YTNjm4-tEAAikABlF9DmQ1TQ%3D%3D cache-control no-cache, no-store access-control-allow-credentials true content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	sync dsp.adkernel.com/ Frame 19E2	42 B 233 B	283ms 85ms	Image image/gif	174.137.133.49 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Show image Full URL https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEKTeJ8LQtqKZo2Zt066NIIg&google_cver=1&google_push=AYg5qPLzeks0sADkkXGwBlBo703454m-ubxRRbpfGVADt9AyXhEmvT5YWDY_TpgJ0nGfzdXeRwi3eXMIiiXlyJfm2y6_n6zhqQ Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 09:46:28 GMT Server nginx Age 0 Content-Type image/gif Cache-Control no-store Connection keep-alive Content-Length 42
GET H3	200	pixel cm.g.doubleclick.net/ Frame 19E2 Redirect Chain https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKnTgHr21Npab8Uw15u1KYI&google_cver=1&google_push=AYg5qPKeieXwevzbDRGbYbu9AS2c_yZmN6sUfChV9NT-IKpIABTvaSaytrXicBzDvC7747UJR2F4YE7ymNVFsZIFl... https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKnTgHr21Npab8Uw15u1KYI&google_cver=1&google_push=AYg5qPKeieXwevzbDRGbYbu9AS2c_yZmN6sUfChV9NT-IKpIABTvaSaytrXicBzDvC7747UJR2F4YE7ymNVFsZIFl... https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKeieXwevzbDRGbYbu9AS2c_yZmN6sUfChV9NT-IKpIABTvaSaytrXicBzDvC7747UJR2F4YE7ymNVFsZIFlO5KnVfKp34&google_hm=61cb7bc1d8f884592d92048b	170 B 188 B	20ms 20ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKeieXwevzbDRGbYbu9AS2c_yZmN6sUfChV9NT-IKpIABTvaSaytrXicBzDvC7747UJR2F4YE7ymNVFsZIFlO5KnVfKp34&google_hm=61cb7bc1d8f884592d92048b Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:28 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Thu, 11 Nov 2021 09:46:27 GMT Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKeieXwevzbDRGbYbu9AS2c_yZmN6sUfChV9NT-IKpIABTvaSaytrXicBzDvC7747UJR2F4YE7ymNVFsZIFlO5KnVfKp34&google_hm=61cb7bc1d8f884592d92048b Access-Control-Allow-Credentials true Connection close X-Sovrn-Pod ad_ap6ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type
GET		pixel cm.g.doubleclick.net/ Frame 19E2 Redirect Chain https://match.360yield.com/match/ebda?google_gid=CAESEMz39ZFiSQkUIWkpykMi_3w&google_cver=1&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwe... https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMz39ZFiSQkUIWkpykMi_3w&google_cver=1&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSI...	0 0
GET H2	200	dot.gif s0.2mdn.net/ Frame 19E2	43 B 110 B	38ms 21ms	Image image/gif	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_gid=CAESECkegW9kcl6Ur6wmQPykJBI&google_cver=1&google_push=AYg5qPLLV8zuCH7xzI5roe-C3E6oIMmhCBWGMkK_WymecVA4PGleW85Vwf7urxJdIY8ezd8x7U9y5q1wn2BXLI7MA-Bpc-qDc5tK Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:27 GMT x-content-type-options nosniff last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 12 Nov 2021 09:46:27 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 19E2	0 12 B	28ms 16ms	Image text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LdITqDiO2gm-cXgEJt9DCegDYNSMqeXreWFEd2ZjLop-VngxRt3kYETS9Zzh1CLH1zUIlg8w Requested by Host: 91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com URL: https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:27 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	css fonts.googleapis.com/ Frame 6238	4 KB 691 B	28ms 21ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,regular Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/5350200476806826224/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Nov 2021 08:10:30 GMT server ESF date Thu, 11 Nov 2021 09:46:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Nov 2021 09:46:27 GMT
GET H2	200	css fonts.googleapis.com/ Frame 0AD6	6 KB 737 B	27ms 22ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:500,700,regular Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cf624cca88c1828e4dc1a61151d2ce6e826191ba2223f4cf4cdacc1d8a52981b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Nov 2021 08:19:59 GMT server ESF date Thu, 11 Nov 2021 09:46:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Nov 2021 09:46:27 GMT
GET H2	200	css fonts.googleapis.com/ Frame 86CC	6 KB 737 B	29ms 26ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:500,700,regular Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cf624cca88c1828e4dc1a61151d2ce6e826191ba2223f4cf4cdacc1d8a52981b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Nov 2021 07:55:05 GMT server ESF date Thu, 11 Nov 2021 09:46:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Nov 2021 09:46:27 GMT
GET H2	200	css fonts.googleapis.com/ Frame B448	6 KB 737 B	28ms 25ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:500,700,regular Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cf624cca88c1828e4dc1a61151d2ce6e826191ba2223f4cf4cdacc1d8a52981b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Nov 2021 09:39:40 GMT server ESF date Thu, 11 Nov 2021 09:46:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Nov 2021 09:46:27 GMT
GET H2	200	BitdefenderLogo_white-_2_.png s0.2mdn.net/sadbundle/10966854445168883950/ Frame C97A	28 KB 28 KB	26ms 14ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10966854445168883950/BitdefenderLogo_white-_2_.png Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10966854445168883950/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 01:54:26 GMT x-content-type-options nosniff age 546721 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28426 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:59 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Nov 2022 01:54:26 GMT
