urlscan.io logo urlscan.io
SecurityTrails logo

www.bandab.com.br Open in urlscan Pro
2606:4700:20::681a:130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Effective URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Submission: On May 22 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 15 countries across 80 domains to perform 379 HTTP transactions. The main IP is 2606:4700:20::681a:130, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bandab.com.br. The Cisco Umbrella rank of the primary domain is 437460.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2022. Valid for: a year.
This is the only time www.bandab.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
41 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
15 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 32 142.250.74.194 15169 (GOOGLE)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 3.71.149.231 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
2 147.75.84.158 54825 (PACKET)
2 23.88.17.186 24940 (HETZNER-AS)
3 14 37.252.171.149 29990 (ASN-APPNEX)
1 4 51.89.9.251 16276 (OVH)
4 2602:803:c003... 26667 (RUBICONPR...)
3 34.149.50.64 15169 (GOOGLE)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 3.69.2.24 16509 (AMAZON-02)
1 54.76.7.236 16509 (AMAZON-02)
6 185.86.139.59 201081 (SMARTADSE...)
2 2a03:2880:f10... 32934 (FACEBOOK)
3 77.245.57.72 36057 (WEBAIR-IN...)
12 172.67.10.198 13335 (CLOUDFLAR...)
1 185.184.10.30 203690 (RTB-HOUSE...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
32 2a00:1450:400... 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
28 2606:4700:20:... 13335 (CLOUDFLAR...)
4 8 185.80.39.216 27381 (CASALE-MEDIA)
2 64.158.223.140 41041 (VCLK-EU-SE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
1 1 31.220.27.135 39572 (ADVANCEDH...)
4 4 216.52.2.30 32475 (SINGLEHOP...)
2 159.203.145.121 14061 (DIGITALOC...)
1 52.194.134.93 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
3 3 151.101.66.49 54113 (FASTLY)
1 1 35.186.193.173 15169 (GOOGLE)
2 2a05:d018:d29... 16509 (AMAZON-02)
3 178.250.7.11 44788 (ASN-CRITE...)
2 35.227.252.103 15169 (GOOGLE)
8 9 69.173.144.138 26667 (RUBICONPR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 142.250.185.66 15169 (GOOGLE)
2 213.202.235.10 24961 (MYLOC-AS ...)
1 34.96.105.8 396982 (GOOGLE-CL...)
3 3 18.185.28.161 16509 (AMAZON-02)
2 2 52.16.122.133 16509 (AMAZON-02)
3 3.33.220.150 16509 (AMAZON-02)
2 2 213.155.156.180 1299 (TWELVE99 ...)
2 2 37.157.6.243 198622 (ADFORM)
2 184.29.202.60 16625 (AKAMAI-AS)
4 4 142.250.181.230 15169 (GOOGLE)
6 6 84.200.5.215 44066 (DE-FIRSTC...)
2 167.233.13.224 24940 (HETZNER-AS)
2 2001:4860:480... 15169 (GOOGLE)
2 2a02:2638:d::2 44788 (ASN-CRITE...)
1 6 2a02:2638:d::d 44788 (ASN-CRITE...)
1 178.250.7.13 44788 (ASN-CRITE...)
3 151.101.1.108 54113 (FASTLY)
4 23.56.202.187 16625 (AKAMAI-AS)
1 3 162.55.233.29 24940 (HETZNER-AS)
2 3 52.46.155.104 16509 (AMAZON-02)
2 3 67.220.226.238 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
4 4 213.19.147.44 26120 (RHYTHMONE)
1 1 2620:112:f006... 6336 (TURN-US-ASN)
2 2 188.42.34.65 7979 (SERVERS-COM)
2 8.2.108.175 46636 (NATCOWEB)
1 1 37.157.2.229 198622 (ADFORM)
1 1 2.16.186.10 20940 (AKAMAI-ASN1)
1 3.70.58.251 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
6 104.18.132.145 13335 (CLOUDFLAR...)
2 2620:116:800d... 16509 (AMAZON-02)
3 35.201.123.184 396982 (GOOGLE-CL...)
1 13.32.121.17 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 2 35.186.194.101 15169 (GOOGLE)
1 1 185.86.138.151 201081 (SMARTADSE...)
1 1 34.249.208.98 16509 (AMAZON-02)
1 104.111.217.14 16625 (AKAMAI-AS)
1 2a04:4e42::300 54113 (FASTLY)
1 52.211.237.29 16509 (AMAZON-02)
2 2 52.215.85.23 16509 (AMAZON-02)
1 1 37.252.171.53 29990 (ASN-APPNEX)
1 2 185.86.139.101 201081 (SMARTADSE...)
4 34.102.185.99 396982 (GOOGLE-CL...)
1 2.18.235.93 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
379 84
1    2606:4700:20::681a:30 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bandab.com.br
41    2606:4700:20::681a:130 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bandab.com.br
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    2606:4700::6810:df3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
8    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:4700:20::681a:f79 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.premiumads.com.br
9    2606:4700::6812:160e (United States)

ASN13335 (CLOUDFLARENET, US)
tags.denakop.com
5    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
2    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
9    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
32    142.250.74.194 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    147.75.84.158 (North Holland, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    23.88.17.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.17.88.23.clients.your-server.de
shb.richaudience.com
14    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
4    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    3.69.2.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-2-24.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    54.76.7.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-7-236.eu-west-1.compute.amazonaws.com
ad.360yield.com
6    185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
cpm.denakop.com
12    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
32    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
23    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
28    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
8    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    64.158.223.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float2.dotomi.com
dclk-match.dotomi.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
4    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
1    52.194.134.93 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-134-93.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
10    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    2a05:d018:d29:3602:d660:350f:5ea6:8858 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
9    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
4    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
2    213.202.235.10 (Grenzach-Wyhlen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    18.185.28.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-28-161.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.16.122.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-122-133.eu-west-1.compute.amazonaws.com
ads.avct.cloud
3    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    184.29.202.60 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-202-60.deploy.static.akamaitechnologies.com
www.awin1.com
4    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
6    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
2    2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)
htlp.eon.de
2    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
3    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    67.220.226.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    213.19.147.44 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2620:112:f006:bbbb::12 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    188.42.34.65 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    2.16.186.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-10.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    3.70.58.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-58-251.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
6    104.18.132.145 (None, )

ASN13335 (CLOUDFLARENET, US)
t.seedtag.com
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
1    13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2600:9000:223c:4c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com
ad.sxp.smartclip.net
1    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    34.249.208.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-208-98.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    104.111.217.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    52.211.237.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-237-29.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    52.215.85.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-85-23.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
4    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
b.t.tailtarget.com
tt-12765-5.seg.t.tailtarget.com
t.tailtarget.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
Apex Domain
Subdomains		 Transfer
60 googlesyndication.com
4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
332 KB
55 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 337
ad.doubleclick.net — Cisco Umbrella Rank: 165
281 KB
42 bandab.com.br
www.bandab.com.br — Cisco Umbrella Rank: 437460
919 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 32812
ad4m.at — Cisco Umbrella Rank: 10585
assets.ad4m.at — Cisco Umbrella Rank: 43177
2 MB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
acdn.adnxs.com — Cisco Umbrella Rank: 583
secure.adnxs.com — Cisco Umbrella Rank: 417
66 KB
17 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 469
pixel.rubiconproject.com — Cisco Umbrella Rank: 315
eus.rubiconproject.com — Cisco Umbrella Rank: 566
token.rubiconproject.com — Cisco Umbrella Rank: 573
27 KB
15 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 26023
usr.navdmp.com — Cisco Umbrella Rank: 30246
cdn.navdmp.com — Cisco Umbrella Rank: 6025
sync2.navdmp.com — Cisco Umbrella Rank: 48645
sync.navdmp.com — Cisco Umbrella Rank: 10387
8 KB
12 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5934
csync.smilewanted.com — Cisco Umbrella Rank: 3794
static.smilewanted.com — Cisco Umbrella Rank: 10486
17 KB
12 denakop.com
tags.denakop.com — Cisco Umbrella Rank: 163228
cpm.denakop.com — Cisco Umbrella Rank: 182772
125 KB
11 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 723
dis.criteo.com — Cisco Umbrella Rank: 575
gum.criteo.com — Cisco Umbrella Rank: 413
mug.criteo.com — Cisco Umbrella Rank: 2837
9 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
375 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 68
1 KB
9 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1638
ssbsync.smartadserver.com — Cisco Umbrella Rank: 724
sync.smartadserver.com — Cisco Umbrella Rank: 1330
4 KB
9 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 4143
t.seedtag.com — Cisco Umbrella Rank: 12975
133 KB
8 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
6 KB
7 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 60632
d.tailtarget.com — Cisco Umbrella Rank: 67888
b.t.tailtarget.com — Cisco Umbrella Rank: 55547
tt-12765-5.seg.t.tailtarget.com — Cisco Umbrella Rank: 139095
t.tailtarget.com — Cisco Umbrella Rank: 6902
24 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 950
4 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 373
110 KB
5 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 3515
sync.richaudience.com — Cisco Umbrella Rank: 1783
1 KB
5 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3537
onesignal.com — Cisco Umbrella Rank: 1386
img.onesignal.com — Cisco Umbrella Rank: 7117
91 KB
4 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 78256
1 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
2 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 141178
static-de.ad4mat.net — Cisco Umbrella Rank: 183763
8 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
211 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 729
854 B
4 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 991
ups.analytics.yahoo.com — Cisco Umbrella Rank: 272
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2230
21 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 514
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 562
cm.adform.net — Cisco Umbrella Rank: 1155
2 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 306
793 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 606
940 B
3 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 29395
creativecdn.com — Cisco Umbrella Rank: 531
908 B
3 gstatic.com
fonts.gstatic.com
54 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
172 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 200
2 KB
2 smartclip.net
ad.sxp.smartclip.net — Cisco Umbrella Rank: 4139
703 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 970
pixel.quantserve.com — Cisco Umbrella Rank: 790
10 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 2738
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1572
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 639
59 KB
2 eon.de
htlp.eon.de — Cisco Umbrella Rank: 280178
918 B
2 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 91562
3 KB
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 80054
444 B
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16768
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4789
645 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3720
1 KB
2 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11642
120 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1172
348 B
2 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 4404
268 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1470
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 742
s.tribalfusion.com — Cisco Umbrella Rank: 1808
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2889
207 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
259 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 508
eb2.3lift.com — Cisco Umbrella Rank: 358
681 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 855
278 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1346
contextual.media.net — Cisco Umbrella Rank: 599
9 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6080
515 B
2 premiumads.com.br
tags.premiumads.com.br — Cisco Umbrella Rank: 270549
133 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
114 KB
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 601
338 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 635
373 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 532
227 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 755
204 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 918
1 KB
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 155
300 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 518
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 560
587 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1040
481 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 812
434 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 339
650 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1812
174 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 44088
607 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 5642
44 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 5004
290 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 644
171 B
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 978
620 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 875
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
852 B
0 navegg.com Failed
id.navegg.com Failed
379 80
Domain Requested by
42 www.bandab.com.br 1 redirects www.bandab.com.br
static.cloudflareinsights.com
32 pagead2.googlesyndication.com securepubads.g.doubleclick.net
4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
32 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
23 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.bandab.com.br
4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
14 ib.adnxs.com 3 redirects tags.premiumads.com.br
tags.denakop.com
googleads.g.doubleclick.net
acdn.adnxs.com
12 assets.ad4m.at as.ad4m.at
10 s0.2mdn.net www.bandab.com.br
s0.2mdn.net
9 www.google.com 1 redirects www.bandab.com.br
4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
tpc.googlesyndication.com
9 tags.denakop.com www.bandab.com.br
8 csync.smilewanted.com tags.denakop.com
csync.smilewanted.com
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
8 securepubads.g.doubleclick.net www.bandab.com.br
securepubads.g.doubleclick.net
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 sync.navdmp.com www.bandab.com.br
6 t.seedtag.com tags.premiumads.com.br
t.seedtag.com
6 gum.criteo.com 1 redirects static.criteo.net
tags.denakop.com
tags.premiumads.com.br
6 prg.smartadserver.com tags.premiumads.com.br
tags.denakop.com
5 pixel.rubiconproject.com 4 redirects
5 googleads.g.doubleclick.net 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
pagead2.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 token.rubiconproject.com 4 redirects
4 eus.rubiconproject.com tags.denakop.com
eus.rubiconproject.com
tags.premiumads.com.br
4 www.lead-alliance.net 4 redirects
4 ad.doubleclick.net 4 redirects
4 googleads4.g.doubleclick.net www.bandab.com.br
4 ap.lijit.com 4 redirects
4 www.googletagservices.com 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
4 fastlane.rubiconproject.com tags.premiumads.com.br
tags.denakop.com
4 onetag-sys.com 1 redirects tags.premiumads.com.br
4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
3 sync.1rx.io 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 s.amazon-adsystem.com 2 redirects
3 sync.richaudience.com 1 redirects csync.smilewanted.com
tags.premiumads.com.br
3 acdn.adnxs.com tags.denakop.com
tags.premiumads.com.br
3 match.adsrvr.org 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
3 x.bidswitch.net 3 redirects
3 dis.criteo.com 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
3 sync-tm.everesttech.net 3 redirects
3 prebid.smilewanted.com tags.denakop.com
3 cpm.denakop.com tags.denakop.com
3 s.seedtag.com tags.premiumads.com.br
t.seedtag.com
3 onesignal.com cdn.onesignal.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
3 tag.navdmp.com www.bandab.com.br
tag.navdmp.com
3 www.googletagmanager.com www.bandab.com.br
www.googletagmanager.com
tags.denakop.com
2 b.t.tailtarget.com d.tailtarget.com
2 sync.smartadserver.com 1 redirects
2 dpm.demdex.net 2 redirects
2 ad.sxp.smartclip.net 2 redirects
2 d.tailtarget.com www.bandab.com.br
d.tailtarget.com
2 creativecdn.com 2 redirects
2 us.ck-ie.com csync.smilewanted.com
2 ads.betweendigital.com 2 redirects
2 static.criteo.net tags.premiumads.com.br
static.criteo.net
2 htlp.eon.de as.ad4m.at
2 partner.o2online.de as.ad4m.at
2 www.telefonica-partner.de 2 redirects
2 www.awin1.com as.ad4m.at
2 c1.adform.net 2 redirects
2 d5p.de17a.com 2 redirects
2 ads.avct.cloud 2 redirects
2 m.exactag.com 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
2 static-de.ad4mat.net as.ad4m.at
2 rtb.openx.net 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
2 pr-bh.ybp.yahoo.com 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
2 cs.chocolateplatform.com 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
2 dsp.adfarm1.adition.com 2 redirects
2 dclk-match.dotomi.com 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
2 prod-rtb.ad4mat.net www.bandab.com.br
2 www.facebook.com www.bandab.com.br
2 shb.richaudience.com tags.premiumads.com.br
2 prebid.a-mo.net tags.premiumads.com.br
2 cdn.navdmp.com tag.navdmp.com
2 www.google.de www.bandab.com.br
2 stats.g.doubleclick.net www.google-analytics.com
2 usr.navdmp.com tag.navdmp.com
2 tags.premiumads.com.br www.googletagmanager.com
tags.premiumads.com.br
2 connect.facebook.net www.bandab.com.br
connect.facebook.net
1 t.tailtarget.com
1 tt-12765-5.seg.t.tailtarget.com d.tailtarget.com
1 eb2.3lift.com tags.premiumads.com.br
1 contextual.media.net tags.premiumads.com.br
1 secure.adnxs.com 1 redirects
1 beacon.krxd.net tag.navdmp.com
1 trc.taboola.com tag.navdmp.com
1 tags.bluekai.com tag.navdmp.com
1 sync.crwdcntrl.net 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 pixel.quantserve.com www.bandab.com.br
1 rules.quantcount.com secure.quantserve.com
1 sb.scorecardresearch.com
1 tags.t.tailtarget.com t.seedtag.com
1 secure.quantserve.com t.seedtag.com
1 match.sharethrough.com csync.smilewanted.com
1 ads.stickyadstv.com 1 redirects
1 cm.adform.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 px.ads.linkedin.com
1 static.smilewanted.com csync.smilewanted.com
1 mug.criteo.com
1 ssum-sec.casalemedia.com 1 redirects
1 tr.blismedia.com 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 cc.adingo.jp 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
1 s.uuidksinc.net 1 redirects
1 s.tribalfusion.com 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 prebid-us.creativecdn.com tags.denakop.com
1 img.onesignal.com www.bandab.com.br
1 ad.360yield.com tags.premiumads.com.br
1 tlx.3lift.com tags.premiumads.com.br
1 bidder.criteo.com tags.premiumads.com.br
1 prebid.media.net tags.premiumads.com.br
1 ups.analytics.yahoo.com www.bandab.com.br
1 cms.analytics.yahoo.com 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com www.bandab.com.br
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.onesignal.com www.bandab.com.br
1 static.cloudflareinsights.com www.bandab.com.br
1 fonts.googleapis.com www.bandab.com.br
0 id.navegg.com Failed tags.premiumads.com.br
379 127
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-12 -
2023-07-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-28 -
2023-05-29		 3 months crt.sh
premiumads.com.br
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
denakop.com
Cloudflare Inc ECC CA-3		 2023-02-17 -
2024-02-16		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-05-09 -
2023-08-07		 3 months crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-07-27		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
eu.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2023-03-16 -
2023-06-14		 3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-11		 9 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2023-04-03 -
2024-05-03		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-04-12 -
2023-07-11		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-10 -
2023-07-10		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
quantserve.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh

This page contains 50 frames:

Primary Page: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Frame ID: 7758F4B3FC87602706EB6F9AA5B015CC
Requests: 165 HTTP requests in this frame

Frame: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FE3C1622D00110FA989A7262172E092A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 943721371DE5BF94F8B0966AC8EB6A48
Requests: 1 HTTP requests in this frame

Frame: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6EDA67EA5A8DED6DB8562F284D89CF11
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Frame ID: 835F316939493C7BF0A7E0C3EAAFC04E
Requests: 15 HTTP requests in this frame

Frame: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 931EEA8F147C2EA21C2F9FE2C2C9928E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGOmSkOkBMAE&v=APEucNXUpHPm-zWlcW3yVlW2LxGFM504lVD33XnMyCJFfg1rAMGOsi0hmcNAT1OfORuQDHaRPFohwe9uUnB04M6kk8R-R6N50EzQR-WdZGnf2hPjQtLrcIO4SKIFp1tb2ZyWy1o3Ri8QOJ-Rd8wI7p6ENtBgnFHApcSMzYhPN0C8IfA8b5NlZXBcNKAbO2lgEjBbG1wzXfxWRyUxnPgeyh66XJeqB7sWtQ
Frame ID: 4662DA9BE45AEF4F05CCD7D41BAA9D52
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hbd9wb3veyxhtd8fymm2qydwf3p4n0xcfst5mevrer8fn03wc4g4qxc81ysxn56z5yj15d59gw64xcnyw8efxnpv4m9fjp8jx0zyd4dfxgphay53hk0qn0xk2pa2cjzjphsfyy8rtkems14s43sy5ecp41yc8fxnrbj7hf63rtweqxd28x7r6xy5d8cjbth5973k8esg3h8faamq272w2xva505kzadygj88bt3vnsppfwk8ksqsvpbtkbdmxqhqps4qj0nbg7b3zen9rhetsvr0s9bwyywvtjdkthv8svvgrd1qhgpjb973rpb4sqpnssbbmfk26ydhpksbeeb8z0znpgx01hmbg8dc2h05zjb5a5epf1t7t1kqrpjp61z40nqe27dt6bhgbk82vcjdbdycdt15sftbxcywktmexme837mfaqvg0qrws78sbsjtk7bkh6asr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%26client%3Dca-pub-8170966538152543%26adurl%3D
Frame ID: 9A42953A5CF6EACA0FE8D4CB300F3AE8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 941FE5EF94BADE91EBC3F3E7D63BC212
Requests: 9 HTTP requests in this frame

Frame: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 064E5F71FC0447937CE8A3BDA6375685
Requests: 21 HTTP requests in this frame

Frame: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 07B2C42B6DCE7562354A3640837DB84D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGIqbkOkBMAE&v=APEucNWby5d1KXwyIU0B8pajHziup0HhO7N7ekwuNB_tlm5Zu5roEvoMBY5BZ3WHGq_ifTzmtKxRHYqSSOCMgTUKloJ7tX3PiyDBQPfvZly5X8DaAlwir607dvUxaEXkZBS7dddkutDUCG2o1NmGnBQb2pX0Gewl_CudmSxeuQ5T2zS--cs-prk
Frame ID: CA305715C021C6FCDBBB45648FE73942
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kmfcv8q5ebbwyvk5shf37qn6kzg6r0rmbdqehcp9qppyvet41c8jz3xgjx4jn7em10eb7t60qrztg8ks55ae21shpzy64ssmsj8xkjqsnsj3ngexgg1h02chwy08rpcvz5j6s5fc6vcc6m01jpmht8rqra07gscpk93r1n2xwg4mf0bg0jvttz7ebe1rm8dzczmgf28q5sqbmwj8jwafay06b73q2c430sbz1xr2vz08my54pn3p5j47q3ga3zdp51k3xzfs9ajvt92n2p978814ck5e80j6qbwsx86m9m32hk7gpmz7jrrrhxvhd3rb7tbnbfp4a8e35wx8fjwpv5c0v8arrj1ytazf22adksas8m352ewg80zrag8fwm1mmnthk5pan6bhq926zf4cn0c2vj5rfrf3c81ek67nwcjgmwpewhb3rp6c7c1rvsy48shfwf58r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%26client%3Dca-pub-3619045887187031%26adurl%3D
Frame ID: C2AF4C6763D6CCA3200DFCB3635F7D00
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ECA5FF8514496103ADE1BCCDF03C1E8D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 015AF41656069697DE651B4A228E7D94
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E255B2A5999DC2D6654EF3B01D8CE79
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6227621190088989798/index.html
Frame ID: 8C2657AF843483BF22308D3E73FEEECD
Requests: 4 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E9B44BAE1EAA9BD7140FB61B21FB0437
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9FAC82EE1B9B7DE863AEE50043CD1B07
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A4265CBB1E61FB9E356EF6D712272719
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B681FA152C9DA27C216BA419CF2DC0A8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10980965880029082187/index.html
Frame ID: 23CAB6F7CDE9C4E57B91A710607715EF
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7223A2ABF31CCE2EA81E01F96D2D7967
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 54D58A037AEAF647C20D151C00CB41F7
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Frame ID: 7561BAFB60F9E23E2E122A196DC26791
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
Frame ID: B11029D2885FBE8A9362BBE8295C1622
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bandab.com.br
Frame ID: 18E48E41503EEBC8A6694A361AB580AA
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 86FEA87E9C7ED56E26638C3201D7C20B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 720C4104B2795D2144BDEE5B2E6D0150
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6D030634E6A9CD584BD80E6A3EF4E9CF
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 1FAE666A56D74312FB215E4BCCCE21D6
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 9283FB5BAB4094CEEACDB88D5E499FD4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/sovrn/GsEQuGZHbNnVuB61SYeKo7od
Frame ID: 71E82C00C11C5BC0625A9D24956CAAD8
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: DA567B54AA45A9B4C358F45810F0F643
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-311a44fe-ba3a-4f1e-ba7c-432e5911f1d3-003
Frame ID: 384A64549E8CBC2B4A5ED29D680311A0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/9e46add6-3d2f-528e-a77b-a97fc310d7b9
Frame ID: D21598D72D14BA171A36D2CE1E5A9197
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: FB6874DCFBA63F088301C19858CD85FE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/2372839099368657357
Frame ID: F1C98FFBD14FFD1E23E8C732CDA50185
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/6b21f225c1819795ab8a174c443b7?gdpr_consent=&gdpr=0
Frame ID: 8EB43C2702B2A2A8BE11BF660222A015
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 5232BB4470D1DD5E0D526691FF02E057
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 6167AA8BC89E42D9276022EAA011ECEE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/K29h69j8H797NC73kbbw?pi=smilewanted&tc=1
Frame ID: 4EBC73811E969326DC612DF30D4D120D
Requests: 1 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 19C5BE57E20DDDAA2E8F4A00EEEC01A7
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 07393163F446397015AE05D919EB829B
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5133253
Frame ID: D7C99C98255FA250B4A3854ECA2228A5
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: E2D31F8A854E2D7906B6E7BF64045D7D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1684766402408
Frame ID: 71372F6B1695C17D64AB2927B7D35E01
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E70E8024E17AA15699DAF7FA241087C0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 00EAA85954299F606526D34ACACCBA81
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: AC3C373D9B104EE6C5141474600F47B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vizinhos escutam gritos de 'socorro' e encontram mulher trans morta a facadas dentro de casa em Colombo - Banda B

Page URL History Show full URLs

  1. http://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/ HTTP 301
    https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