GET H2	200	OP_20Ans_Ban_728x90_Vec.jpg s0.2mdn.net/sadbundle/10966854445168883950/ Frame C97A	12 KB 12 KB	29ms 20ms	Image image/jpeg	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10966854445168883950/OP_20Ans_Ban_728x90_Vec.jpg Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8d6e162d1fb5b28a9218563f1ff01fa4b2095950c8e3de047adc07b2a37a3884 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10966854445168883950/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 13:50:01 GMT x-content-type-options nosniff age 590186 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12653 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:59 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Nov 2022 13:50:01 GMT
GET H2	200	OP_20Ans_Ban_728x90_Vec_F3.jpg s0.2mdn.net/sadbundle/10966854445168883950/ Frame C97A	5 KB 5 KB	29ms 21ms	Image image/jpeg	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10966854445168883950/OP_20Ans_Ban_728x90_Vec_F3.jpg Requested by Host: grandnoticias.com URL: https://grandnoticias.com/brasil-foi-celeiro-para-surgimento-de-novas-variantes-diz-estudo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 782e3276cdc0df799cdae755a327bf317d2da28882f2fe2fb24416ad0df801f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10966854445168883950/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:12:01 GMT x-content-type-options nosniff age 218066 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5288 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:59 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 08 Nov 2022 21:12:01 GMT
GET H2	200	DcmEnabler_01_247.js Show response s0.2mdn.net/879366/ Frame 6238	29 KB 10 KB	23ms 12ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/5350200476806826224/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/5350200476806826224/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 06:00:54 GMT content-encoding gzip x-content-type-options nosniff age 13533 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10136 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 12 Nov 2021 06:00:54 GMT
GET H2	200	DcmEnabler_01_247.js Show response s0.2mdn.net/879366/ Frame 0AD6	29 KB 10 KB	15ms 12ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 06:00:54 GMT content-encoding gzip x-content-type-options nosniff age 13533 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10136 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 12 Nov 2021 06:00:54 GMT
GET H2	200	DcmEnabler_01_247.js Show response s0.2mdn.net/879366/ Frame 86CC	29 KB 10 KB	16ms 14ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 06:00:54 GMT content-encoding gzip x-content-type-options nosniff age 13533 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10136 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 12 Nov 2021 06:00:54 GMT
GET H2	200	DcmEnabler_01_247.js Show response s0.2mdn.net/879366/ Frame B448	29 KB 10 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 06:00:54 GMT content-encoding gzip x-content-type-options nosniff age 13533 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10136 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 12 Nov 2021 06:00:54 GMT
GET H2	200	NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response pagead2.googlesyndication.com/bg/ Frame 66B6	35 KB 13 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 20:23:11 GMT content-encoding br x-content-type-options nosniff age 566596 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13531 x-xss-protection 0 last-modified Wed, 03 Nov 2021 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 04 Nov 2022 20:23:11 GMT
GET H2	200	NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response pagead2.googlesyndication.com/bg/ Frame 9499	35 KB 13 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 20:23:11 GMT content-encoding br x-content-type-options nosniff age 566596 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13531 x-xss-protection 0 last-modified Wed, 03 Nov 2021 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 04 Nov 2022 20:23:11 GMT
GET H2	200	NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response pagead2.googlesyndication.com/bg/ Frame C518	35 KB 13 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 20:23:11 GMT content-encoding br x-content-type-options nosniff age 566596 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13531 x-xss-protection 0 last-modified Wed, 03 Nov 2021 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 04 Nov 2022 20:23:11 GMT
GET H2	200	NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response pagead2.googlesyndication.com/bg/ Frame 7AD0	35 KB 13 KB	10ms 10ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 20:23:11 GMT content-encoding br x-content-type-options nosniff age 566596 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13531 x-xss-protection 0 last-modified Wed, 03 Nov 2021 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 04 Nov 2022 20:23:11 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/ Frame 6238	15 KB 16 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://s0.2mdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 01:55:14 GMT x-content-type-options nosniff age 546674 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 05 Nov 2022 01:55:14 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/ Frame 86CC	15 KB 16 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://s0.2mdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 01:55:14 GMT x-content-type-options nosniff age 546674 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 05 Nov 2022 01:55:14 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/ Frame 86CC	16 KB 16 KB	9ms 8ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://s0.2mdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 02:46:35 GMT x-content-type-options nosniff age 543593 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 05 Nov 2022 02:46:35 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/ Frame 0AD6	15 KB 16 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://s0.2mdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 01:55:14 GMT x-content-type-options nosniff age 546674 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 05 Nov 2022 01:55:14 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/ Frame 0AD6	16 KB 16 KB	10ms 10ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://s0.2mdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 02:46:35 GMT x-content-type-options nosniff age 543593 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 05 Nov 2022 02:46:35 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/ Frame B448	15 KB 16 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://s0.2mdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 01:55:14 GMT x-content-type-options nosniff age 546674 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 05 Nov 2022 01:55:14 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/ Frame B448	16 KB 16 KB	10ms 9ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://s0.2mdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 02:46:35 GMT x-content-type-options nosniff age 543593 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 05 Nov 2022 02:46:35 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 4319	0 23 B	49ms 49ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRv5Oux0kWiRS3oP22rKX2OwpN4YHcxR49ErZCSuLNwEoW-Y_Juu6-o8Bve41PDJTwaVZN_KHQGvKrlLg1A6QS7DauQGvX57ZOXXJClNVsC_TvxBkWEzenDwf_xg22OU0hKuhyB6jk1wKnPjG_QwYSe3Bcq7ebbgMB2EBIyyr5q0jelv-DaRe3rFHzbif3bhtUD1i_Q7ZpkJbyrvjDL2gwoUFven4Rh6XNSMKchPJPyuRj2idNANY1rJN7pbcQZYjK9YDB74g8_lY2QuHPLmOPFNF6sUiUxXUiWjAIZhY0YZqLMufhQUBhReNAX_YKFwtqUU4sloZ9FKYqRGzWEwjUfrXRgdODjnHX5pPxKZ2x6RfCG5-JC-WgvzWLz59OEfMYUA4WY8qVZuEUbLnJKnMYB96ap2nqLKttGunEr41naCaO_qIaWDgNmmZn_uxtPm0aRq0tdTZB04YtZ2Hr9alGWEn4nUJNEtN9uxvhur_GXk7jCLIWAv-HIYLbFOpk-0i7gX64yD4vyo2AuZfm9gYS1N92UgN1dFc-BryDBtXNkL_MI7WCIw1grDRFtgZX_7_7YstE18VZph8PCxUN_RtpMZYpd6N4YaB6aVun9ZA32n1q3EJ1v0d14ai6FOh-FSMI4Es6Qq00nA8HrPJ4gSuCsODpoCwGoEOpOdA6jKR-QlnEMvfs0qH-fFz-ryRthhe-t-fgHbHMSnzA-0vzb-HgaNVv5fo7d9NM__B7FCAC4bUd41gD5r_hmN1qGuHAUu7wXDYVp8bHSVVxq5JVgMiGHY6lsIlYCLHZBeC-PAajJBWMv64js6IiiibZZ892To8_gNns6GKAwYlm7zHTjujoqgWAS8hHz2d78xO7_Bf11YzrP_oHRS24GMyke37gbce4Cj9XuVTcbGTaOlN9wvmDvrXpbhhjv3Bu983uPtaAx0AO6Hy_UORd-oVgOe_9mzAJ5LNT5_lIkH6NJBl7AcwQMcVcb0Q6wjSINvwpgvufzaFFln4dcyVF1bdYSLK-TLZLRS02LUcQbuh9ziYnARY8Gy3N3t19QjP4D1pJY3bgbWswBLIIoC4UK5dJ_9XASAk4vaqZLovFhc2PrkUjWD1_U7n__a9X0Erbm85tuIbRAxK4CROIqxJxO-ehxU7O8aHYKqTOQ8K5qxvxm9yYAr5aROPlTe75gBHCwhjLE5SdxSH42TJEw5tDilcZZUNmasmk_BuwxcKyAZAD2QbWu3N_h7OTYgsoVg3wcVE4xeV0bKdMZDDD4e71Dw&sai=AMfl-YSfx_FRvqCnirTR4OsKg7k0rKFmCK3QprjBBNz4c9PNzvTs43G5GB6JN2JybEc7qzMSv1GLh2uZVGOEBCA6VidfCjtbKr6_ec37DXc0KR3UEaBQxaGf0eUErZNi3Os8eAS5feqkAkGtRDDUGpvwofRg8CvXOwE-HuSY_k0gwDNo4CJc&sig=Cg0ArKJSzK7j7m_hF-qHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=885&vt=11&dtpt=448&dett=3&cstd=432&cisv=r20211108.66415&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:46:28 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 8C68	0 23 B	43ms 43ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYQtEst2kcwxe5GkXURmUT8gbZx3O_csPFM7lCMzIN73dmfbl3500B6yW8D0QJ-3KVOpq3gPhTGsWlKxhdlsWOYYcd3RuOR1uM4e8z_pLzALhP5csh_ek5Z5nYnYJVBA3jzrB4ofbsTZpFazoXeyX7Sl08uTegVTRktesjE4KTjevUqPsc1Hzo91VikW9G10hXKWYj91_4d9WdG30zP0F6LDyTIsa05od7Lc5IXF_g3kGsXHFvpk56H0iGjwnETx0L66agGek1xGKcIJ0BynlLJjuct1KyGNFo2gp9yIN6L9I-meVfc4dRr-52J0Yu3xxvBFJJZ9XAPBBwUDNePcQZePxG1taUO8vcCImA79LWkQbaqY_x0EGjsiCZpJJfUv3tH3MSmSLFjzu8EOZZYlCk-aLGKhbV71dzPKPZW94X4pwWp0e9KpDQM7G5gnUShlzSiahmUSCI5NvjYY3-5POzmaFnidGYbrHzuHITwWJQnubzicggGy5fxttVRLrAYAEEhjwjPYYJnDfMJ8ABRoqReMHUGdcUBMvxiB1Q3fbGWOPr8-8Q1PP2WfMc4y84O8rFmlHAYZ6UXGwN_4K7QMgSNR8Z5e8ke7iFSV3BwAO0b2fV3AHgY3ObgxGrjsYl7tbKy7yhlTE8meyrg7ROTlXMNADC_AfRhYE904MoY3e3pBKcTSk1WZkXOCpUYPq9qv4whdG2W-RWRNaZ9wylNWRU0n4BlN5SWdhvPja3GouPgqJ1eim2-S0pNimEiAZXB9dLN5ZS3coc7AeHoyX-XEtB6XvESget5ck1eqyU7mb2293S48EVy_gneUlrg7rtR1XVEV42eVTWWuZ9mTHXG2SDGYX5zBl6fstmI_XThYBS7SXOBfZ7hDwjQA2ZrZPCKhzcnAzyys7rEXRvyQq4AfmRLf1DnHPLJ3obSzx0x1z2dV7OmwhnckT3dkcgqWJJDes57Z1Lw1F5TLTUOAlGjYkbkdqbSOSB5B6PmSzeUsN2axq1iEDz-DjTvxurvPk4Fx3uipoBbn-bThizNjonWw1DwHdxpbBNVMJhzrS2Q7hlCWB-7q5OtOAmPGtzFVqC_ytvipaWOXTAlTBhcEU5Jx8Ri3sATaMxmGNOAVrB7xrt0e-NA46NXBiV1efTTjtXapnO9TEC7nTe84p5xglNBkQxQimiLuGP25z3lWF915mwY5RtuZOKvX4&sai=AMfl-YSxcZxTjVH2nVkwm27Re4tWld1Ks3QW9UR_YIvVEeWlu35KcLSMAa9iqD8W8oIBv5rxq_dWSMR2EQjGcnt-6Wv0SOWqO0vub6VFobTBr5suWmrnT719ypjI2w83H5hvgoFm_LM9aoWssUEopgfYFZ7cPKXQAImGhy9qxGM&sig=Cg0ArKJSzJfm3iXcuZK-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=881&vt=11&dtpt=445&dett=3&cstd=434&cisv=r20211108.48255&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:46:28 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 7ECA	0 23 B	47ms 46ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssS4z0SQ88kLIv-Wxrpz8VM3lcliBekwZJrsmcQDClZxXeedNYQk13RUJcNZjFJx4EGkp0cO3qz8YMVAAcPidyuwikvtLzI4obmAmMH8gUIP_YT_5Hr90xPf5yrTw_t65JCggE2INm3tU3vK7dZOmvaKvCYxKDedLJDdlZ0PuvojhF-8lciDWjtW2eLNtDc5aHBMSFbF227Cl8r7FO2gCud9f0flfI6cq_H7yNK34kZ9SYrv3TLY_yTHv6U6O5U8IxSF4j7b9z0b2g1BePMa1aHUV6pQSbE0prnOiITRNz8dFUu2IxF4pJ2zcDs9s7D43pAUZtTrc0wbQniO-H7YwCG62_l6NjAUw_txFyNZMqxjvRg0G2HCfK94BIkQhnDE-xPkWTL7dstEoDKzxLhd-PIQKNkFFYcEj9Ai0SOYZSxcAsXx-IQMymM8LZtYW_sx1W_8N_NKckkz4GgrBzT1Wv75V0gx0uFZDYtuQT17xeKgUXdYxaqrB8X5W6W9COlOV1229t__78dW6NR8r2Nbl7Bs3e6DCJmYXxpgIR_126vu6qxtzLbFCcmfPHREeEvJuHVU5wvmmtEgGxOWmLVwQ-2B0UsCItXS37pd0fMqMTMPhwQSjagAVpA1c4ASWUFpyDkHMsW8vsECdLwRRcgb7w7ZV8WW7IFlvO0cpH0Zpp0eSEy2TqNcFeoFF77TQUKJ0Bi3KX5-2E7lKg2jz6HcmnT4JmgU-is0o1mVaYkkNhGK0ISxJJBzRGI-2m2n2xQ5XuW3f6ZOLypXGzDycbZKd-jJelaZoZQwokKI6MB_NGHoA1_U8QIEmtpd8AryBW8ewwp-AzhCjdam3jl1AsKqQv6xIt7hz4WNthAUgJDCbXF5yV7QhWz2ZmGkYawcoSHiEva28dldpn0SgpkN5HqdphB4WDCGQENFHnE0chONnAO2wNLLvpwXzx8eXdqLjkt2YzyVE9RSn5oBvn0631k5utLlivUcAKiVeY3i3kG-wux6gVlYgIRQYKpaXv9I_SrDzAtkLJ3LYqRatZLR5TH8rzvC9w_v4yVDUwuklsKpFCjKev2vadxmIFwlv7A6_ia3V4G-wB3YT2576w-yuph1JyGxq016kjBYjeSmzLBb3L06HnuQ2L3OoPd8MmwZU7T1fYIjM6njzLVST9zkrJJJQYo4T_HkCXCJ6HrMOOxlk5l9nHnoDTlE9RHR5W1YEar_Brx15tObSYgVKrIQm_G3Jo9bAvWJjvcvBhuSPQkkfZZ32C7PFh9-z4UQGJZLjau&sai=AMfl-YRWo9XzHAhMSF9bOZTBMQDmFC7RLCl7HTguvvLPZjb5CiEoiHhyNXi6nA48GnbF1SU3KnXkF4ttjq1TYaS0GVFgLRlljD2GmIfdVIw3JMdBpQzU7qxLU55gzopbNoa0Ca_G3l2H-4QIyyQNIQwOz8g7MisIkCbX3l6Zd5t1lDDlgA-g&sig=Cg0ArKJSzIkH7fNVqqBhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=895&vt=11&dtpt=478&dett=3&cstd=415&cisv=r20211108.90715&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:46:28 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame E933	0 23 B	44ms 43ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssZoZTnjutZQPcEg1ylMErJCUER9-_xTdFGEOEUk-BnFZV85-wM-OPUB-aeVNClRKCS49SVNs32MNez9tv0_aXGGIv9pzWdoNoq3ATb0-VWEPi5_Vugr4azbGiKkcRuXClFTH5i-nMsAfPlUYKAwvKTbmsoAzVx4SXwKmS5V_2DXsZ0D2UAwoue19FXxZXa-2rVs-25a_7mvxjbeRvuZmMb3L9OzaVhz5M6R1PPxLf7Focmjr14s_auG1vJSue-_8HhU6KR0xLGtYKH_APeABnv3HlUy-INjkpdBZc4V-nIQyXHP9rwAhgf3dNc-i9e9cPNzHlO1GE_ySsONQYIoQvdd7liBPcidMjVR330vHLUbYHd9USKt7vtFMITbkwQSkb38SZqUrtjOfTgyPpoWKc9jvRfWy1GjFyhjMWYZcanCbrQmrwPDxlbu5mvddcCTCjmQ1E19oFOfTW81tGskRI1saEXRK0o-6CE6oNHUV9nFIfjhmNd_ZeTV6VtaEPCZOmKGuaHngBQ8_ldwHcl6dhyUZxGQJMlw-L5LV_PJteQO8eYwLMLUoff5509tJs0hpyp_72ICtdQbVB5XdEOIMnCiIYc0hPlJV_w5fg_t2pAgWw4u-9sbQG6w_xr7krvq1F3M7qpWupxYbqT44nk-KfO6_eqkAV81mJAWRDd16FGP3WjbnUpCr51Kd05VLixgloloMyD8i9-AArBDciittpSjy9B4_Ca4fcEwTWj8njhRuWCZrH9_rp831SNBa2VM70CYUZTBys7TKgBmUNbBbGuu6uZ33nPcgAaqCxgsecDZYWzuWOn1jC_-_aMYfxPYXjpUrSqiqQysHUoujdfTHWV8E_rdB0aMhM0UMy-MvSHoR5dophUZiB1dZ9UEDO1-zKk5x7BX8YQmWS-G3HX7IJujnrIpYbxYr_thc7PM4k9h6mJqv8fyLj84e2g66wit9h5ANHHu6zjeZGoAoQm02ul4oTEGtcq27bGj4iVNoBeIoWrxakDx9PDeSMp7LxnGDkbJuBz9X53RaTe7jvDofD0UgPYMT7CQ0Yd2VJM7wPR89sjrZsDxr8gyVIQuzNhDvUR880DttjlB-LroOr1XTh7PYxVKpDY2IbpnQARE0u0dv34rHdBToa-OUZ_HZ5A04txzuQQaRBuOZyIdMf87dPXf_ZRQUIgfjS_ptVHhpflWy5RsCyEvea7J9kuVQDR9Zf-z8rBSOh6NdNnc1i3IS7RCjxc-5oxQVZMkDfGRe9d-9JvgKlHEA&sai=AMfl-YTtSbAaaWNN5-ANXNYkgkRe43RxwJGF6Z6lCRndaWoZLLNm61fAfjOh_RiDWSGgfjzlhDLCoA1jKzQhM6-_O3colt2JEC_aizxHl7b_LFRzD4L5hss5d3oGkL9BO8S1Z67M0dBc-djaP98eA4dp4Z6mrtsbKXozKV8m6Qinyc0exBhK&sig=Cg0ArKJSzON9_rZ9z-f2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=891&vt=11&dtpt=470&dett=3&cstd=419&cisv=r20211108.09762&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: facebruek.online URL: https://facebruek.online/one.php?auth=68747470733a2f2f616e696d65736f6e6568642e78797a2f73303268642e7068703f766964656f3d532f5368696e67656b695f6e6f5f4b796f6a696e5f312f30312e6d7034 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:46:28 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	12 KB 10 KB	55ms 20ms	XHR application/json	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110801&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cb887b063a8c4192c9970860968bcb3582a73ecf63832d5f04c52bf5cc069bd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Nov 2021 09:46:28 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9364 x-xss-protection 0
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 2AFA	42 B 174 B	44ms 43ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxMDly_IEt9nsN4Fq13vTEHVpwrlqpHzrMjzM0FATp6BB3NNMv0UtXoQh3Q02Y0PyfaSn_eGvc74N8wmT59fwYLNTtUxqPGZHhIeigQD3XCYnrOhn8sg&sai=AMfl-YS7OsKXJL0pWJMEWD87FDMSWEnmVSNRSStl-4PSfWSAWY1xd_-CfA8Bp8RNRU9kQjPLPVa_z1BV-KdV0OpLPEwnJ2f3ytGHp-nZYtpTy4nHO2tDjFLFegLp-kUnKjn6&sig=Cg0ArKJSzK1wet-E6HL5EAE&cid=CAASFeRoqM0KtZMU30H_mv1wrRD2bO2MEA&id=lidar2&mcvt=1104&p=1448,436,1538,1164&mtos=1104,1104,1104,1104,1104&tos=1104,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=764002462&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636623985720&rpt=997&isd=0&lsd=338&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	43ms 43ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 09:46:28 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 11 Nov 2021 09:46:28 GMT
GET H2	200	TS-Online-EN.png s0.2mdn.net/sadbundle/17146908626802631825/ Frame 0AD6	628 KB 629 KB	17ms 15ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/TS-Online-EN.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 17:20:36 GMT x-content-type-options nosniff age 577552 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 643563 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Nov 2022 17:20:36 GMT