379
Requests

88 %
HTTPS

38 %
IPv6

80
Domains

127
Subdomains

84
IPs

15
Countries

5061 kB
Transfer

11196 kB
Size

96
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/ HTTP 301
    https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=80484508839 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=80484508839&google_tc= HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=80484508839&google_gid=CAESEDrB3H6j6zJgrI85HqT5cnE&google_cver=1
Request Chain 76
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=cde7646b-7ec2-4700-a644-d2cfd59057f1
Request Chain 77
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Request Chain 160
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1
Request Chain 178
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGt.w9Fr1DMayGvHe.zftQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1&google_hm=2
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPrILlbBBy3sVQkjCLTd8XE&google_cver=1
Request Chain 180
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc3NDUyMzkzNzcyNzUzNjI5Nw%3D%3D
Request Chain 192
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFryYqop9qr1OMaWImb4JPI&google_cver=1&google_push=ATf1kGOdsMjAMRYZhPxGo1rhOMt737dxBNvMzxoMXmXiefEQOEF4MstMCEPG9gTnb92d0EAONLjPEMAhJESG1MELaOinUz8s-T2LSQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOdsMjAMRYZhPxGo1rhOMt737dxBNvMzxoMXmXiefEQOEF4MstMCEPG9gTnb92d0EAONLjPEMAhJESG1MELaOinUz8s-T2LSQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFryYqop9qr1OMaWImb4JPI&google_cver=1&google_push=ATf1kGOdsMjAMRYZhPxGo1rhOMt737dxBNvMzxoMXmXiefEQOEF4MstMCEPG9gTnb92d0EAONLjPEMAhJESG1MELaOinUz8s-T2LSQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOdsMjAMRYZhPxGo1rhOMt737dxBNvMzxoMXmXiefEQOEF4MstMCEPG9gTnb92d0EAONLjPEMAhJESG1MELaOinUz8s-T2LSQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 193
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBAFduniw3h_ZhxYxaGEP0A&google_cver=1&google_push=ATf1kGMM1z0cVpRxHOBlTZtw0-w05yK4kJ_4FTrS5BbH5SSElPL2RnXoAVV3BwdhmrB8NkS4SZLLO6-T7g8RmKbYnUwcVxpzdJ-X HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNjAxNjYwMjMxMDk2NTM5MQ%3D%3D&google_push=ATf1kGMM1z0cVpRxHOBlTZtw0-w05yK4kJ_4FTrS5BbH5SSElPL2RnXoAVV3BwdhmrB8NkS4SZLLO6-T7g8RmKbYnUwcVxpzdJ-X
Request Chain 194
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEO8Kn8pL_7almaXTxqPqq9o&c_param1=ATf1kGM-9BOLjW7VyDo1I13UeMhzM8DxsEfNkbjBLCTN4YtEkhRoEvYk9Oou29YBnbILrQM6O_qcPiWG75xrnrrmT94nmmosqqssVw&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGM-9BOLjW7VyDo1I13UeMhzM8DxsEfNkbjBLCTN4YtEkhRoEvYk9Oou29YBnbILrQM6O_qcPiWG75xrnrrmT94nmmosqqssVw
Request Chain 195
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJ0EoxGRANH-BiEpvt4hkdc&google_cver=1&google_push=ATf1kGNkLOjkn9bEfjhRupDd4A-0RPbENIvy1oDsMF0MhV3wmYVZRdRY0o7nAd_HPub_eT0LOmSaIARCvJEiI9jePBsYO0d3y94n HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJ0EoxGRANH-BiEpvt4hkdc&google_cver=1&google_push=ATf1kGNkLOjkn9bEfjhRupDd4A-0RPbENIvy1oDsMF0MhV3wmYVZRdRY0o7nAd_HPub_eT0LOmSaIARCvJEiI9jePBsYO0d3y94n&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNkLOjkn9bEfjhRupDd4A-0RPbENIvy1oDsMF0MhV3wmYVZRdRY0o7nAd_HPub_eT0LOmSaIARCvJEiI9jePBsYO0d3y94n&google_hm=GsEQuGZHbNnVuB61SYeKo7od
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1
Request Chain 207
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGt.w9Fr1DMayGvHe.zftQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1&google_hm=2
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPrILlbBBy3sVQkjCLTd8XE&google_cver=1
Request Chain 209
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc3NDUyMzkzNzcyNzUzNjI5Nw%3D%3D
Request Chain 214
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGeweGXRWkxZsNAPpftNj7w&google_cver=1&google_push=ATf1kGOh-jV809GuCeEH0T5kkmHCiEyhDsPDQbdwS4A9iFxWOAfxEa7U8VBkn6B9rLgUKAbFS5V9AVFppoEZ0OwkkL78npssOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGeweGXRWkxZsNAPpftNj7w&google_push=ATf1kGOh-jV809GuCeEH0T5kkmHCiEyhDsPDQbdwS4A9iFxWOAfxEa7U8VBkn6B9rLgUKAbFS5V9AVFppoEZ0OwkkL78npssOw
Request Chain 215
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECXl2kVpE8ikDyWlKpObL9A&google_cver=1&google_push=ATf1kGMo6xssNAwFBiO-osfGc4x3fZjbrbedMVBBbci4F7DW_AYXkl_P7zjPW90OyK5tfoSDDoFtW2_fitLhNAP1Yf4IogJ6OTI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMo6xssNAwFBiO-osfGc4x3fZjbrbedMVBBbci4F7DW_AYXkl_P7zjPW90OyK5tfoSDDoFtW2_fitLhNAP1Yf4IogJ6OTI&google_hm=Rwe3HHLdQcq91uewQXrgKQk
Request Chain 219
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF71Ormx_bAJ4C6KZbrT-Fw&google_cver=1&google_push=ATf1kGNybWPfjfQgukgN9Z9_dvle5SIH5PnCzW1OplSFwwURIhD8hgbpIGn4AJ2vWB7u6dBTGAXgzypmfJQyhgI0sp7brwRqT2s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZWUVaWjYtMjAtQ1k2Rw==&google_push=ATf1kGNybWPfjfQgukgN9Z9_dvle5SIH5PnCzW1OplSFwwURIhD8hgbpIGn4AJ2vWB7u6dBTGAXgzypmfJQyhgI0sp7brwRqT2s
Request Chain 240
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFvpfh_ryH2iSNEhmVLc4aQ&google_cver=1&google_push=ATf1kGMrXt0gZSDHer_6D05IC_5QTatWK_xZlwUjjRSCicKjg2CBW1God4oYueErCppEqSa8adLDpI9z6UT9cfdqZRpUnXhR_-1wrw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFvpfh_ryH2iSNEhmVLc4aQ&google_cver=1&google_push=ATf1kGMrXt0gZSDHer_6D05IC_5QTatWK_xZlwUjjRSCicKjg2CBW1God4oYueErCppEqSa8adLDpI9z6UT9cfdqZRpUnXhR_-1wrw HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=ee0e385f-a3c9-4e5c-803f-00ca52479362&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMrXt0gZSDHer_6D05IC_5QTatWK_xZlwUjjRSCicKjg2CBW1God4oYueErCppEqSa8adLDpI9z6UT9cfdqZRpUnXhR_-1wrw&google_hm=ZW5fiZ2jS6iglEXUQ4NmEw==
Request Chain 242
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENCRpMMmri5KC0hS7z_d6J0&google_cver=1&google_push=ATf1kGN7ELJW0eHDIA1ykpSIkvy4CSAJ2ayHQVwHq_4DoiXcFJGzEluTcL4pDLVl5po7uAUa40yqWxITMr6p2Bm8GXUf3PIvs500Jw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENCRpMMmri5KC0hS7z_d6J0&google_hm=ZGt-w9Fr1DMayGvHe-zftQAABFMAAAAB&google_nid=index&google_push=ATf1kGN7ELJW0eHDIA1ykpSIkvy4CSAJ2ayHQVwHq_4DoiXcFJGzEluTcL4pDLVl5po7uAUa40yqWxITMr6p2Bm8GXUf3PIvs500Jw
Request Chain 243
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJ0EoxGRANH-BiEpvt4hkdc&google_cver=1&google_push=ATf1kGMN21T2GYsszSsBYTNR-OQRF5QILzepwdFLwKqhjdfHpK8CqW4olDxF7pAaZvUs8oQsfBNT63Wg92QZTH49cHh08PVGn7w57Q HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMN21T2GYsszSsBYTNR-OQRF5QILzepwdFLwKqhjdfHpK8CqW4olDxF7pAaZvUs8oQsfBNT63Wg92QZTH49cHh08PVGn7w57Q&google_hm=GsEQuGZHbNnVuB61SYeKo7od
Request Chain 245
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEEUFxmGdEJmwSHMUPmZP8do&google_cver=1&google_push=ATf1kGM9ULHTP0afsQeep8zLqBR9UMVfEKVIqMAUo2HdhakNDTlDaZfIMtW5GMwwr-fWYWNWt9zTnciw1WIVx2PUAFzaF8z5qJi4PZU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM9ULHTP0afsQeep8zLqBR9UMVfEKVIqMAUo2HdhakNDTlDaZfIMtW5GMwwr-fWYWNWt9zTnciw1WIVx2PUAFzaF8z5qJi4PZU HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 257
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGeweGXRWkxZsNAPpftNj7w&google_cver=1&google_push=ATf1kGMtMlgbcCuzIZmtQ8sIb8jvIj50ps4jI6-VTC-zkBIvmAKFZ-zemKxIkM_XzjIetMeJ1ioLS9tTjg9bmzSnoZttCYvku8U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkd0X3hBQUxfQ19YUWdCTA==&google_gid=CAESEGeweGXRWkxZsNAPpftNj7w&google_cver=1&google_push=ATf1kGMtMlgbcCuzIZmtQ8sIb8jvIj50ps4jI6-VTC-zkBIvmAKFZ-zemKxIkM_XzjIetMeJ1ioLS9tTjg9bmzSnoZttCYvku8U
Request Chain 259
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBAFduniw3h_ZhxYxaGEP0A&google_cver=1&google_push=ATf1kGN0G9AqZ8DO0-j78zMUPGjcrs8gg8ZU0PWmCZATqmGg35rgv9_YjOteuPdeVCfE0Ew2kectBj_eKWj0fvEe3Zz_8Hw_pR8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNjAxNjYwMjMxMDk2NTM5MQ%3D%3D&google_push=ATf1kGN0G9AqZ8DO0-j78zMUPGjcrs8gg8ZU0PWmCZATqmGg35rgv9_YjOteuPdeVCfE0Ew2kectBj_eKWj0fvEe3Zz_8Hw_pR8
Request Chain 260
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEED4_Ocj0eDVy5FN2RG60Ss&google_cver=1&google_push=ATf1kGNcOJI9pi54DmePNmNI0g1VUPYjTYX7CU6B4LX-LRXf8taGn08YCFW3FOXpYu88JuLlSxI6sofkpmvpeyPxUsAOOHvSKJo HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEED4_Ocj0eDVy5FN2RG60Ss&google_cver=1&google_push=ATf1kGNcOJI9pi54DmePNmNI0g1VUPYjTYX7CU6B4LX-LRXf8taGn08YCFW3FOXpYu88JuLlSxI6sofkpmvpeyPxUsAOOHvSKJo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNcOJI9pi54DmePNmNI0g1VUPYjTYX7CU6B4LX-LRXf8taGn08YCFW3FOXpYu88JuLlSxI6sofkpmvpeyPxUsAOOHvSKJo
Request Chain 262
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOqQ3rGAnIirNUUiWPa5mQY&google_cver=1&google_push=ATf1kGM1FiLkNurO4k-jFyF_3UFaLFJAw17Zhl1HZvMquzBBuiVNv5DnM7eQvfrhVkzgF_nZgJ1pezpyA753lEyKbnn1jUQIjg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOqQ3rGAnIirNUUiWPa5mQY&google_cver=1&google_push=ATf1kGM1FiLkNurO4k-jFyF_3UFaLFJAw17Zhl1HZvMquzBBuiVNv5DnM7eQvfrhVkzgF_nZgJ1pezpyA753lEyKbnn1jUQIjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjM3MjgzOTA5OTM2ODY1NzM1Nw&google_push=ATf1kGM1FiLkNurO4k-jFyF_3UFaLFJAw17Zhl1HZvMquzBBuiVNv5DnM7eQvfrhVkzgF_nZgJ1pezpyA753lEyKbnn1jUQIjg
Request Chain 279
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPb1y_iTif8CFRWJgwcdgqwPEA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023052216400485170561513X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023052216400485170561513X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Request Chain 282
  • https://www.lead-alliance.net/tpv.php?t=112510V1336142131M&subid=oneid41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://htlp.eon.de/htlp?mc=0112012000&clid=2023052216400485170561399X112510V1336142131MSoneid41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER
Request Chain 290
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CL-2z_iTif8CFXLkuwgd6NEPDg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023052216400485170561515X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023052216400485170561515X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Request Chain 293
  • https://www.lead-alliance.net/tpv.php?t=112510V1336142131M&subid=oneid41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://htlp.eon.de/htlp?mc=0112012000&clid=2023052216400485170561423X112510V1336142131MSoneid41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER
Request Chain 300
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bandab.com.br&sn=ChromeSyncframe&so=0&topUrl=www.bandab.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=_E_8w3xCVkN4VHR0ODR1L21FM08wdk5TR0szT0V6bkdtenllUHQ2d1h2bDArWkt6UkdTYjBuMVdyZmxrU2MvREthSjI1WEpaM1ZDYXMvTWZjbGRSYytvSngra1hYbjg3NEs2Y3NqZDVqc1YyUEtGNTRkVmJidTdYRVJZc2xXUDlYRDRwVTlabnRyWGpSRDB0aFZrYlY5dXpoRG4xM0pXZVhQT3dNVXZCZHJOa003SXdHZU9CKzEzRjhVaHVVV1hocDNNNitSZFFDazBFbGVvaENIMWdnam5RQk96MmRxazV0SzM5MExreVVtRURoaUVjVnY2d3FmWHV1ZUlOOG1HTjgyVzZsT051dGViNVZmWFE0L2RkRGJDMHdhRFd5VTRiYU15WXFvZG1MZ3dXWUYrbz18&cppv=2
Request Chain 325
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/GsEQuGZHbNnVuB61SYeKo7od
Request Chain 326
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 327
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhZWUVaWjYtMjAtQ1k2Rw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF71Ormx_bAJ4C6KZbrT-Fw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZWUVaWjYtMjAtQ1k2Rw==&google_push=
Request Chain 328
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGUj9bm9TkD735uWeG_j6Yw&google_cver=1
Request Chain 329
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3266xunIngTpAVtjq7cPCcn5EUdSAgOZEtemQ7w0kco?csrc=
Request Chain 331
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HuJ5LBIORomx8WJYMEyK_g&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HuJ5LBIORomx8WJYMEyK_g
Request Chain 332
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWZjNzczNjdkZGQ2YTQyMmQ0MGFhMGYwMjBjZDhiY2RlYmFjM2FmZg
Request Chain 333
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=g912nRGnQFukwsQheX_MoA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=g912nRGnQFukwsQheX_MoA
Request Chain 334
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHYYEZZ6-20-CY6G
Request Chain 335
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1684766406504 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=768000748 HTTP 302
  • https://sync.1rx.io/usersync/turn/3954291611569019833?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-311a44fe-ba3a-4f1e-ba7c-432e5911f1d3-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-311a44fe-ba3a-4f1e-ba7c-432e5911f1d3-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-311a44fe-ba3a-4f1e-ba7c-432e5911f1d3-003
Request Chain 336
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/9e46add6-3d2f-528e-a77b-a97fc310d7b9
Request Chain 338
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/2372839099368657357
Request Chain 339
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/6b21f225c1819795ab8a174c443b7?gdpr_consent=&gdpr=0
Request Chain 342
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/K29h69j8H797NC73kbbw?pi=smilewanted&tc=1
Request Chain 362
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=75 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1 HTTP 302
  • https://sync.navdmp.com/sync?prtid=25&sclid=e2f4f530-c77e-6b64-76af-83044d19f855
Request Chain 363
  • https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync.navdmp.com/sync?prtid=17&tubid=ZGt_xAAL_C_XQgBL
Request Chain 364
  • https://ssbsync.smartadserver.com/api/sync?callerId=95&redirectUri=https%3A//sync.navdmp.com/sync%3Fprtid%3D21%26dynid%3D%5Bssb_sync_pid%5D&gdpr=0 HTTP 302
  • https://sync.navdmp.com/sync?prtid=21&dynid=1199352214656749734
Request Chain 365
  • https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=80484508839?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.navdmp.com/sync?prtid=38&lotid=
Request Chain 369
  • https://dpm.demdex.net/ibs:dpid=822&dpuuid=80484508839&redir=https%3A//sync.navdmp.com/sync%3Fid%3D80484508839%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=80484508839&redir=https%3A//sync.navdmp.com/sync%3Fid%3D80484508839%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
  • https://sync.navdmp.com/sync?id=80484508839&adID=81395048183915004002131468224158807354&img=1
Request Chain 370
  • https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1 HTTP 302
  • https://sync.navdmp.com/sync?appNx=1774523937727536297&img=1
Request Chain 372
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1

379 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Redirect Chain
  • http://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
  • https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
158 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1287ac0e527f661673c9ba9c1e9b08a05e0fc50c057064c821d9c9d6eb16266f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cb5cfd43cd46945-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 14:40:01 GMT
last-modified
Mon, 22 May 2023 10:50:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udkBtouQhlgDVFtkLnpn5qie2Aec4fDmAFgxbsu2WV%2FI4A630xnn3%2BGDhvA9xIGMS7JzRleGzKndR%2ByqUwF%2Fw%2BIgQtu%2BqQMRlSbQwr%2BWMw4YmnaXyP8FNXKydXIg9xv5DHyGHLS2ixd6ibcFhzRT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7cb5cfd18fd31970-FRA
Connection
keep-alive
Content-Type
text/html
Date
Mon, 22 May 2023 14:40:00 GMT
Location
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqHM25nI6SFwhi%2FdMJwXPkMr%2B2216CIqKVrrbS%2FZ%2Be1lNScNDdcMkPLKzsqsxA1HNMhcPmtDnuMW6ryC2X25U7rHzQG2xXCp%2BK%2BL2MeiW%2BT8T1jo8x6OlHVQGk8sCdcOJoo2kSyJrzWDL44ekDDL"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		2 KB
852 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans%3Awght%40400%3B500%3B700&ver=6.2.2&display=swap
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fef22e8988f6b72c99b05397a4b16c9dbf269e990c976b5f38d59c1384e78ebe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 14:01:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 14:40:01 GMT
style.min.css
www.bandab.com.br/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 12:00:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
168105
etag
W/"642579dd-17ced"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FWY%2BWdeeknF%2FxZCd%2Bqu3y99L1KuGtiYGNR%2BiZjmlZs5TMTDMYB2Whs%2B%2FIM3aSKvJNyvOiu3eCPu9TEa5X2Y9LqcCUlrkgkU%2FPmsej1QT%2BZDp5U5l5mOddOurknbOyteqBaMFt%2BbIDiSjnyiPhTA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7cb5cfd97c606945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 19 Jun 2023 13:01:53 GMT
classic-themes.min.css
www.bandab.com.br/wp-includes/css/ 		291 B
503 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 12:00:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
166412
etag
W/"642579dd-123"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Afetw6lqSDp%2Fn63jJRDSmJvgboCmRe62mfV6nahA0hv7PPgTygcXrKXxvwXiK8CqtGt454vOWZooGHB%2BYJaK2hWnBejYPpoAEKN%2Fe5X8ShFG56zwXMM%2B8mBrdbiuhcmSsh%2Bp9tt7YA8USIQ5SyU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7cb5cfd97c626945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 19 Jun 2023 13:01:52 GMT
cookieNSCconsent.min.css
www.bandab.com.br/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.css?ver=2.13.0
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a483b14f8537b64b4852456f7729f23509e470dd04df5f02cb8cdf69192fff4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Mar 2023 01:00:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
231850
etag
W/"6420ea95-1a6b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujrA2BBxFyg3wPkMOoETZfqw9slZsE6CoPY9N083IgFxAGoQNDTwpkaTG95xDu%2BHZuZ8%2F6a4kx8HvI%2BRuq4L%2Brifd5w%2BCcQprZ%2FaaY%2BbJntOnPOHSjBZymGQQcTnp2BteiNM4HMDjty8k7DYylfj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7cb5cfd97c636945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:33 GMT
foundation.min.css
www.bandab.com.br/wp-content/themes/bandab/assets/css/ 		154 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/css/foundation.min.css?ver=6.7.5
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69a3098b4f2ea14abc65f3eadc5d75c02cdcbcfbbd3b5382a5388ceac514fadb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 15:38:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
520361
etag
W/"645bba93-268dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtA1jdxY9LCgzOY7cVTbEeKfnNpGfnKnm73mExq8cFvsYYENOxBp1Zew9aJmIxaykxM13DU%2B4k0y7phWbCxNOxz1jPhdMJPTbIONKLOO07f4qdENGFyTaQ2dufsXrDl%2FB4vT8TxrJJmGxLcw%2BK7l"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7cb5cfd97c646945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:33 GMT
brands.min.css
www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/brands.min.css?ver=1684751645
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e4dc0684c8ca2a166a86fae1f8c29bcd537b18233f2c378bf2e3dae166cb123