GET H2	200	BitdefenderLogo_white-_2_.png s0.2mdn.net/sadbundle/17146908626802631825/ Frame 0AD6	28 KB 28 KB	11ms 10ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/BitdefenderLogo_white-_2_.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:12:28 GMT x-content-type-options nosniff age 218040 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28426 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 08 Nov 2022 21:12:28 GMT
GET H2	200	OP_20Ans_Ban_300x250_Vec.jpg s0.2mdn.net/sadbundle/17146908626802631825/ Frame 0AD6	16 KB 16 KB	10ms 9ms	Image image/jpeg	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/OP_20Ans_Ban_300x250_Vec.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 948e0d491c3ed599c53000e9fc76ba69d80e4664b032f1a2c24b97a3cefb2a12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 04:54:40 GMT x-content-type-options nosniff age 535908 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16284 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Nov 2022 04:54:40 GMT
GET H2	200	OP_20Ans_Ban_300x250_Vec_F3.jpg s0.2mdn.net/sadbundle/17146908626802631825/ Frame 0AD6	10 KB 10 KB	9ms 8ms	Image image/jpeg	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/OP_20Ans_Ban_300x250_Vec_F3.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 332128bf7a7e69712b8ddb874d77735abbf071e1bfa47695102025080fd04762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 09:44:32 GMT x-content-type-options nosniff age 518516 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10125 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Nov 2022 09:44:32 GMT
GET H2	200	TS-Online-EN.png s0.2mdn.net/sadbundle/17146908626802631825/ Frame B448	628 KB 629 KB	26ms 22ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/TS-Online-EN.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 17:20:36 GMT x-content-type-options nosniff age 577552 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 643563 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Nov 2022 17:20:36 GMT
GET H2	200	BitdefenderLogo_white-_2_.png s0.2mdn.net/sadbundle/17146908626802631825/ Frame B448	28 KB 28 KB	32ms 29ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/BitdefenderLogo_white-_2_.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:12:28 GMT x-content-type-options nosniff age 218040 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28426 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 08 Nov 2022 21:12:28 GMT
GET H2	200	OP_20Ans_Ban_300x250_Vec.jpg s0.2mdn.net/sadbundle/17146908626802631825/ Frame B448	16 KB 16 KB	36ms 33ms	Image image/jpeg	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/OP_20Ans_Ban_300x250_Vec.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 948e0d491c3ed599c53000e9fc76ba69d80e4664b032f1a2c24b97a3cefb2a12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 04:54:40 GMT x-content-type-options nosniff age 535908 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16284 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Nov 2022 04:54:40 GMT
GET H2	200	OP_20Ans_Ban_300x250_Vec_F3.jpg s0.2mdn.net/sadbundle/17146908626802631825/ Frame B448	10 KB 10 KB	43ms 39ms	Image image/jpeg	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/OP_20Ans_Ban_300x250_Vec_F3.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 332128bf7a7e69712b8ddb874d77735abbf071e1bfa47695102025080fd04762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 09:44:32 GMT x-content-type-options nosniff age 518516 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10125 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Nov 2022 09:44:32 GMT
GET H2	200	TS-Online-EN.png s0.2mdn.net/sadbundle/5350200476806826224/ Frame 6238	628 KB 629 KB	49ms 45ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/5350200476806826224/TS-Online-EN.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/5350200476806826224/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:12:26 GMT x-content-type-options nosniff age 218042 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 643563 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:43:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 08 Nov 2022 21:12:26 GMT
GET H2	200	BitdefenderLogo_white-_2_.png s0.2mdn.net/sadbundle/5350200476806826224/ Frame 6238	28 KB 28 KB	69ms 66ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/5350200476806826224/BitdefenderLogo_white-_2_.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/5350200476806826224/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 13:50:47 GMT x-content-type-options nosniff age 590141 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28426 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:43:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Nov 2022 13:50:47 GMT
GET H2	200	OP_20Ans_Ban_970x250_Vec.jpg s0.2mdn.net/sadbundle/5350200476806826224/ Frame 6238	52 KB 52 KB	68ms 64ms	Image image/jpeg	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/5350200476806826224/OP_20Ans_Ban_970x250_Vec.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 142c9e26f060f264a519c2f1031983667863889075a3a23c49c7a5663c90b47f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/5350200476806826224/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 13:50:47 GMT x-content-type-options nosniff age 590141 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52788 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:43:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Nov 2022 13:50:47 GMT
GET H2	200	OP_20Ans_Ban_970x250_Vec_F3.jpg s0.2mdn.net/sadbundle/5350200476806826224/ Frame 6238	26 KB 26 KB	70ms 68ms	Image image/jpeg	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/5350200476806826224/OP_20Ans_Ban_970x250_Vec_F3.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e34d85f69005d3928fb9f497ed7a4dd760147161512f216d634d909e58ce57af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/5350200476806826224/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 13:50:47 GMT x-content-type-options nosniff age 590141 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26972 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:43:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Nov 2022 13:50:47 GMT
GET H2	200	TS-Online-EN.png s0.2mdn.net/sadbundle/17146908626802631825/ Frame 86CC	628 KB 629 KB	61ms 59ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/TS-Online-EN.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 17:20:36 GMT x-content-type-options nosniff age 577552 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 643563 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Nov 2022 17:20:36 GMT
GET H2	200	BitdefenderLogo_white-_2_.png s0.2mdn.net/sadbundle/17146908626802631825/ Frame 86CC	28 KB 28 KB	62ms 60ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/BitdefenderLogo_white-_2_.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:12:28 GMT x-content-type-options nosniff age 218040 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28426 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 08 Nov 2022 21:12:28 GMT
GET H2	200	OP_20Ans_Ban_300x250_Vec.jpg s0.2mdn.net/sadbundle/17146908626802631825/ Frame 86CC	16 KB 16 KB	63ms 62ms	Image image/jpeg	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/OP_20Ans_Ban_300x250_Vec.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 948e0d491c3ed599c53000e9fc76ba69d80e4664b032f1a2c24b97a3cefb2a12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 04:54:40 GMT x-content-type-options nosniff age 535908 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16284 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Nov 2022 04:54:40 GMT
GET H2	200	OP_20Ans_Ban_300x250_Vec_F3.jpg s0.2mdn.net/sadbundle/17146908626802631825/ Frame 86CC	10 KB 10 KB	64ms 62ms	Image image/jpeg	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17146908626802631825/OP_20Ans_Ban_300x250_Vec_F3.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17146908626802631825/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 332128bf7a7e69712b8ddb874d77735abbf071e1bfa47695102025080fd04762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17146908626802631825/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 09:44:32 GMT x-content-type-options nosniff age 518516 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10125 x-xss-protection 0 last-modified Thu, 21 Oct 2021 08:42:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Nov 2022 09:44:32 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 8C68	42 B 108 B	44ms 44ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2jUDJnd7rTnwTS-BKJdWGrqVPu6xfQgZ3rBwLA7sqNaC6vz0rE9B8kix1FWh5OweI2wKW31XkW4Nzxci0uvArhLp17uzFzJ1TR57In9DrVJrP03qw4Q&sai=AMfl-YQMRrdsJtDlgBcaJePybPhOpQO9bo44XCmLsqfYYYl3k1YsX6iX2AU3fBfYTq8gXurWPSlLv8Hf5tMCbgOg-V_BMjGwdFLAkH5T8nsWvMK85H8zgmCevmkMLGcKtAs&sig=Cg0ArKJSzCePMaYss0sPEAE&cid=CAASFeRo4LHQur9bQqOFHKtbi8FHFN9lLw&id=lidar2&mcvt=1040&p=228,340,478,640&mtos=0,0,1040,1040,1040&tos=0,0,1040,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.62&if=1&app=0&itpl=20&adk=78670283&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636623986312&rpt=699&isd=0&lsd=338&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 4319	42 B 108 B	50ms 49ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSoj4WcKyRpJFyDyj0Q_xF59Rv-dekhmqBPylHtk_JI-QOCV2Di83469AmLDxGrI2WH8W8uhvfJCIz2GB6Nyx63ZnNxM-YE08wAadVIcH8aLM-6DjnCg&sai=AMfl-YSTJ-AjGkXBJ5eu_6mVLreY8LRs0nQ8irFfhvo_PKObS-KecbwuTGvRNMuXB9HK1Y5KOZDB638mLOuC0wu2niO77WEab2v5_Hvl6klbHtVo-cYtImB_8P2yd1l6&sig=Cg0ArKJSzEMDJOZI53ysEAE&cid=CAASEuRoDim88wNVgJ2JqWa6zGAQhQ&id=lidar2&mcvt=1041&p=1177,290,1427,1260&mtos=1041,1041,1041,1041,1041&tos=1041,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1712911701&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636623986271&rpt=675&isd=0&lsd=338&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 7ECA	42 B 108 B	47ms 47ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIRqXvB4gWqn4u3Z13kIYc4E8OZqa2qTTFXrq5k6wYohX1w_t5ntLgjK-8sv4uTNNIjWosGBAnLYj24BKN1jHBaaTXFmQ82govELQWNs3-MDIvro9SBQ&sai=AMfl-YQ_hcXh4JFjcV7t6wgkC_u6mYAeNbWOd-yv2Y_Yja0k4HPLQ_4UognuIqlvSODuLYARwiXsOfw91sHP2EmhPmwe2cXNTU4fcFaJwWTwASHtmiti9LnkMT7dZ-8g&sig=Cg0ArKJSzEfTallrHdbTEAE&cid=CAASEuRotZIG2qCeqVpKPD_hvRqLmQ&id=lidar2&mcvt=1043&p=228,650,478,950&mtos=0,0,1043,1043,1043&tos=0,0,1043,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.62&if=1&app=0&itpl=20&adk=1716784816&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636623986326&rpt=658&isd=0&lsd=338&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6DBE	12 KB 5 KB	8ms 8ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Thu, 11 Nov 2021 08:18:10 GMT expires Fri, 11 Nov 2022 08:18:10 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 5298 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 75E6	783 B 1001 B	17ms 17ms	Document text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash cc2cd60204d447f1941e73cb496b43a28de3aef7ea0094854b03d7bf4efe6691 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-5dJuADk1CieV8+wTprp4Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Thu, 11 Nov 2021 09:46:28 GMT date Thu, 11 Nov 2021 