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 May 2023 10:34:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646b451d-4927"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uv5edIex%2FoTQPsAvKcGqw3MphVDIleA2PFtUymeWfGhylgNUeeybhzMRaz9B6f6hfHWoGdo6iK3Di%2BHjsTBNpHfkxnwY%2BMTNCVyvlAKoqD1IBPHsmpKG%2FjvfCW6EefIjHPyxEiHbKMJvyewjVSvI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7cb5cfd97c656945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 21 Jun 2023 10:34:07 GMT
regular.min.css
www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/ 		641 B
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/regular.min.css?ver=1684751645
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734edc8d08462e2ca9b09f1d9bfd85f68450030d556a8d613410aa22a2dc170d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 May 2023 10:34:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646b451d-281"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lImgVGOEt%2Ff8dmSz34MF3GfOQyeCnSZ0EDh%2FeiNXiZO9AAHBJFNlH%2BhiiJ3rYQaauuJTo2tUzj23YSUtR5o8%2FGXzt5o150J9hBVxk7886R8gGHcS2eZmrD51xEHRiwM%2FlR7DMTvcOxcO4t%2FBEfAb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7cb5cfd97c666945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 21 Jun 2023 10:34:07 GMT
fontawesome.min.css
www.bandab.com.br/wp-content/themes/bandab/assets/fonts/fontawesome/ 		161 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/fonts/fontawesome/fontawesome.min.css?ver=6.4.0
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b1756a3cf17e337c77c2a0786fa23c662bea5ebaef5f55a389ee7022044a7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 15:38:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521680
etag
W/"645bba93-28458"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0uxxKKYXEC8efpZCiMI4NUmr5kBPPNXv7uj0zziBxs55HkfDkJxVX%2BoLkGwci7d%2BhLxBP0fwxjtitClVXNBkH0afQdgSaUUcNJvwlrgY%2BrL53x8SDddwIUYPWupya%2Bh28w6NwVTVS%2Be%2B81D20MB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7cb5cfd97c686945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:33 GMT
style.css
www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/ 		53 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/style.css?ver=1684751645
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85e18a77509ff9b312abfbccfcc853303729739ae896a32fb4205fa92f6cd3eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=54490
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 22 May 2023 10:34:05 GMT
server
cloudflare
etag
W/"646b451d-d4da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLic8Qblqfr9ZGzLfw3kV1opMWDwh1lI%2F4MEvYuJMhF69%2BpbDzT5Y9eqDlc7%2BDbzX0BU%2BDJYXWBdi936VSx3a3H6GB4ViQGMpFaTh9fuVhUIQkZnYAV%2BAbx3Z8LumKV3RO542De068ip%2Bw1XmTKl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7cb5cfd97c6b6945-FRA
expires
Wed, 21 Jun 2023 10:34:07 GMT
facets-styles.css
www.bandab.com.br/wp-content/cache/min/1/wp-content/plugins/elasticpress/dist/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/cache/min/1/wp-content/plugins/elasticpress/dist/css/facets-styles.css?ver=1684751645
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205e9f18edd429e8891ed5e3518978e1c1859ad9f9a2a5627bd3478e546c577f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=3958
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 22 May 2023 10:34:05 GMT
server
cloudflare
etag
W/"646b451d-f76"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BY%2BDIo12eec4SiBYKfwUclTzj%2BTwxE7usYA4ezBpuOQ5ChegHjuRYk%2FBb4o95Dtf7aWKrs0TzCuh2%2FXawFkc9KUZCp6aSRngCoGlkt36mvHojNwxHUunykNn4sutWebjFcuXWXhoeNpJf%2FlmVPg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7cb5cfd97c6c6945-FRA
expires
Wed, 21 Jun 2023 10:34:07 GMT
tabelafacil.min.css
www.bandab.com.br/wp-content/themes/bandab/assets/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/css/tabelafacil.min.css?ver=1.3
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef9fc1f4b699a481c648e110c7cc1c134ba7d30b87552e4265a594f8c8787680

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 May 2023 14:38:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521681
etag
W/"646243e5-232e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FuuEprUE0B5h9AvNJUIAA54IFMuM5R3xoPNBr44DBZ6yvNZheqsfoYnguo9PvWMl6DKQASHZwrvgp0OLEwheqDZfc9LOPJSUkM9VtBOvYfkVvBYXvObXcnX0BDSwKdl9aUioA%2FPIOpiJjXjMvy3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7cb5cfd97c6e6945-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:33 GMT
jquery.min.js
www.bandab.com.br/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 12:00:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
480283
etag
W/"642579dd-15ed7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fq0pE%2B%2BHbfyyoPOvzYyGtrM0pxwZss32i%2F1S6WOIvmWeMCf0fn6jAg8XJKm2aDaZPuXefPLKNHidu8A2zxCpPqEz4gMIET405lfepzNTBMFm9tsDzCGYaGcHWQMgAMQgIPAh%2Fu2bCNYKRSlYhcXI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfda48131e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 16 Jun 2023 01:03:10 GMT
jquery-migrate.min.js
www.bandab.com.br/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 12:00:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521149
etag
W/"642579dd-3470"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMubt8W1ZomKi3aWJ03%2B%2FArEUik19SqZPDYikT2IGMAh1o2lnfszxqdhjL6spZoaTKTN6EGPqBJBx3GkoCeSO4yQiqty5GS5A4%2BT54hETCyc7klKgej7h9VruIAF7vO%2FK2%2FCCWPMyIbMosqAJQPe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfda48161e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:32 GMT
foundation.min.js
www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/ 		525 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/foundation.min.js?ver=6.7.5
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84bbdcfbd7f11f5aa5d19fad48e7be67333e2c0b147091a5a9513614b94646cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 15:38:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521149
etag
W/"645bba93-832aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2a43uQi%2Fy7ZZBMQL7BDRHWbM9LwwrLwv5TK%2FOv6MNwQzGaXivl7LuVL44ZQn2zE9rItUU%2BdIplP1ILpin48m5zJX40mpwY9H3X6bOwQwTDNkPFCEXokVeT8qI4GQDOywFTfDczPgvFOR%2FLK6StvN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfda48171e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:33 GMT
jquery.ias.min.js
www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/jquery.ias.min.js?ver=2.2.2
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d280e96cac799ad05e2cd457ebb738497d56f5a708798326b64ea4e85e0d69a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Feb 2021 14:29:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521149
etag
W/"6037b455-449e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVcUCrq1KT0ugNW7AnDom19hW2nJHojBiFYMMOOxaN7miusbuRBxXgT%2BzP%2BRNBkiRMP%2BOcVrn25%2B%2BKs8hhQdgFb%2Fhujfv6BWDnH3e7ae8obcscNOaEf7u7zMiSVnmbPLuQUoaBh7%2BysPOejlzBUE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfda48191e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:33 GMT
simplebar.min.js
www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/simplebar.min.js?ver=0.8.7
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82a1fa6858fd9a84b39638acc8c7211c82c9652c7809c4dd1ba01b4df5c90a61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Apr 2022 18:12:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521149
etag
W/"6255c11d-e696"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIr50VCDtL51zt36Wrp9PuaBm4HmIVmHDtDhItjkBf7hsCjp8ptzCvIyp74%2FdYDfzkbo7J79eMv9%2FqaoPvw7nQWY%2Bl5Eusg6wiH8%2FzCYIEgBSoGBE%2FLW4d34AN6ylrf141I2NtgxxrBZo004YzY4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfda481a1e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:33 GMT
jquery.tabela-facil.min.js
www.bandab.com.br/wp-content/themes/bandab/assets/js/ 		401 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/js/jquery.tabela-facil.min.js?ver=2.1
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
241aa2f0b5684a2efd870943e4d8ec87e869db57b93a77b8f5903cc37804a6af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Apr 2022 18:38:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521149
etag
W/"62571895-191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVea%2FPZp1Cuw4HiUDEoA1XBXSmC1wSWO3e8vKnFJy2OLJCxRLX3QrdDhJ2xFeDmr9JkXHSOX1VqDMRFwmikDNTCllGFuVNTnBTLXuu5m993y%2FlfNc02j8ACaOqCIkodnPjRihFcWrfScV%2F81T5EZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfda481c1e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:33 GMT
gpt.js
www.bandab.com.br/wp-content/cache/min/1/tag/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/cache/min/1/tag/js/gpt.js?ver=1684751646
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e9977f7a23277d41f437bba9827aa0f237254c54f7f9212f318621a32269b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 10:34:06 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"646b451e-12e5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q55yeddFuZ5XyAH7bKaJ%2BE4U0bo4qGT2Wap%2FvMLPQRlXkrZEKwDoDeTXsUJ3UW7RO5fsL5GsZ41GvcVRtrJmAYF%2F1NZ21iYBocJoL9xbJE3LKVgTZ0iF9A%2FYwTh%2BBlUQ6ERYKyt6yAfCvD9w5Naj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfda481e1e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 21 Jun 2023 10:34:07 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/webp
email-decode.min.js
www.bandab.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 May 2023 12:47:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64661e57-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afV4YkKT9cL%2FSkZyIK2tphZ59jTWXRTmoBC6GZHev%2FypUuT3cGoCOLQO69o%2BjtHGEj8h6rUMX0%2B3KTkllqKoLkzQ2clKPw1de%2F6HCnTVWOni8f1a0PaohUe%2FhxBWaWyucfcDB6U%2Bh7hKSIuuVj3P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7cb5cfda380b1e6c-FRA
expires
Wed, 24 May 2023 14:40:01 GMT
gtm.js
www.googletagmanager.com/ 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8LD2LZ
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38c5fc7d7d618eb262c38d10cedd6c16e1d824fb74d6678061206339c18ea34a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50071
x-xss-protection
0
last-modified
Mon, 22 May 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 May 2023 14:40:01 GMT
universal.min.js
tag.navdmp.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
3034
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7cb5cfda7b4f8ffa-FRA
expires
Mon, 22 May 2023 14:49:27 GMT
fa-regular-400.woff2
www.bandab.com.br/wp-content/themes/bandab/assets/fonts/fontawesome/ 		388 KB
388 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/fonts/fontawesome/fa-regular-400.woff2
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/regular.min.css?ver=1684751645
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b

Request headers

Referer
https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/regular.min.css?ver=1684751645
Origin
https://www.bandab.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 15:38:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2687
etag
"645bba93-60f8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2ByJiIGaWgt7Ob7E6UHiiseclqP8w2A1ZdO3wgxZ4dCtoIID1UKGnObb8z%2BVnexGAsCNKAxx1RraEGuqGV9HTpAhc7PAxmnFph2lwJJhXy7jjCh7GZHnIxbGjEi84jURdU7lFFDbO91wyWlv5bzX"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
accept-ranges
bytes
cf-ray
7cb5cfda684c1e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
397196
rP2Cp2ywxg089UriAWCrCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriAWCrCBimCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans%3Awght%40400%3B500%3B700&ver=6.2.2&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6997f451bbf8012dea5fb3b9f2e974a2f86861364126915097d81096392c800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bandab.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 19:38:48 GMT
x-content-type-options
nosniff
age
154873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18240
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 19:38:48 GMT
fa-brands-400.woff2
www.bandab.com.br/wp-content/themes/bandab/assets/fonts/fontawesome/ 		106 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/brands.min.css?ver=1684751645
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
465040d118a831a548cd8106d00d9e61d203cb74b7de6d9ad41d09cf6319f084

Request headers

Referer
https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/brands.min.css?ver=1684751645
Origin
https://www.bandab.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 15:38:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"645bba93-1a968"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DDVqYFv%2BKJiD8YVKVzEIheT%2BwkqnsZLMdWTDk9jPfZ8cOmxUXTJGa2ddfwlrmuWjYae2OmGFejAV%2BUaqnsM3mUAbDd9SXjQTlrb2BZlU5xn5kXVSWZ%2BqR9SBWmTI4Ng4nhjEF2oRFQO9rs%2FSpaP"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
accept-ranges
bytes
cf-ray
7cb5cfda684f1e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
108904
rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans%3Awght%40400%3B500%3B700&ver=6.2.2&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bandab.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 21:13:51 GMT
x-content-type-options
nosniff
age
149170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18096
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 21:13:51 GMT
rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans%3Awght%40400%3B500%3B700&ver=6.2.2&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bandab.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 16:16:41 GMT
x-content-type-options
nosniff
age
167000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18212
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 16:16:41 GMT
truncated
/ 		178 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e32fd566347f77bec0a409a8c3e52df8e5d1f6e393ea20f7c7c5eb331673433b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
pattern.png
www.bandab.com.br/wp-content/themes/bandab/assets/img/ 		44 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/img/pattern.png
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/style.css?ver=1684751645
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78ef8b1bdcfa609810428c5919f9e2b93b1814e72cef4bfde24203c216c5b6d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/style.css?ver=1684751645
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
521149
cf-polished
origFmt=png, origSize=2818
content-disposition
inline; filename="pattern.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
cf-bgj
imgq:85,h2pri
last-modified
Thu, 25 Feb 2021 14:29:41 GMT
server
cloudflare
etag
"6037b455-b02"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYQV%2BPKLp34T3K6jwa1v4vM%2FYUm100IB9hcWghVSfAjeRgp6hrmqkzRld7LsKqwcs0na4EfqeObk857YKI4vmQoBqqHRZGxfq689R6e1qvjykPDN2XU3nk24oMoJwa5A4INlxu63xI%2BqXGapdCT6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7cb5cfda88791e6c-FRA
expires
Thu, 15 Jun 2023 13:29:33 GMT
truncated
/ 		97 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e78cf489f5de1111c5e3913430da26c8f502f729272e906ed4e6185ffd32a0cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1c24e23f9488b0db74a8817980466e81c70b3bad1a4f3cd4d013f6f3673a146

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
lazysizes.min.js
www.bandab.com.br/wp-content/plugins/ewww-image-optimizer/includes/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=700
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 May 2023 01:00:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521149
etag
W/"645d8fb3-3860"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFX%2BdkdN2iXLiuEiotQ2Ed3JzGWjJHBKwOx7VcHd03NNRUVsBpS8stDi5WpJETdHllNTIWqmesTvHblrWeK83XXCzFmrhQHS2qGdOKGjvgq2ryA10oFXzaZqfJoHgCEoiM%2B4f%2BlCxgFDxFfGLn2K"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfdb496e1e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:32 GMT
cookieNSCconsent.min.js
www.bandab.com.br/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.js?ver=2.13.0
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bfcc82105db0a3e46dfa9fdec69642930fd9907115ca32a50b006bc183a57c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Mar 2023 01:00:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521149
etag
W/"6420ea95-70b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldjPl9YQtsHo7p%2Be%2BcdlEuC6YSawtZ0g1McAENQW8dSpylS7pJnatnoQ9q7r8Eph0VvLr0IwpZI15iqogHY%2F3h9hp5%2FYDSOAYrRDQ1jrDQZDdTORSbz%2BJg6CQAqrVuXDnBRM29cIZv6RDX96DvHn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfdb49731e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:33 GMT
jquery.init.min.js
www.bandab.com.br/wp-content/themes/bandab/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/js/jquery.init.min.js?ver=10.05.15.38.59
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a7a16a4941425410ded5fb23fef1c6bd132561d07b23f9a1f4fe63d9e0e9fa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 15:38:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521149
etag
W/"645bba93-77a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqa7suFElGislGnXJlGJRF5%2BEoCD3f8dPELj7rYM%2FwIniXuca5B1ZkNEpDqXYspUjYswq32Iee%2FDQjyYKZTcqCOncUr8i%2Bo0Geo00vAzMynDQ7ttJ%2FLur3u1iLGapgxLiHlWb9Hv6drvdSbVMP%2F8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfdb49741e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:32 GMT
OneSignalSDK.js
www.bandab.com.br/wp-content/cache/min/1/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/cache/min/1/sdks/OneSignalSDK.js?ver=1684751646
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50d2dfd21b4ec006d532802283171917a2004db9085c83bb1b88b00e6ce25fc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 10:34:06 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"646b451e-23ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6QrhzTYE3GXPefTNmdIXC6nji5j8qC7wHuata7tTZoLgJF%2FmmfGZyIYAcsvWsPNq5zpRPl4xb1imJF%2BaxnzhPIPQ1iBCGq8sRSZv3C3NmFMxcNBEb5B5XwzrCDpQ6TTSy%2FFhQCEsAtr%2FKTVTWuq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfdb49761e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 21 Jun 2023 10:34:07 GMT
jquery.easytabs.min.js
www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/jquery.easytabs.min.js?ver=3.2.0
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
731c982fe2f526eb1cfc47130b9d84b74c1a1038a4a518bcaf70f83ddac162a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Feb 2021 14:29:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521149
etag
W/"6037b455-24a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=027zU5spz84OkRRnciIH%2Bt%2Bs%2FBWKeityGHEq6f0KXiNloKdV3VxTVzWHSHscb4KmJ8tzh61DnXpt4fDunNhxzSGB4BAxwIuKaUfI003aNQkU%2BmDGqGE8ZY2fQGNlHVisbyjD8FZJi2SIbnGk7NEq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfdb49771e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:33 GMT
jquery.mThumbnailScroller.min.js
www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/jquery.mThumbnailScroller.min.js?ver=2.0.3
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83bc3d65d6d0f786000aacd0a546df882c135fcdcc5721833150bd385bc681fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Feb 2021 14:29:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521149
etag
W/"6037b455-6f33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQZDKE3NyA0sWL07S2ASSqWdMlLNGoNE55MXiciK9f2bm9JCpskkZV5BqtNzImE1E4xYxrdPLfpThjOU2YDZGpJGNo9e%2B0bcLoT9SUFk7z8CeZQb4LWboqXy1OfBFdQ9zAhK2REREs7oEwTMbQvn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfdb49791e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:32 GMT
jquery.widget.tabs.min.js
www.bandab.com.br/wp-content/themes/bandab/assets/js/ 		189 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/themes/bandab/assets/js/jquery.widget.tabs.min.js?ver=2.0
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9335e023ccff38aa988f6302c5b2d06188cead60e2439f5b224d056f5a0687f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Apr 2022 18:12:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521149
etag
W/"6255c11d-bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2m8BjJoObMY60ryLlyJfhGZ3hStXlF6cBfVBSD638C7DAx4b4npBfnltld1xGkG5jRrJVgcfgMxD1EI9fnnHNpncBV%2FikWEdVM2vCTsPpEV7mJHRa8TjWZJ1BpoH7IFVQ9Gcilxhwi7CyQvttysV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfdb497a1e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Jun 2023 13:29:32 GMT
forms.js
www.bandab.com.br/wp-content/cache/min/1/wp-content/plugins/mailchimp-for-wp/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/wp-content/cache/min/1/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=1684751646
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd5018f378ba22eea43f83b45f332617b60d0119a98d8935250d7532f77f7f12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14393
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 22 May 2023 10:34:06 GMT
server
cloudflare
etag
W/"646b451e-1a0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7q9WCbgqUH1TOgfMSRpKlfJj8XKQ8aN5b7WK0tPzcTh0tAWm%2FrXg1W7MQfsKMbPs1OteOsfT5gevILAtf0%2BFsTZTiHqkGeFKEtVAHppH2VarMpG%2B5isW4Qibqub6Z9My%2FwDraYS156In%2FOTGT74s"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7cb5cfdb497c1e6c-FRA
expires
Wed, 21 Jun 2023 10:34:07 GMT
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
https://www.bandab.com.br/
Origin
https://www.bandab.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7cb5cfdb7fbc68f7-FRA
40507
tag.navdmp.com/u/ 		511 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/40507
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e74639e37bb8ca0e6ba3a05c3f0c0e0efecd7988e867f79434b955ac5190b5c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 07 Sep 2021 18:44:59 GMT
server
cloudflare
etag
W/"6137b32b-1ff"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7cb5cfdb9c788ffa-FRA
expires
Mon, 22 May 2023 15:40:01 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/cache/min/1/tag/js/gpt.js?ver=1684751646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:58:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2512
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128722
x-xss-protection
0
server
cafe
etag
7615930951174331818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 21 May 2024 13:58:09 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bandab.com.br
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/cache/min/1/tag/js/gpt.js?ver=1684751646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04a9cd57bf095ea82848ea375d59b1242ea13e5787b78bbc13439f4ee410512c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
646
x-xss-protection
0
expires
Mon, 22 May 2023 14:40:01 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8LD2LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 May 2023 14:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
262
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 22 May 2023 16:35:39 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 May 2023 14:40:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
eUY3mi+mBhUsqoiMkjblTR2KOQeiyjp3LxVooybjxiU8wDyGDCp6XMw6i2Skmd6qrlGlN4tybJqi5tmfRDaHdQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
f326cb3e-4302-4f7b-ac75-0b31153d0c59
tags.premiumads.com.br/dfp/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/dfp/f326cb3e-4302-4f7b-ac75-0b31153d0c59
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8LD2LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2426990e1db6b657a3048643ea8b044f9d9338bb6b43e01bac849c4f1bff87b6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520939
x-powered-by
ASP.NET
request-context
appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
cf-bgj
minify
last-modified
Tue, 16 May 2023 13:57:43 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLZGB65nxjEMNfRQTzVtyohXYeyMi9YsAySrev4wLh%2BfeasdCmpxnNZ6q9xoMk%2BRYJztXG5qzQ8Fgz5jzSc40NWZx2hpsacgwA5l%2F1JqfpZ2kHIi5Vntvzqv53Smyiao3OQanCA88rVhBUomJQ3Xm4%2FBnXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=3600
cf-ray
7cb5cfdc7aee383b-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
758eb936ab3edde7c230ae6e05e8819e4d8e8e97151983c83a64141dcf87cbfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25312
x-xss-protection
0
server
cafe
etag
645 / 19499 / 31074711 / config-hash: 12351717780372853951
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 14:40:02 GMT
prebid.js
tags.denakop.com/ 		272 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/prebid.js
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee888bc3e7a166fe422eb4ba38421559ac0d86114235822d5ee02d8c5bdd7d63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Apr 2023 14:43:23 GMT
server
cloudflare
age
1618
cf-polished
origSize=279167
etag
W/"643d5b0b-4427f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
7cb5cfdc7fac9012-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bandab.com.br.js
tags.denakop.com/10617/ 		220 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/10617/bandab.com.br.js
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d91c6c6766737bf3b8047a08d6fb1a0c02aa7d2633092976ef611249cb65535

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 21 May 2023 15:07:33 GMT
server
cloudflare
age
41
etag
W/"646a33b5-36f7c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
7cb5cfdc7fb19012-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		246 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T0B40GWGJG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8LD2LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
128929fbf934d0cd27bb17d91f0fa056dd09741075c247da6af8b6bfbf48ad4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85378
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 May 2023 14:40:01 GMT
mulher-trans-e-morta-a-facadas-em-colombo-960x720.jpeg.webp
www.bandab.com.br/wp-content/uploads/2023/05/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bandab.com.br/wp-content/uploads/2023/05/mulher-trans-e-morta-a-facadas-em-colombo-960x720.jpeg.webp
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e68c7fc0cf092142e2a86211badce6c9e1de3259f1cafd065108b8b4d0547a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
cf-cache-status
HIT
last-modified
Mon, 22 May 2023 10:33:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"646b450e-b09e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2A0ttkSpuPnQciO%2B5DjL%2Bq3qCQJJMFhUU3HwdXd8JHi5zvLNvwMAjhViJg%2BLS5NUHGEmP4Hbvh3cqiM%2BIieBkGa%2BU5RgaSGGcfozKbA8OqcmUYg6AkoJcZcDOyyFJRhQYJSOFPEEx0oH7uKY6VD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
7cb5cfdc5adf1e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45214
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/cache/min/1/sdks/OneSignalSDK.js?ver=1684751646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
777
etag
W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7cb5cfdcde9803f4-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 25 May 2023 14:40:02 GMT
usr
usr.navdmp.com/ 		359 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=9&acc=40507&u=1&new=1&wst=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3544979c27131c907a7b5e1ba656ca3a6f054485972b3413c632d9bef60c1a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
public
date
Mon, 22 May 2023 14:40:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
7cb5cfdcee058ffa-FRA
expires
Mon, 22 May 2023 15:40:02 GMT
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=287216500&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&ul=en-us&de=UTF-8&dt=Vizinhos%20escutam%20gritos%20de%20%27socorro%27%20e%20encontram%20mulher%20trans%20morta%20a%20facadas%20dentro%20de%20casa%20em%20Colombo%20-%20Banda%20B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1391820526&gjid=405452686&cid=148957993.1684766402&tid=UA-12854420-1&_gid=537390545.1684766402&_r=1&_slc=1&gtm=45He35h0n81W8LD2LZ&z=494872190
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=287216500&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&ul=en-us&de=UTF-8&dt=Vizinhos%20escutam%20gritos%20de%20%27socorro%27%20e%20encontram%20mulher%20trans%20morta%20a%20facadas%20dentro%20de%20casa%20em%20Colombo%20-%20Banda%20B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=2136303792&gjid=191531124&cid=148957993.1684766402&tid=UA-66850008-1&_gid=537390545.1684766402&_r=1&_slc=1&gtm=45He35h0n81W8LD2LZ&z=1022395657
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pbjs-min.js
tags.premiumads.com.br/scripts/ 		348 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f326cb3e-4302-4f7b-ac75-0b31153d0c59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ba95f409ad54accaee12cac80e52227d6428cf1e651563be4148e152de882dd9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Apr 2023 13:36:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2418714
etag
W/"1d976b1c3288c3f"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPrzoNVFV0kyVrQB3ISSEzIIB2QD3OTAbCad5l81AOM2YbE%2Bc5%2B%2BAyzJ0QXDjaqu1%2BwFtdRJZD4VtcUTHNhVo7DizGy8Xt8Esb7vbyzNTnHb3hQgX9%2B%2F6JA3J02voVCQxCDxorTUNhpQZO3dwkdkbVxdGrs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7cb5cfdd4c44383b-FRA
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=undefined
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10617/bandab.com.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f14a385ca45dbe05c51411e6f6a3f0440bb3f5e36196493db938f84e27cae08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40326
x-xss-protection
0
last-modified
Mon, 22 May 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 May 2023 14:40:02 GMT
api.gif
tags.denakop.com/ 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10617&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=p&p=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&t=1684766402156&cb=0.8293428506231042
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
7cb5cfdd88cd9012-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
172047844822838
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/172047844822838?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7472c4fe215fe94d6729adfd84a636a4626c0b279711db12dba51905dceb2b34
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 May 2023 14:40:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
TOwyeKrVKS9E7XEsWTmxluLQjHz7i5HXUslfWW8nmnlTzohOmmSa73RY8jo1Tk9pjpmpkX88rCucHaeCBDDxuA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-66850008-1&cid=148957993.1684766402&jid=2136303792&gjid=191531124&_gid=537390545.1684766402&_u=YEDAAEABAAAAACAAI~&z=714912445
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 22 May 2023 14:40:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-T0B40GWGJG&gtm=45je35h0&_p=287216500&cid=148957993.1684766402&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684766402&sct=1&seg=0&dl=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&dt=Vizinhos%20escutam%20gritos%20de%20%27socorro%27%20e%20encontram%20mulher%20trans%20morta%20a%20facadas%20dentro%20de%20casa%20em%20Colombo%20-%20Banda%20B&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T0B40GWGJG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-12854420-1&cid=148957993.1684766402&jid=1391820526&gjid=405452686&_gid=537390545.1684766402&_u=YEBAAEAAAAAAACAAI~&z=1793903680
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 22 May 2023 14:40:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
mae-agredida-filho-Fazenda-Rio-Grande-png-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/05/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bandab.com.br/wp-content/uploads/2023/05/mae-agredida-filho-Fazenda-Rio-Grande-png-150x150.jpg.webp
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1236e4b6a52db093388eefdc8850ab04e06ffce02efab9dac0dd1ae2cfff1428