09:46:28 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-5dJuADk1CieV8+wTprp4Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame E933	42 B 108 B	48ms 48ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUT59LSJJSZxCrAnlEc904OmiTEO15tpUtgDGthE97UzDdikjKLp9zpwtlHqI0FUnEdg_v9ZqbnUXct8YCi-QFPbIIqtmA8oHlDsuqk1lNC7itZ0vfKQ&sai=AMfl-YRK262Wdib93Zx810SagZKBgdu__qbI9sGrciRwWT8jLO2Ls823rVs52UlZAyqYHg0SdPnPN_Fi1UQ0pfxGlOZHBmW_6qSd_NTiArppV0NlSa4FANKgC6-k4Gao&sig=Cg0ArKJSzG4WUqQv8YiSEAE&cid=CAASEuRo98GIUbCWG321DCmnh4-H9A&id=lidar2&mcvt=1047&p=228,960,478,1260&mtos=0,0,1047,1047,1047&tos=0,0,1047,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.62&if=1&app=0&itpl=20&adk=1454166664&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636623986385&rpt=676&isd=0&lsd=338&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://91b573252c701314a1e6dc5a4d84889d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	sodar pagead2.googlesyndication.com/pagead/ Frame 75E6	0 0	49ms 48ms	Image text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110801&jk=1931255394092822&rc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5E71	0 56 B	43ms 43ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiKp7cuaMYdjEI5CNgQehw7qACAAAAAA4AeAEAg&bg=!BwSlBEDNAAYDGbPvAxk7ACkAdvg8Wpnry9t0ij73a-_4a1udOD7OkJ4ZXSrfqRT3RCbsOMoiq1jsYAIAAAMAUgAAAIBoAQeZAw2No6FsZF6mxU51k5z7Yz_S4wchWYUcCk8SRH3ZILSCvJmRNKM5-O06o4QzyA2wkRicDmWFw0CyPnREPTxpuMwv9qiyOfknGmIUKma-5SeZItfZOPjFHklSgoILiwrZEykb9lLt9-s_eT2xrwmxJu6C_nTbD9tyhz7wvugBHuffiDbtOetAEQQ94PmAokEuaP12HS5KnWtj1kpaAeneaWGY_AhlMSdVGVZ_61f5BFyqFYHObwJI8YJPr7du4f9QH21L4wLbyPCdKRE0XKjbm2qqpqPTn1i1cPRjPnMQ-H-7MBM-77A74vODh8r0Vr8XvmMFkjp-aGtx6v_RgTZ1Blnb199ES8sUGKYlhERI0PMoLvbPtPh-L_StUsOlRZEdgQmBxhc0YYrymOjMRrfATnPr82DDYYBexu_uCvB8CcNyc-vxMlNJvXuE4PLukSs7w8kbovKhanfLk-R_7Uy5lFA8vDaKXdu44DVk7627QnfS_BryFLA2frI8eUsCcLjUKRfiv6AQUv29IGTxg5BTiz54xF69yHZnrC79cYc50Grz5pF_r3RtvK5K33Qi_DMH1i5jqq44S1qggSedOkt7nBx4vtWbe5uFyKRnMnB0jfmietGcSiqH7aPdhXAsoIXWv6JItyWrCBqkSYBtqiUkgQtvqAN14H581iou_ITf6G5bb1878mos2a5WXULf2wEO-rsCQtf7n4UBYHm6uiu0EYPxFK5QWS0tmqK17KJUpeI0djh-JVKMmdKJLdOWe1EOV9ldWGZBiTFzFb_yy7zWn7L3RkODu2ds-lkBUvA8Gw2l-w-0PnePAyAtsrxz51wfPvHFGZzIb0fOjgdlN7WGoeDkbn6nI2TWHcRxYYjmwmzz_X4bNiqVi9fCkhJAkjGLNXfz9liHp0GuCzEp2mI7n_5iNnp7upoygt27Y8Yf1_EUtgt7JIEx34PaLOGqacB2yoyPehKxnDyJj1X3Hj0P1sQ7w7eifuqeNJzL_vToYPxpkDJ19if01nI4mcvgk8RoEzXvk4kbzRkQw3hG8urY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response pagead2.googlesyndication.com/bg/ Frame 6DBE	35 KB 13 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 20:23:11 GMT content-encoding br x-content-type-options nosniff age 566597 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13531 x-xss-protection 0 last-modified Wed, 03 Nov 2021 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 04 Nov 2022 20:23:11 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 66B6	0 56 B	43ms 42ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCJZXcuaMYcvKKsai-gaV8ZmIAgAAAAA4AeAEAg&bg=!9_Sl9LDNAAYDGbPvAxk7ACkAdvg8WhAj7ic-Fc1FeAX2Au0cxzmJ_gTzwciI78yyY8TVy_O45vC8GwIAAALPUgAAAEVoAQeZAz0I6rtA8FttWGD5wA3rGAvBJYoBj85Pg5Uijbg9n4onykow8MWegPq9RyaLOfTvWd_JkX6pVsPQD3tUOreB6sYYKiUcWf3-1G-mwZOYTpzKPZ1h-OOfsyLlCuaXF_84XXFKtO7naHQ3M3dh4F3X8cGBODtUDxTnl6NONnin960oXHpsq0EVdimGtAJyZkxK4Ao1xgNgdeSCTm-NMv5Q8ckLHRtKwCFM_DSefU-aWMAWx98evgkZkWk0flP3E90MwvI88a94rcibVaPosbzQOx4JQvR-3DoM3sFZ2sHp1pVu1sQzWtxCbs06XD6P1GiEHB59UytBOWID0GeGGXlH2B6jFKBsrm-2ff5SL_l65LJZ6BL1ILh4suDo55o931giPPk1X4VwW4-caMGMqMH1sU9gwrxT0lnIHumkGqE_0c0JSQTVfoVj8vwROLLNIKjfypk9TWgB6V9oYX8gd_64feicfDMrm26PEd5z0wyye1yh19qksHxYGdcLC8X-HxUlPdJ2IfdpqNHOXGh0fELA2U7P521Oir_qY4KjBHRNaJVw3rXuQoSqZUFkjmJ3r6XngNw3wfOU9EGjkNWsBqITkknm7PMSo8HmOA-NKIlU7F50Pzju7zZ79zrkZPm1deFaYzUmBn9ofGpDWSNyNAuEvCCYOUAAjHFtSDpWj0I-H6_1cZWucyO-FonU6fzAarKwfR_pYUoIfzwwJW06YsPqMrzsmiCrDPzRGhKEQ4DW22BAGdOyQd9MtYT1_KLxNP8sVEGhbf_O_UaxE_ITfbJI9gZ51dCka5vvwVAv9vKRV50ryi2dj9hmluuE8Lcraj2NhGEydRX3QgZlo5CQYguV_yOWfdJBTToDp5MQRtZBh4aDfafJeG6vnyy-PBFNjEwzq0V-gKRJh6lYWi-RDPgIcMrCLcYtkPF69hWpsb67KX-wakQrhYXv4gSHj8zzlusjcwOomN_avwKphMR9OFY5FX00kPDPptojScCaodS5jXeGC2xX5DFLr3KSsKwqyWfLZPsiFk223mevr1iiNVgl5re06X8O4u51IfO_1v4erv_X1Q9fQCMewN1RGKTlleN4ctQZVEahqc4MnO2LR1Zw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7AD0	0 56 B	42ms 41ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2zB3cuaMYaLHMdqux_APgfK56AwAAAAAOAHgBAI&bg=!x8SlxIDNAAYDGbPvAxk7ACkAdvg8WpRRk6QA54oDiLNm0rmkh41sdnwI_WNRVgOgyT9hCcwpP0oS4gIAAAK2UgAAADhoAQeZA1d1YQLmdNlhlzGAjZTbG2eWfXq9LS8N7aPGa_lbhf1SFX7Y6dhMbnGGoJ4Hy1iUWtcMB7R4QAGIsbeOw-xUzuds5FFX0vMCZuxTHfT5KhAjmdySB532H5zeTn8aGkLPfOd0PzfVdrZFrzU-yUYqyEo_4Ini3ApuaVUzZa22vBYVAhwaQ4B6iFBYWmP65dyR3oOknWh2fbmNmtdNk5Vt3L0rTADjceIUKdV14y62iwGuU3rP7S84ZB8lke0xK4EDJVKu0Njd_ibV7QKvvUy1lZQixfh8_YSqxOmYdlhspZy8bS287nRowhTsPFnhRQqos5OJlZCG9_hUUp2tySZnrXl38qTBCnQ9d1UWrh58QirRxX8HAqoZdzF1KE_LRVcClsfecQI61b6ER1JVBb22t7a_boVva4vRZF24BUUAPxONocQn99femB-aoiSNXCG5MtXVdcG4Ko19Etnkgx0CTg18LJ1N4HR_yX0CPYM0EsbpoKVtjTdz7b2pfRarAMOyIdDruRrwVogt5Q80n9NzBElrcluvG7s0st30VTVi5nNPdo0hTrQqoyTOZan5lV9Z0TlAmuLFNYlMNHIRsUKbsG3JhvOnK-7Rv_hvGbKDfpcqTFiTjMEjXVigWIGez3VkV2s91Cs4xLsCLPRZsz0FjOtWbzcxZgzJ-RY9vkSuUT4F0H0mUDpIlY7hD_7B1t3k4sNjqsZeMEq-sz294dmKXj3b6NforILnDvdDhY0Z88YH2fTitTJ_gcG5C7d91hv7c35PKM-oGKCrKApbPUP9TwO2N3qDBzQiDpxhI16LkMyqkdxM7uVeEl9PKpx6qzXiwlvjU3Nelvl5zUzREeeKr4ta8dNhlFZrjt5q5J82fxFpM_d35tKkFqB4bV2sxnO1sSCtUKeJDMEUoiL54jArj3PFcauN5aCIFujP4EUFqG-LWVI44vPcpg-E7G8UtijtnO90AzpBnfAlKeQrt6XgeJnvQWUZpADJzViY43WgE1KEF2q0yYEYdSawoZmR6isg2NZL2sgqpOSKN4XSUKAPQvafun1W90UByp0zsloc0ZB7-2ctY0V8jmB-ZdmsLfy_1m8eRv5fTzw9gSK-8BvrNR1bVLn5RhH08Q487PaAFIxHDdVy5saVSNI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9499	0 56 B	43ms 43ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6UYUcuaMYYf-LY-tgAfPh4q4BAAAAAA4AeAEAg&bg=!EhGlEVXNAAYDGbPvAxk7ACkAdvg8WoOewIoYGvy1xmMK2eSGpHLewvgZqS1IoH2EnydK9Pm9-hJWogIAAALtUgAAADRoAQeZA1BixGiBJdsliTIgazu1fvqT_zkP_Rg9DlK5_2SPabHDW9wwwU3yysv9ZJO3-7FnZe4n-n08vHuQ5FXQRXqf_8zdCpihcsK7eyW2Daag-BDVFctX8IH00hP1dRAO-VSGrSwD-2Jtka0IaECuWUHUUNp0BNju7y2lajSUO6bkB0pazZ-qzfKKpNvwu80CmoLwhr5SGxVmWrmb5SaMdtWCejuNQOHp_yHt62eH_4lqFcDAwnip1NbfgntOjbDZyxnbWX6VRCyVdFebqYqD4eOZJsV7ZfBItOlxYxPvNB9i7nWz52AwKP3meKNNRBGPbLWw2xe4NMmPHfIfvbqeJrzb6H6QdfZrMQ_LxxxSMK7r954BP37Q6ur4OTkJ9tU6JXdbuqDKrJH8KC31IqiY4c89yc7g9RynnUO9UJi_jFUO6x3lV6vxHKuDHJ7cEEixYDv5_LZhFfrDRl7jomU5obmNgQZ32PVUeTKKlzSNhcg1EkyoKto_mPOHGQVI4KClvFTvgMw2CSdu6n3fyaupsmhEhyrj8x2E3yt4wEATT_jU02tR_tbIluKmLEsZKT0ap3XqL64Ym_4BHprK6xIKGQvACxaguR5LvkleocIEEL7fA9gwQdQ11zPBo05XgvxJTwuYVbdI-gP77WOV-Cj2bZdvVNF6FkKRJQ_Ylat2C1U8DMbSF6HI5GTFlkdneSC_T8O6xfmkiVKchlYH3Dy1pEY6GtuIEQW3R-EenGeJfDLAiOOL-d5hktu1xeYViQREKm0G3klTeoKu8q2S7fRJl3SU7aAyUxs9U4twNO3bLC0x6OFmcIgRqBGcUJbMeHJ7zENhUV8ByU9PkolpiUmGP6i68vmnFXMDKywjJfIvvuhLdZyfClVyDuDEBrpvt4WuT8U0dPkwtyzbcfqBWawlrxjQ9bLGq_YTLmfj2K68dCfDJHbwsojKCus4OjzvabiTM_OMKha_CAl86W3aURZ4oIbDkIfiUEl5jWzgWzPoH2aYMrUahzZK-v4-fe6-PX3bueqFikryCchVBMGv3Hg5zPDB679jYqtI2y5eAt1h010M3a2HH_ST8WCJHiU15uSF-IPas75QsMn4bWefQ8U6-gDFLbvBOltpBkeiGZSlTsNJgpk21Q Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C518	0 56 B	43ms 43ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBftPcuaMYeuFLZP-3wP1kJmoBAAAAAA4AeAEAg&bg=!cnGlcTXNAAYDGbPvAxk7ACkAdvg8WoAG-nPjt1iyXFkX3AZlnSbXNwmnGNZFNKrxtvsm1Bl5cmAC0AIAAALcUgAAADJoAQeZA2AWMJ_b-IsrVCay2T8Zj21vV0MNbnWeJELQ0xPMeiFDIBevBt6vXbo-QehZGfMJ7JiUx0SMCnyzVnqln7dek24XWffh2xuIDUcv_KPaHT49DVNrKlxAQz7h5_KPIuaj6-lBjyspDdpkz5RmZEQrghtOkJoBj6hmj9o6Na9TEwIeVqjOF0XmkG6EIJseFcz2pjoytxT3XhWOKNL7HYCMdrenlSeS4IDyYd46nHKeAleYQ4RXVYhCzt7djuYE9qyVJuyRLwB_bCM4DdKCfbyTut4woQTF-4G-Iv_cRGGbW-QzC7ToqQqXSwT7IRZ8aQ7-0xbKlLBL9vUYsMRbkKYr5Zotb-3YuFhjpK9ABMwsM8XcL-gEIF0tNkWm7IGMRqvnb4faEh9lkNo2UA4W42xtya8l4VYJWhQMhv6T8g5ApKhUWeZNg4SN838NMblVu1u0oBKiduaVvPefU1bOdRIPQRoRbaeHBceDYN8MNlmkbIMP6sjGjIbHSyOmfyKZ0rvVmgPXy3977bJ1u5f6gHB7C23mz-r7Einr-FU_n_TgZjVxGqP0GzFFF3OHNOWHm3jAb9do4bLAodULOZj0xtpXeSz8hq1EHh0E9ySwUCXJmZTHHvCnhGbcYWhSei2bwfxTlD0mrfSqtRSPiZNtirdrTIjMwBcwWfY3n6dOaAH7u0RUg6Jp-NVYDiCQTERx6EmfUgsEcuBfMXAkfvK3n4U_eK9KO-wn0Hs7j_fieSCl0VDCUzEacmzzXYxFuC__Ygd3tKV3XQNJKhfruMSao0WSHIWxfxNSZ3fHaHpmugdiQHiUHZjSDyCt7w6trw7hk58vKirYDK_kF-2xoCa1Td3DFFTkj88Aq4KK9RRVcZd8XxHWbPW463Dblqr09_qrCUt5IyDwY_cmSE9Jy2jiI4u0oOYPu9vUZjudEujwFROj-mKzb8qF22lhJGnoNOFKPSsNPc03Bf-HUKtPG5bM5Xa-f1ZE4oBik3j_FnIbWKvbZsWhAo3EPJQ3L6c8UTr_aftp_xwW-XYAMfOIL4DG9aFg2iwrXN1CI1Ba7lvmoGIknARJ4M6n1YYAyf-I_cnynUxtCEHJ1TXABdhs0CG_sDEKDVFP6eGJN0_vdXPa0STePp6folF-4mdvSexVDvrspPK8XFI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 56 B	43ms 42ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110801&jk=1931255394092822&bg=!mpmlmd3NAAYDGbPvAxk7ACkAdvg8WpLOsoMJ7Uu52VXJqwYQM-FeuMAQXHEHGHzLczqBCDdbbT6pZAIAAACjUgAAAAxoAQeZAqyMlItDdc8RpKBNnQSaSPU9lQNwCmmuopG8fnhjVOXX_vu08SOk8d75X3WuHKOnxCAPWb6FgeJxpYCBjwb4aDeB9ywWExxxYAvQfHP_VE9LLePZFlrZDTlrsE_tHp7W4S-GwQ3BSt3o0_o4KYH9-J34Nyd_xTjV7DIjsagr6IIQq-nsFKa2tPZHj2wO-QVBA5-gBZzz-6xNntHxlX5Ld5ru4zSEhVa2gAcknMhu-NYsiiqioTOLk-HD5DQ_NEmLadBQuK6vjSc8bruFdlVfgbwa6vzIbcPheBcOykrrTLuozrLtBvC5WaqG887wRtAjK6ZOgLq3WVcUfuyeFyjbQidAGTEVUhshH3-t9N82WLXisCvgNoxSZaAdWphiO4Ua1se5m8ey9ocqAvVK1Ww-OorxBe1c62_xkuv_fUqA7bPFbdSlPeh95_Dv0OTMg5be04x1G5sSdBd1kOhTnsrG1BdumyvhYTmPOpAMAG00iImrPxUNHnLzym2EC_o0oVlgxylALlonQiBeER-yYc-ZS4xgob3Q-pldJfHwNy8xl8oZ_wbqlj92AbyC9yY8Yk2mFzqig2mboGp4FF3JxiuVfhTvvOsFUANHlUHllFUevw9z83mznLgZpM-NyHg1scJ1hZksYBvvXe2s-g6oy5lTZX_eUd2D0ZWPMfwAPdh-jgT5_1bcXjM2pD6syMQ3TotkMemK3GWO8HAQv_KTMM3PYbG6MhLgjval2UFol9_ABJB37gYeihDYxaiIKPxkc3fmg_wcfYuOc0iF6v8X6n5TjTHKOVOrRX0uD64N9T4_SKTAUa9D85SMjv5Nbsv9TUmc49BiOiWZjNNMP9l8XstSHTJFQlgqIFOF7dZK1r6cQr33WQ6iRvs8szYOajqnl9IlDGvwkJ0M-4pHzEJTF0M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://grandnoticias.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 09:46:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaQ2cvOVUezZm7ZFN2AnRp823TLpme0mrc345I3ne7IatpSvDK_ZVvOEO0zTq90fMR4jw52PUatwmm8Xl26HRaT5A4jE_NV1GOZa5YPEjx4yA2VpJ4MhRLwWze-OzhBWN_a-J2ncaOB0lnfRvYZ0f-tOkBEBFq7Ktn6B1nZ8A00eza0RdsGwgBrWhPUhM6I-dzQAloIh9LwhAPsQgdUCVpmu3FscN9gxETHg0A0sLcHM43hMntBVHCNHEUy4NSXWNW0upOy3AVrHNyOrAZ0jeRSdFKDbK5-bR1sdWZ65oyNHvM924TBf4sjQ18Km2NLfaxqjqO_xbtQuQB05qVeR1kYiaPz5qdcnnIQu5DW9ULBvwN0oNN-3584JCXwrdAf6ig&sig=Cg0ArKJSzLuzjbQRJ3MQEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain

www.googletagservices.com

URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain

cms.quantserve.com

URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPMba3MGIs4Nb7aWaVioVOc&google_cver=1&google_push=AYg5qPLk2ljhpiASXBthNOQv3wy0ZhlCmxvi5hDvYY752mep-wChUslx86we9u29uVpMHG93fQZ1uLbMWF3V_ajPrkQGOVAmz8D4

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYzmczAgIHWxfUe5hI804gAABGMAAAAB&google_cver=1&google_gid=CAESEK_SdXAVy8ywBM2jXCvGxKI&google_push=AYg5qPK4HVRpm9uZi88IE56T6ExzujrRB38aL0eqE_5O8Fg4Gw5PbOk4mLu0r-BsGlTarHMTvJ8U547H8bnt74EBURHnwsVU_YI

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IkD3Wg9vTm2yLfZQgbpL9Q&google_push=AYg5qPI0wCdCR15vjVn_0sPx_n4po_c03Gruvb4RtirSxUppBvC79iaaCjXNd-rUayLZiaCIlOTXAacxhmrGUSIH-mWqwenalwY