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
cf-cache-status
HIT
last-modified
Sun, 21 May 2023 17:32:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6059
etag
"646a559d-f5a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQ2RzRmt4s4%2Fl6aeQhJ8C4IGM67vjd8%2Brs71yg94xyFt02ZjhmzJqxj1w7eXhonTwc7I%2BFXNVdoDT7YUo5sXyTKVPQQfE4SV%2FXnJG7tXJ2livP4Rc8dKo3fExXxsOmMG91hEghw8n3tWkGSiGrCW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
7cb5cfde3f921e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3930
salva-bb-esgasgado-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/05/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bandab.com.br/wp-content/uploads/2023/05/salva-bb-esgasgado-150x150.jpg.webp
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8a1ab36c4c60c0d7e0f47cc89a03b324f9419398190b09b1a8401d3cd4b93f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
cf-cache-status
HIT
last-modified
Sun, 21 May 2023 13:34:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"646a1dd8-e08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goyBFKN%2BuNVdYoD7dVtvr67ja%2FBvVQ0OxKMGHkWoz3yeFbTOFEZZc6nfZfp0y6zzoe%2FRXhFS%2F8%2BY%2FljHpKRt8nQZksBrhCY8oRHsvb5oMoXIzuRttuOqw5vWaocc%2B6p78aDNe4k01C9XWOHtVAQV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
7cb5cfde4f9d1e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3592
Captura-de-Tela-2023-05-20-as-12.56.23-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/05/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bandab.com.br/wp-content/uploads/2023/05/Captura-de-Tela-2023-05-20-as-12.56.23-150x150.jpg.webp
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57c9e9d86b33ce5d032d4c764b1100d6ded1d7a0333ccf31521047e3d1891e68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
cf-cache-status
HIT
last-modified
Sat, 20 May 2023 15:58:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6468ee37-107a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2M4GDWg%2FaluZKGq2et70yZbrrhTRu7IYngo1oMUNSSAHSIeABOP4R1wWfbIFgijiVBLUtEGWYNEYdvlpl4VNZIS1l5Zf%2BUmKq0yg%2FUhDaYPoV19k6jSbSjsMv5ZXHhOcZO2eQmqd73HS0dv%2B0Ie3"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
7cb5cfde4f9f1e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4218
Captura-de-Tela-2023-05-20-as-12.22.27-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/05/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bandab.com.br/wp-content/uploads/2023/05/Captura-de-Tela-2023-05-20-as-12.22.27-150x150.jpg.webp
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e1e3ba7f941fa9c857f8b454f44e94f7fa5aacc2a7218d31475b1601a22dfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
cf-cache-status
HIT
last-modified
Sat, 20 May 2023 15:23:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6468e5eb-bea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3rXvpqIhsJKsE%2BluG1n2qRVP6B5PYAVoGQ7kyvZpXzPIp2Q3SMD6QtrXxc%2FPLIiXXTCnE4pSrCJmrG0buyi6G%2FZZ1IYKkTIfE4AnJnZjSFajCB9UDlZEPaGwBNUxbaCyRwPI%2BiIp1yZtpYqflww"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
7cb5cfde4fa01e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3050
ELZA-FIUZA-ARQUIVO-AGENCIA-BRASIL-150x150.jpeg.webp
www.bandab.com.br/wp-content/uploads/2023/05/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bandab.com.br/wp-content/uploads/2023/05/ELZA-FIUZA-ARQUIVO-AGENCIA-BRASIL-150x150.jpeg.webp
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1456b3dee81a1bd4ffcdd8f323b1b41321ee23e8ae85a19fe26e1ecad69f4ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
cf-cache-status
HIT
last-modified
Sat, 20 May 2023 14:44:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6468dcd5-58c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FpgNf7f24jLaHfU9kAyGQawgBCPe9p1OPcnaqpJwfZfqaekXK1AZCVAQbaQbg04TK0gOY21KUqGDD%2F5iiHthb4huTnILeKNHZ5ye6%2F9f3UMz89%2FX9fFxtQOmgyX1SUzDE2xc9xbj8Y5goXCXttp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
7cb5cfde4fa21e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1420
web
onesignal.com/api/v1/sync/69a022a7-ce44-4eb2-8e90-2e58ef1fc303/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/69a022a7-ce44-4eb2-8e90-2e58ef1fc303/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2256cb012b785aeeaa53b60b949e40fef200a1a27c6525092248b7046c849f7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
41
cf-polished
origSize=3443
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ab91c164-0e21-4a24-b90c-4763999deede
x-runtime
0.029677
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"35f11e902a5f581ae6db31456bac0a95"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7cb5cfde68d603f4-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 22 May 2023 15:40:02 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-66850008-1&cid=148957993.1684766402&jid=2136303792&_u=YEDAAEABAAAAACAAI~&z=827180577
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-66850008-1&cid=148957993.1684766402&jid=2136303792&_u=YEDAAEABAAAAACAAI~&z=827180577
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-12854420-1&cid=148957993.1684766402&jid=1391820526&_u=YEBAAEAAAAAAACAAI~&z=1306444926
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-12854420-1&cid=148957993.1684766402&jid=1391820526&_u=YEBAAEAAAAAAACAAI~&z=1306444926
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=9&id=12bd4024a79f0dd74891af59f910%7C0&acc=40507&tit=Vizinhos%2520escutam%2520gritos%2520de%2520%2527socorro%2527%2520e%2520encontram%2520mulher%2520trans%2520morta%2520a%2520facadas%2520dentro%2520de%2520casa%2520em%2520Colombo%2520-%2520Banda%2520B&url=https%253A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&upd=1&new=1&h1=Vizinhos%2520escutam%2520gritos%2520de%2520%25u2018socorro%25u2019%2520e%2520encontram%2520mulher%2520trans%2520morta%2520a%2520facadas%2520dentro%2520de%2520casa%2520em%2520Colombo
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7cb5cfde7f728ffa-FRA
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=80484508839
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=80484508839&google_tc=
  • https://sync2.navdmp.com/sync?prtid=2&id=80484508839&google_gid=CAESEDrB3H6j6zJgrI85HqT5cnE&google_cver=1
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=80484508839&google_gid=CAESEDrB3H6j6zJgrI85HqT5cnE&google_cver=1
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7cb5cfdf38278ffa-FRA
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=80484508839&google_gid=CAESEDrB3H6j6zJgrI85HqT5cnE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=cde7646b-7ec2-4700-a644-d2cfd59057f1
43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&mdia=cde7646b-7ec2-4700-a644-d2cfd59057f1
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
7cb5cfdf28198ffa-FRA
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 22 May 2023 14:40:02 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x9 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://sync.navdmp.com/sync?img=1&mdia=cde7646b-7ec2-4700-a644-d2cfd59057f1
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 22 May 2023 14:40:01 GMT
cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Mon, 22 May 2023 14:40:02 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
content-language
en
location
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
content-type
text/html
cache-control
no-store
content-length
344
/
id.navegg.com/uid/ 		0
0
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUM45834
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e2d5455d739afd9437073050fe072ae865ad9b6e32d3707f4f0939c441d02b2f

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bandab.com.br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Mon, 22 May 2023 14:40:02 GMT
c
prebid.a-mo.net/a/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bandab.com.br
date
Mon, 22 May 2023 14:40:01 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
/
shb.richaudience.com/hb/ 		4 B
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bandab.com.br
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		4 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bandab.com.br
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		250 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
53df339b8135ffd9a1a440bdae4fb51bbaab7a1dc220fde6b9ae0f90c86cd5ff
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:02 GMT
AN-X-Request-Uuid
2d226cc4-a5d6-4374-b61d-758b017c98f7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bandab.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bandab.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
fastlane.json
fastlane.rubiconproject.com/a/api/ 		563 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=96666&zone_id=522080&size_id=15&rp_schain=1.0,1!premiumads.com.br,f326cb3e-4302-4f7b-ac75-0b31153d0c59,1,,,&eid_navegg.com=12bd4024a79f0dd74891af59f910%5E1&rf=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&tg_i.domain=bandab.com.br&tg_i.page=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&tg_i.pbadslot=%2F75894840%2C1315984%2FBANDA_B_RETANGULO_1%23P_BANDA_B_RETANGULO_1_0%3B%2F75894840%2C1315984%2FBANDA_B_RETANGULO_2%23P_BANDA_B_RETANGULO_2_0&tk_flint=pbjs_lite_v7.45.0&x_source.tid=4e42cad5-2e08-4128-9cfd-7562e48234f5%3B92272091-fb09-451d-b7a8-40526b2e91d4&l_pb_bid_id=17c37f56390fe94%3B186139b46e44053&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4e42cad5-2e08-4128-9cfd-7562e48234f5%3B92272091-fb09-451d-b7a8-40526b2e91d4&rp_hard_floor=0.0103&rp_maxbids=1&p_gpid=%2F75894840%2C1315984%2FBANDA_B_RETANGULO_1%23P_BANDA_B_RETANGULO_1_0%3B%2F75894840%2C1315984%2FBANDA_B_RETANGULO_2%23P_BANDA_B_RETANGULO_2_0&slots=2&rand=0.9335237324681405
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9134f8247d3c06e5ec29e29dd5df62faa67679dee801253f96a9cc40f81ff71b

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bandab.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
s.seedtag.com/c/hb/ 		11 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
via
1.1 google
server
openresty
etag
W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bandab.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdb
bidder.criteo.com/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.45.0&cb=82042853157&lsavail=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bandab.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
auction
tlx.3lift.com/header/ 		19 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.45.0&referrer=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&tmax=2500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.2.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-2-24.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
accept-ch
sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
x-auction-status
12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pb
ad.360yield.com/1879/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/1879/pb
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.7.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-7-236.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bandab.com.br
date
Mon, 22 May 2023 14:40:02 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
v1
prg.smartadserver.com/prebid/ 		171 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bandab.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:01 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bandab.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
769
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7cb5cfdf2a7f03f4-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 21 Jun 2023 14:40:02 GMT
pc-generica-detalhe-1-1-1024x683-1-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2022/07/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bandab.com.br/wp-content/uploads/2022/07/pc-generica-detalhe-1-1-1024x683-1-150x150.jpg.webp
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f663ad5be25f6f005c302ce83111f0f113f58d65c8abc3e8d54b18a2bd83c90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Jul 2022 20:16:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62bf5631-7ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuOVZ03vzYh2f7Loe2ubQZ8T1TrJLEzCl1ipy81IaefWtgvQtthc7yGi5Yv1oggE4%2FnwEwKvfLy3plRx7CBqR328CywgeRhIA84LfCosYRaFiY7Jd54H5BlKG7JE%2FIQR65viTPJo3DL11mB5ecYL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
7cb5cfdf39701e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1998
icon
onesignal.com/api/v1/apps/69a022a7-ce44-4eb2-8e90-2e58ef1fc303/ 		184 B
776 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/69a022a7-ce44-4eb2-8e90-2e58ef1fc303/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba68e6e9397514a0687ba69b6010eae9325189158aed28f5cd581580c819730e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
233d5be6-cc19-4dd9-a1e7-a2e54c15e34f
x-runtime
0.008835
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ba68e6e9397514a0687ba69b6010eae9"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7cb5cfdf9cd32c3b-FRA
access-control-allow-headers
SDK-Version
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=172047844822838&ev=PageView&dl=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&rl=&if=false&ts=1684766402521&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.2.1684766402520.1949633117&it=1684766402192&coo=false&rqm=GET
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 22 May 2023 14:40:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
85c639f1-382e-49f1-8fa4-5ab8601a204e
img.onesignal.com/permanent/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/85c639f1-382e-49f1-8fa4-5ab8601a204e
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee349aadb2e190fb96ee8840d56c6c4902cd1267300525e6a1a0735d6a04f33
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Mon, 22 May 2023 14:40:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
40
x-guploader-uploadid
ADPycdvOzU5n8_rez937hOcjDXjiGiiaM81vZIs51VfTkShwAHM_gWjbSr3Cwy2F69qLsZZxHqBcIX7M4bF2Oy_rLLvG2lPL0b-N
x-goog-meta-x-goog-source-etag
"89f27b30a9f1b070f5b3e3dd2e60574f"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10202
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:38:22 GMT
server
cloudflare
etag
"-CNTYspCLlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676345902672980
content-type
application/octet-stream
x-goog-hash
crc32c=QBY2hQ==, md5=ifJ7MKnxsHD1s+PdLmBXTw==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
10202
accept-ranges
bytes
cf-ray
7cb5cfe00bc703f4-FRA
expires
Thu, 22 Jun 2023 14:40:02 GMT
hb
cpm.denakop.com/ 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.denakop.com/hb?zone=146448&v=1.6
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:02 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.bandab.com.br
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
hb
cpm.denakop.com/ 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.denakop.com/hb?zone=168863&v=1.6
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:02 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.bandab.com.br
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
hb
cpm.denakop.com/ 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.denakop.com/hb?zone=166141&v=1.6
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:02 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.bandab.com.br
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cb5cfe13c7a9be9-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cb5cfe13c7b9be9-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cb5cfe13c7d9be9-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=8&rp_schain=1.0,1!denakop.com,10617,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.bandab.com.br%2Fgeral%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=8e6f48f2-9107-47a3-8893-c7ba45d7c0dc&l_pb_bid_id=1076dcdabf767c8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.27878171959876186
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
438401bbf1af7da20c1a878bae7269a1f7d0678e1a50141d9c79a4ceeab39437

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bandab.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
240
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=439152&zone_id=2519330&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10617,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.bandab.com.br%2Fgeral%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=9c49302a-ef9c-4758-939f-5d52c85184a1&l_pb_bid_id=1139ef8a9646dcd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.09929236513324224
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c92ddf76ef68a1fe7e972a99179d310974816ea03cc845236479a03a6e76076c

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bandab.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
261
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10617,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.bandab.com.br%2Fgeral%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=7176bda0-95b9-435f-b716-34e73863a528&l_pb_bid_id=12f333f978011d8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7341034290640813
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
209b639c0457fe5a70b2cc36091b056a724d3ad4830880444d8280a5e82aea78

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bandab.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
260
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:02 GMT
AN-X-Request-Uuid
a1bdbdf1-654a-4cdb-94ee-111c7f57d84e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bandab.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bandab.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bandab.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:01 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bandab.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:02 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bandab.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bandab.com.br
date
Mon, 22 May 2023 14:40:03 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		19 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:02 GMT
AN-X-Request-Uuid
65647088-6e9c-4e59-b47c-da9bbbba52b7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bandab.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bandab.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2270490427165444&correlator=829431459803797&eid=31074172%2C31074682%2C31070232&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=75894840%3A1315984%2CBANDA_B_1x1%2CBANDA_B_RETANGULO_1%2CBANDA_B_RETANGULO_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1x1%2C300x250%7C343x250%2C300x250%7C343x250&ifi=1&adks=692687031%2C1765800575%2C3194573437&didk=2080899577~3657508425~3657518765&sfv=1-0-40&fsbs=1%2C1%2C1&prev_scp=pp_loop%3D00%26pp_pb%3D0.05%7Cpp_loop%3D00%26pp_pb%3D0.05%7Cpp_loop%3D00%26pp_pb%3D0.05&cust_params=pp_policy%3Denforced%26url%3Dbandab.com.br%26categoria%3Dseguranca%26subcategoria%3Dmulher-trans-e-morta-a-facadas-dentro-de%26link%3Dmulher-trans-e-morta-a-facadas-dentro-de&sc=1&cookie_enabled=1&abxe=1&dt=1684766402842&lmt=1684752600&dlt=1684766401508&idt=561&adxs=1%2C1195%2C1195&adys=1%2C491%2C1185&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&frm=20&vis=1&psz=1600x0%7C343x250%7C343x250&msz=1x1%7C343x250%7C343x250&fws=0%2C4%2C4&ohw=0%2C343%2C343&ga_vid=148957993.1684766402&ga_sid=1684766403&ga_hid=287216500&ga_fc=true&ga_cid=537390545.1684766402
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f8efed939a7362333bae64488897aa22cdc4b0a4070304a9d25494067b986dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20647
x-xss-protection
0
google-lineitem-id
-2,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		102 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2270490427165444&correlator=829431459803797&eid=31074172%2C31074682%2C31070232&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=21715141650%3A1315984%2Cbandab.com.br%2Cdesktop_side%2Cdesktop_intext%2Cdesktop_under&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=120x600%7C120x450%2C336x280%7C300x250%2C970x90%7C728x90&ifi=4&adks=2650462719%2C521499884%2C2933335047&didk=3753777120~2299010689~1184276927&sfv=1-0-40&fsbs=1%2C1%2C1&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww%2Cbandab%2Ccom%2Cbr%2Cwww.bandab.com.br%26pathname%3D0%253Aseguranca%2C1%253Amulher-trans-e-morta-a-facadas-dentro-%2C%252Fseguranca%252Fmulher-trans-e-morta-a-facada%26placement_name%3Dside%26keyword%3Dseguranca%2Cmulher%2Ctrans%2Cmorta%2Cfacadas%2Cdentro%2Ccasa%2Ccolombo%26secom%3D1%26tier%3D1%26bl%3Dsecom%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww%2Cbandab%2Ccom%2Cbr%2Cwww.bandab.com.br%26pathname%3D0%253Aseguranca%2C1%253Amulher-trans-e-morta-a-facadas-dentro-%2C%252Fseguranca%252Fmulher-trans-e-morta-a-facada%26placement_name%3Dintext%26keyword%3Dseguranca%2Cmulher%2Ctrans%2Cmorta%2Cfacadas%2Cdentro%2Ccasa%2Ccolombo%26secom%3D1%26tier%3D1%26bl%3Dsecom%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww%2Cbandab%2Ccom%2Cbr%2Cwww.bandab.com.br%26pathname%3D0%253Aseguranca%2C1%253Amulher-trans-e-morta-a-facadas-dentro-%2C%252Fseguranca%252Fmulher-trans-e-morta-a-facada%26placement_name%3Dunder%26keyword%3Dseguranca%2Cmulher%2Ctrans%2Cmorta%2Cfacadas%2Cdentro%2Ccasa%2Ccolombo%26secom%3D1%26tier%3D1%26bl%3Dsecom&cust_params=pp_policy%3Denforced%26url%3Dbandab.com.br%26categoria%3Dseguranca%26subcategoria%3Dmulher-trans-e-morta-a-facadas-dentro-de%26link%3Dmulher-trans-e-morta-a-facadas-dentro-de&sc=1&cookie_enabled=1&abxe=1&dt=1684766402856&lmt=1684752600&dlt=1684766401508&idt=561&adxs=0%2C453%2C0&adys=0%2C1560%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0&ucis=4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&frm=20&vis=1&psz=1600x4376%7C1044x40%7C1600x4376&msz=120x-1%7C1044x0%7C970x-1&fws=512%2C4%2C512&ohw=0%2C1044%2C0&ga_vid=148957993.1684766402&ga_sid=1684766403&ga_hid=287216500&ga_fc=true&ga_cid=537390545.1684766402
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4504119aec6d40cd1a91a0359445442775e3bcf01281b6b1ee549b8b5fb70259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30989
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bandab.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FE3C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:02 GMT
expires
Tue, 21 May 2024 14:40:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b6a598502c28ff51902f37ff3fb7b5674b385d5924d030acf7ff1c45cbff32e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11258
x-xss-protection
0
rum
www.bandab.com.br/cdn-cgi/ 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bandab.com.br/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
application/json

Response headers

date
Mon, 22 May 2023 14:40:02 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.bandab.com.br
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7cb5cfe29f6e1e6c-FRA
/
www.facebook.com/tr/ Frame 9437 		0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.bandab.com.br
Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.bandab.com.br
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:03 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 14:40:03 GMT
ZELENSKI-E-LULA-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/05/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bandab.com.br/wp-content/uploads/2023/05/ZELENSKI-E-LULA-150x150.jpg.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0120dd511e19f616aee3464634ce858f3dab79cb9b97760dacaf5592c50c3237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
cf-cache-status
HIT
last-modified
Mon, 22 May 2023 10:07:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"646b3ef4-1520"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0rkHC4RRFnOqdR9j5bSeHNAVfGZm3GWkC3djsvWeglK3Lttt7L7q02q4%2Fy1OwZiuN6mdIoqCq%2FJBgeS%2FqmkggQFT3PEmvNa3BjNm3dCKmHNATya7fOE19E0DMhnVlwEHIlkad6xHpDRgajr%2BhU0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
7cb5cfe3685f1e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5408
augusto-aras-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2022/03/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bandab.com.br/wp-content/uploads/2022/03/augusto-aras-150x150.jpg.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc00d168da6ac0014a614485193cdb5fac712689cafc0378ba3a48697d252cbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Mar 2022 21:13:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"623b8d70-906"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fi%2BaDl7hjpne0%2FnuYmYA9BwOckMcWnoCA4Mc0s3pOQt%2BROdwRMKnTcTldAvJ0uOsZ%2BfWaJVz%2BZSSdMp1oq04P52p8JuSXM5fFPHflwxLiAHBNW4b0PN5EeG3dJlRmTxcoeHiYBRPf369zjGB0QDG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
7cb5cfe368611e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2310
api.gif
tags.denakop.com/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10617&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&t=1684766403219&cb=0.5387259215387221&aa=side
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
7cb5cfe42b9c2c52-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
tags.denakop.com/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10617&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&t=1684766403220&cb=0.8177720990247055&aa=intext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
7cb5cfe42b9f2c52-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
tags.denakop.com/ 		0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10617&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&t=1684766403221&cb=0.9239974861180187&aa=under
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
7cb5cfe42ba12c52-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
instagram-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/05/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bandab.com.br/wp-content/uploads/2023/05/instagram-150x150.jpg.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
250673d598b00403e15cae45e6c6b5f3bde0251f032f5c074b7650f8317a5578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
cf-cache-status
HIT
last-modified
Mon, 22 May 2023 10:21:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"646b4218-d30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5C4VReJobtw5HertJi%2F7B%2FYGe2iqszJa%2FIcnwj1dra0koPbp3GmD3b1%2F0FDnyVGg3wWR2wPto8FfTw3UFZ3xk4MveTNeZRoz9cNfzs1guKD8pC9Cd4LITexJUGCkV9dlLBo39HWjm3xysD%2Fp72Y"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
7cb5cfe439a21e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3376
container.html
4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6EDA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:02 GMT
expires
Tue, 21 May 2024 14:40:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305051745000/ Frame 835F 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
273634
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61874
x-xss-protection
0
server
sffe
etag
"1f10ad03381c56f5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 835F 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
273634
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5227
x-xss-protection
0
server
sffe
etag
"c5726c99a9d8e9d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 835F 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
273634
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28894
x-xss-protection
0
server
sffe
etag
"e449c041a52d1404"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 835F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
273634
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1910
x-xss-protection
0
server
sffe
etag
"40d60bfa9b2b96dd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 835F 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
273634
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12944
x-xss-protection
0
server
sffe
etag
"8267429d1a59707e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
truncated
/ Frame 835F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf0e9d537c1febb7194eaf0ad07069d02b546474cdb169729b9787083ab82cc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
6255430598607873556
tpc.googlesyndication.com/daca_images/simgad/ Frame 835F 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/6255430598607873556
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93203a5c3da7236a1272adf227ace4cd0927132f608a4507967b080d173125fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 12:39:14 GMT
x-content-type-options
nosniff
age
180049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31583
x-xss-protection
0
last-modified
Tue, 02 May 2023 06:23:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 May 2024 12:39:14 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 835F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 17:09:49 GMT
x-content-type-options
nosniff
server
cafe
age
77414
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Mon, 22 May 2023 17:09:49 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 835F 		344 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
3893
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 23 May 2023 13:35:10 GMT
l
www.google.com/ads/measurement/ Frame 835F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuTjlJs8xMUGAXdPaO5_QUjo95uT53TJ0SHmrBwPSUi5Jr4vB8u-BIQDjKlq3zRMB4STw-hsOGhQ_RVkJ6xlEE8kL1Kg
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 835F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbMs8wn5rZNbxN4mSrAT--6uADLmM5cpwvtvMibQR3NkeEAEgqtOMaGCV4pCCoAegAYeDv_cDyAEC4AIAqAMByAMIqgTrAk_QDJI65Xj5kG9zVri85aoVwHnE72psM6U-xTL9dETCnYk2qu6aP6imtuL8eYSTG3hhhwKiSWIuCn7hA6gkOx8irOReONv81YoaE1jDhDYOPlV0LdUc6Qsn8NFCPkBpyu7vXgfxwWMK8Le5tc_-fUp4RcWs1LzZxjpqmjyNgQ2HG_71PTwPEhe4hQW1F4WDEY5EDrqwZD7XaM-sEgjb44CCrKRPO5t6pBykFPGSpVJRPvHc27XhXC-KivA62Qj4x5L9dfzHOTSgnPdDo5IH7OtOCOJcncLmpC1HhlwYXdRlhu-czj9FtZF_XLZcALFmRXwZQbdWj3NcZkAxsz7bA3-bFW6G3jBHGBLrGYNvaXNJwSaUgrRBIxAzvxFf8PagCXj4HVi05RC6WcMAU_-0VL6-DoitU5h6DujfhuPIMVCYn9aN6fOqeX8T40vvOaR5bb6-1eUp_cSn0JJKkFB7nRA8-cplTB4eJlVhfsAEmYXF5KIE4AQBkgUECAQYAZIFBAgFGASgBgKAB6uioSOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD0kQPSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTYyMDE4MzY5Njk0MjQ5ODYYkfNs&sigh=xwE-4mGqVvg&uach_m=[UACH]&cid=CAQSOwBygQiDk16MvISuWxTN2p9heARYJj0QNt1JuZtPrdA8Uegr7Bm_yZcp18lgrkbzsP8f70NwXco5pmGXGAE
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
container.html
4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 931E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:02 GMT
expires
Tue, 21 May 2024 14:40:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		262 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4662 		624 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGOmSkOkBMAE&v=APEucNXUpHPm-zWlcW3yVlW2LxGFM504lVD33XnMyCJFfg1rAMGOsi0hmcNAT1OfORuQDHaRPFohwe9uUnB04M6kk8R-R6N50EzQR-WdZGnf2hPjQtLrcIO4SKIFp1tb2ZyWy1o3Ri8QOJ-Rd8wI7p6ENtBgnFHApcSMzYhPN0C8IfA8b5NlZXBcNKAbO2lgEjBbG1wzXfxWRyUxnPgeyh66XJeqB7sWtQ
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6EDA 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 22 May 2023 14:40:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EDA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ARfqwDfqc0CwcoQHGZRu8zPAUycY52XQo1azDAZxkWMC9cVBunVkrp-ac8m_8jAovwMLWJ8mWojNmcq8J_EbF4xtrEPIVUncepNhcl__2IuVRCyCg
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EDA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12188449494175971172&x=1&ct=76
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 6EDA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:58:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
2510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 13:58:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 6EDA 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
14511
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:38:12 GMT
l
www.google.com/ads/measurement/ Frame 6EDA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2xnZzdlxJBnWyo25h_pl0eIYhe5ZPc6UBwKWLPj2-rMp-kAbAMAMIXvulr08-XAc0ZhqRQP6EqVuIP4iBOlj7toNIjg
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6EDA 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 14:40:03 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 931E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ1opwn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTdAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRqt-K7oIU3wt-l3BhkLeE59UkEJKOoKaaAOyBdQseQQzqoe3_4uyjgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODE3MDk2NjUzODE1MjU0MxiR82w&sigh=Jqqq64Ocos0&uach_m=[UACH]&cid=CAQSOwBygQiDk16MvISuWxTN2p9heARYJj0QNt1JuZtPrdA8Uegr7Bm_yZcp18lgrkbzsP8f70NwXco5pmGXGAE
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 931E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jtkd59bqcwxdbqrcbf8bjjq2rb7b95f3qha5vxkn21fxdpdhxz2c0f2csvmt5wmn1629r26s2e465r2rp1thc6dasdanjkq3bqgrzvsce0kz5v166cykt7s2vfyhh0aqgke4c2e9sq03dvnd7adexjmytq51ynxpkwqf3zfneqgb701v97xj39s2k1pkgckhd4ytggdbaykgzhjamvevseek9svn8gb6w9yn8a73pbd9rx7kbbg379a1mvc9x4envhyphjwx300b86h36es2dg6r72w21z51ppbwfhscgj8j4krwesbbx0pwy3h6tg18k743p9p8s7d3aypamx290yk5mwbgkdwvk37dfve7732zg7k8pvkwz1qgjz6g5yg5jfqd1cp1dddz2r&b=ZGt-wgAN-NUKiwkJAAr9_qXZtD22mge9gbkqMw
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 14:40:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 9A42 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hbd9wb3veyxhtd8fymm2qydwf3p4n0xcfst5mevrer8fn03wc4g4qxc81ysxn56z5yj15d59gw64xcnyw8efxnpv4m9fjp8jx0zyd4dfxgphay53hk0qn0xk2pa2cjzjphsfyy8rtkems14s43sy5ecp41yc8fxnrbj7hf63rtweqxd28x7r6xy5d8cjbth5973k8esg3h8faamq272w2xva505kzadygj88bt3vnsppfwk8ksqsvpbtkbdmxqhqps4qj0nbg7b3zen9rhetsvr0s9bwyywvtjdkthv8svvgrd1qhgpjb973rpb4sqpnssbbmfk26ydhpksbeeb8z0znpgx01hmbg8dc2h05zjb5a5epf1t7t1kqrpjp61z40nqe27dt6bhgbk82vcjdbdycdt15sftbxcywktmexme837mfaqvg0qrws78sbsjtk7bkh6asr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%26client%3Dca-pub-8170966538152543%26adurl%3D
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc618b2479edb489ee1b590537cc2b7e96a160b2574feb8e26e9fde1b7d3492f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cb5cfe658e9383a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:03 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 931E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:58:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
2510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 13:58:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 941F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27123
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Tue, 23 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 931E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
14511
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:38:12 GMT
l
www.google.com/ads/measurement/ Frame 931E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZ3SXFweI68Z0_H3HUZ8Rn6hQcrZ5AK2RLfNhFOLUOmVsZBAxHmDXmh0cVmVNpE6HLB1SM4LJmmdS3UgpPUA4pIuTVDA
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 931E 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 14:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
258468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 14:52:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 931E 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 14:40:03 GMT
container.html
4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 064E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:02 GMT
expires
Tue, 21 May 2024 14:40:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 07B2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:02 GMT
expires
Tue, 21 May 2024 14:40:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 835F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H2
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date
Mon, 22 May 2023 14:40:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
6255430598607873556
tpc.googlesyndication.com/daca_images/simgad/ Frame 835F 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/6255430598607873556
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93203a5c3da7236a1272adf227ace4cd0927132f608a4507967b080d173125fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 12:39:14 GMT
x-content-type-options
nosniff
age
180049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31583
x-xss-protection
0
last-modified
Tue, 02 May 2023 06:23:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 May 2024 12:39:14 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 835F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 17:09:49 GMT
x-content-type-options
nosniff
server
cafe
age
77414
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Mon, 22 May 2023 17:09:49 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 835F 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
3893
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 23 May 2023 13:35:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EDA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9786932653159&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EDA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9786932653159&version=m202301230201&ct=76&x=1&cor=12188449494175971000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6EDA 		86 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJZZ8XWwev1Sh9q-wtPNShPH-itS8RGF_Cg558Qozilr8oXdd7M6k9ftvjm1oBdLgUatYEC91ceG8065pTqLwC-7lrMA&cry=1&dbm_d=AKAmf-AdOufLRQYO4dcdY4qkTLtsn58WuaPJAatjdCJEqMPBEhMOu_Sz9Wo91az4IOrdh_3KqspL6IaZ3pcBdhTEOxMK-g3bXtYt16gUw0kSwc1qZMBDBbB4p_k1DVBrZwsKJeBFnh0fbLFGQ9UXOd8x7HB8_5k-I78toE0_zF2Ho3KmQG3nfzBXfNmtoecNpGL-patiwF8r9JOWABGVY8tEdJ66WqkyrEF7r49LHRtMeO86PSTdogkRwNaS8f2gUfNZIbKSOBTJz-ScZbAiNKCDv5-rKwtnXRgunSASn0v_RP1N8AMiX2C0o4rKSDqQj3fQJWpEN98bu7paSB0Z9lpy3WnnTP_rfbyb7mHeOVdQkzeWAKJxZjRxOJAc2PE19rxD8dTncQ8VgdjXuC298q3Yq_Qp0mgxRITspvi6LpiOuMgQ7lHMQ1LdzIbVpRnlRqWVLv7JYgNJ8-jqXfxJYruUpcSzaxFNJLJDDAkN1MS6Apj09NHNkZLUML7jiAeIKTTLxh3xNLi3Q7hikMOr-w6iaDabrK7oGqxhih-EFxcBrDWacgj-j7sxj2W7R0Bsc401O6oCRDisLOsqmUK_eeeSktDGhx0Ezux8Tlu2NKLTNrc20tHRJYADmSYBi3HUHanDyTSLQwWZILhMuIsn6eXCcFt2mgt2bqztYDzkUeGVeR8KUK8b-hDzsySznvU7cKqihu5gzFcE8PMtK-6-D393X1AEvUkDdVI94c8whbLarkB8CHbtiij3Hgr-UDT6pN__VHdIqN6BxFfvy1-xIJ14mPd0GWYU7FdhSAov3sGRBlLuVsUSG09e1MVqljnYQsA1r_5gcG0SPclPU0QF7hJbU2Kxwzoj9fm3dTyuX1uHzAKZ-jdlqjWH1u_sTFcG2vKFOZmCPjHLLyIkuKueIGkn-5pYLu4sObZ-jAuiQ0LVUDOikCQiw3UUx3GTh1QZYMv0FperRuRGXboWtrHoSrQ3FQLrmEheLRcnyGvn4JiNGeDLvQfxT8ExgJIdjIGdWTEwGWvqcfXc3Drq_wtwc6a9sTgK26S-O6dWjvVgsFXD9nSnPDw3dvmD77Fn5I5vYim9ttI_0ylz3pwwzkBYflT9yogZv_OD0O6Af6G3AN0HDb2_vgkwgAzFhzgjKvRN27IdbzLl___BUc3kiFTBDobpBPLWY4H5yfaYl5v_ysynCzKIi-dQL_VE_-efoO7E5DgSpJw3lTV9oiqceOpPkzXp1D8Oh99XVjpUsdFRCqkUAM-2d9vdD7s2PKRgqO0NQFoh14J0w5IaVRj0uITMU2EH49awCaogLMt_AGeugu2llDf11pf-XBM4oo6Fu-qNRrFfKlsJ46mcrwP38CC_xS_fWHAhM1bnPeO-xmAknMQ99pOXrbQa2PnZ392bqBWf5lT1KE5mcE27hp1RXeoq0xKXL_owigTii39dShIrT9_zpt49oh75o3e9Jy6EtAYvKvG8T9aJRyJVy1mnpbI_t7rr-rpBmgyQVkAfD4jnpZN4i-HDHVDRz5sRKNxvRcsbhQnADQ_0_tJ2PmyqKefjJjcoXiIVpjkEpxZqpNoNemG25QMVe2ORIxPg3oRy8gc2YZMO0HjEYevMgskqTWM4dvesD_V8zjevssaQjDK7J25M41Xf-Jm4AHa3GvXOvoTZ1aP1cZuo4FTdonKjCvQI7VDipxGsR55zAFWSa8le7xqqSe1wKf69ie1YsayHjMQGI-jOunAt2WxwclCps1-eJTufUWzNWsjzJLZQIoOO9dBknDLgwqeYtFLw2bVSgb9CvQJHNWQZVG2coq47M8RmcrmQqe5QyDfKdR6yRPIuOL0UlZ7OvTJ4zrndgPB9mPqZ-ZYlYHkIBtQ26eu97Gnf97GyC7WaCa4uMnMAv73eCg-_Er2TFl6lKBMPdGcuWmwwPga1Mr8Szm8GY2ygI34bQKe9jaUwgtrc2IsBgEo7nX5DXeeeNJbY_3q4cb5ws2JbLzK05wwFxJ3mmx7lFU9h0tBOtxZNWOy3Q72sMqWMMml-J25c8TveHdssDB38BTBcEgcFWVeH8R4j9tIUoel0t1c8L8vCaZocMGQGiSaeMiKrAiYozwCPzJVXSdt__LFhqvN7m29dphefSVmDXtrFukRxTnyO-UyJw6_vyMRqPIBc6hQ4ORFj1LyrELnPDhgCw-ZqVIqg-_nKrE1JN8dWhFHjNeU3Zq9cM2p0521qcHyeCzlLKP2GwF65ObAY7Ea3Szcz72-BtS8awHflt0BsqQ97l83KiQd31eBJgJXF72rg3VrZGQ-_eC3pY-yMFBW7iP69CxjL0Slrs1HKusD-CWQdKNvdZOcfUFSzvlOie2JbAm4K2hMXJns5dTKjgClCmaAsmOhr2TFV8s6ipl_1rV3a-1OHFbR_pJfx7B5jUDwaeMIfZSX4yUtT5QiHinQPgUQyFiRXE1tCDvZ_ASQHgdbn_rg1IXoBNprGGFxVTw8DLO5BWoN1G_gRCcyA-_nADsCO3OHeYXuHHGAlMuohWTPCJaX7i-cAcddSISEoO14jpgopVjqnsd3yX1P1XJLTflxGuxqMCsO3hMNP8cilY1hY3x79dF_pxP1Bt2Uym7GnqSR6LleWfw5IWX6xUD9uT0qLa5JY2iRDQFqlpvYAUs5u_5G-TpyIy-aI7vHIKUqEXRw8hizHVn2mUrGzCO3kCUC0lv0MABiAnLD8gO8nCnCkPthUcbM2zeUNZsIK_JmMUriX0knEO5aU78RQTgblGa0cD6nwuiM7V7LsE9cgdD0RwWasJWHWWgto6a0PHTBm7yDNmNzsf90j4v46tieMhcsbDcuk0cEk3P2PdCnlep_04odgAuRC0pzt-VJTDvKU3Xx4atBAYDYmnJQkwxSfyLidiyrdl7KJecNi3xXr8KhGgGF7YB6ONC5NjUIdjEHgS6uRs3WETHJ_iJ52REdjvbIJCPOZ6vC3pM6QrTVPNH0HkE-kocLUtiJih28f2iqCvqv0UAILoGeHNtBLtI1Hpjf9AubPo9HCLyZ5YfzFBppWNcMhIWfA7o5UEYPSkN37PBcSBXYb0yk4GZ52RGQ6Pp1uQ2AndjUhcePoY5SWb-GzgGIHgKJOqDMf0SQ8HC-Xdg9a6BgMEA_Ok4ECgLONNww7zmk6a7a7EpTPQWumcqR_wRyE7ozkhd3S2tSPtConrMGOXCqgx7LA1Orub-E-7dY9HeyelGAz0NjxbKIsGsM-fXJ2WJEWnjnPxiae0-uFBGvyP3Q_kNf1rVmHCaYkzr9OtrfFTKKldhnegp4FFiSd-7v6tDBfMREfPWyor_N5M9irBjo-Z3gw__zVPii3rTEnWicAI6K5bdGy0De9aoQj5IyeXje4HhNFV-ioNhIhk_K8JPhesICi-lsHRPIhA_mb9P6938AlLNVWpinMtMKOxYhvaoq95VPpvDXnrq-22RIDLTk3t-V2_RjxmZES1-pz7ELdU4lakIDxTyOWbeadLH4SSqroRICS5XoQo5AQ9M9TBQZDLYkwrdGtQX7Rm0IQVRP4zB5022-oL6mt_z4uXxo6j5uzZMGwvoWLzDB1vPJ2cCKwTltKaJT-7MmxwcNpF8g1xdoBxzntWrzwHt-0YVp0OA_fUtgoVLgEYVw0an-q-91U64k&cid=CAQSOwBygQiDk16MvISuWxTN2p9heARYJj0QNt1JuZtPrdA8Uegr7Bm_yZcp18lgrkbzsP8f70NwXco5pmGXGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bandab.com.br%2F&ds=l&xdt=1&iif=1&cor=12188449494175971000&adk=2923430907&idt=112&cac=0&dtd=33
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
516632fc5937c8b8d801f099c5ecc41503281ad24ba53768403cc36f466087a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36640
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 9A42 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hbd9wb3veyxhtd8fymm2qydwf3p4n0xcfst5mevrer8fn03wc4g4qxc81ysxn56z5yj15d59gw64xcnyw8efxnpv4m9fjp8jx0zyd4dfxgphay53hk0qn0xk2pa2cjzjphsfyy8rtkems14s43sy5ecp41yc8fxnrbj7hf63rtweqxd28x7r6xy5d8cjbth5973k8esg3h8faamq272w2xva505kzadygj88bt3vnsppfwk8ksqsvpbtkbdmxqhqps4qj0nbg7b3zen9rhetsvr0s9bwyywvtjdkthv8svvgrd1qhgpjb973rpb4sqpnssbbmfk26ydhpksbeeb8z0znpgx01hmbg8dc2h05zjb5a5epf1t7t1kqrpjp61z40nqe27dt6bhgbk82vcjdbdycdt15sftbxcywktmexme837mfaqvg0qrws78sbsjtk7bkh6asr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hbd9wb3veyxhtd8fymm2qydwf3p4n0xcfst5mevrer8fn03wc4g4qxc81ysxn56z5yj15d59gw64xcnyw8efxnpv4m9fjp8jx0zyd4dfxgphay53hk0qn0xk2pa2cjzjphsfyy8rtkems14s43sy5ecp41yc8fxnrbj7hf63rtweqxd28x7r6xy5d8cjbth5973k8esg3h8faamq272w2xva505kzadygj88bt3vnsppfwk8ksqsvpbtkbdmxqhqps4qj0nbg7b3zen9rhetsvr0s9bwyywvtjdkthv8svvgrd1qhgpjb973rpb4sqpnssbbmfk26ydhpksbeeb8z0znpgx01hmbg8dc2h05zjb5a5epf1t7t1kqrpjp61z40nqe27dt6bhgbk82vcjdbdycdt15sftbxcywktmexme837mfaqvg0qrws78sbsjtk7bkh6asr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%26client%3Dca-pub-8170966538152543%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
1206046
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkOI8qpBehApCQBdI3%2Bqq8eVKMaaxosJ%2BXCUmNoQvVXGSuVcIkSSZHMkJXGvTBNjdmSQtrT0Zids64iUMCYMcpCXBNDZXaFNXO%2FkpJaR5GWjiSOtWL4uJ1OmoKwHXuW7OEFCvUYnblg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cb5cfe73a4f383a-FRA
expires
Mon, 22 May 2023 15:40:03 GMT
r62eglto.js
ad4m.at/ Frame 9A42 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hbd9wb3veyxhtd8fymm2qydwf3p4n0xcfst5mevrer8fn03wc4g4qxc81ysxn56z5yj15d59gw64xcnyw8efxnpv4m9fjp8jx0zyd4dfxgphay53hk0qn0xk2pa2cjzjphsfyy8rtkems14s43sy5ecp41yc8fxnrbj7hf63rtweqxd28x7r6xy5d8cjbth5973k8esg3h8faamq272w2xva505kzadygj88bt3vnsppfwk8ksqsvpbtkbdmxqhqps4qj0nbg7b3zen9rhetsvr0s9bwyywvtjdkthv8svvgrd1qhgpjb973rpb4sqpnssbbmfk26ydhpksbeeb8z0znpgx01hmbg8dc2h05zjb5a5epf1t7t1kqrpjp61z40nqe27dt6bhgbk82vcjdbdycdt15sftbxcywktmexme837mfaqvg0qrws78sbsjtk7bkh6asr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421017
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHVOYZEYED1s6HhFJk6P3vsm8x0SrulwhforwoW2Hgl%2FEAqdpehxVwwxiA7op2s0TZTyIk8xXi9kalJQzV087W9tu7laopBJNzTkKWITRwmtUPsGX53YEKCxjAkfqnHvSvD%2FSsY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7cb5cfe73a53383a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 16 May 2023 13:46:07 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CA30 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGIqbkOkBMAE&v=APEucNWby5d1KXwyIU0B8pajHziup0HhO7N7ekwuNB_tlm5Zu5roEvoMBY5BZ3WHGq_ifTzmtKxRHYqSSOCMgTUKloJ7tX3PiyDBQPfvZly5X8DaAlwir607dvUxaEXkZBS7dddkutDUCG2o1NmGnBQb2pX0Gewl_CudmSxeuQ5T2zS--cs-prk
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 064E 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 22 May 2023 14:40:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DgL87F_Qz8QIlywUngJ3clYZe2ng0J_gldNZ8vu43tCpU1UsJt8D_pXF4dtbQofchtz-8opq6NZ3z6TVSldFs0FecEW4Xz9hekxxOS0yEPB3L5Kyg
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8997772101050812714&x=1&ct=76
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 064E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:58:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
2510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 13:58:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 064E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
14511
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:38:12 GMT
l
www.google.com/ads/measurement/ Frame 064E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxPzE1ItqRvb32wlKBUq5pDjhtvJefUVFXH3WPZLXzy2LqvCYyqvdbBYmHrZduv-Y2vQuIBqggUTlHCyOVx25-H_vPFw
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 064E 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 14:40:03 GMT
rum
dsum-sec.casalemedia.com/ Frame 4662
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGOmSkOkBMAE&v=APEucNXUpHPm-zWlcW3yVlW2LxGFM504lVD33XnMyCJFfg1rAMGOsi0hmcNAT1OfORuQDHaRPFohwe9uUnB04M6kk8R-R6N50EzQR-WdZGnf2hPjQtLrcIO4SKIFp1tb2ZyWy1o3Ri8QOJ-Rd8wI7p6ENtBgnFHApcSMzYhPN0C8IfA8b5NlZXBcNKAbO2lgEjBbG1wzXfxWRyUxnPgeyh66XJeqB7sWtQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4662
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGt.w9Fr1DMayGvHe.zftQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGOmSkOkBMAE&v=APEucNXUpHPm-zWlcW3yVlW2LxGFM504lVD33XnMyCJFfg1rAMGOsi0hmcNAT1OfORuQDHaRPFohwe9uUnB04M6kk8R-R6N50EzQR-WdZGnf2hPjQtLrcIO4SKIFp1tb2ZyWy1o3Ri8QOJ-Rd8wI7p6ENtBgnFHApcSMzYhPN0C8IfA8b5NlZXBcNKAbO2lgEjBbG1wzXfxWRyUxnPgeyh66XJeqB7sWtQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4662
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPrILlbBBy3sVQkjCLTd8XE&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPrILlbBBy3sVQkjCLTd8XE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGOmSkOkBMAE&v=APEucNXUpHPm-zWlcW3yVlW2LxGFM504lVD33XnMyCJFfg1rAMGOsi0hmcNAT1OfORuQDHaRPFohwe9uUnB04M6kk8R-R6N50EzQR-WdZGnf2hPjQtLrcIO4SKIFp1tb2ZyWy1o3Ri8QOJ-Rd8wI7p6ENtBgnFHApcSMzYhPN0C8IfA8b5NlZXBcNKAbO2lgEjBbG1wzXfxWRyUxnPgeyh66XJeqB7sWtQ
Protocol
HTTP/1.1
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:03 GMT
AN-X-Request-Uuid
06c528de-34e6-406c-a81c-4aaeca782354
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPrILlbBBy3sVQkjCLTd8XE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4662
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc3NDUyMzkzNzcyNzUzNjI5Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc3NDUyMzkzNzcyNzUzNjI5Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGOmSkOkBMAE&v=APEucNXUpHPm-zWlcW3yVlW2LxGFM504lVD33XnMyCJFfg1rAMGOsi0hmcNAT1OfORuQDHaRPFohwe9uUnB04M6kk8R-R6N50EzQR-WdZGnf2hPjQtLrcIO4SKIFp1tb2ZyWy1o3Ri8QOJ-Rd8wI7p6ENtBgnFHApcSMzYhPN0C8IfA8b5NlZXBcNKAbO2lgEjBbG1wzXfxWRyUxnPgeyh66XJeqB7sWtQ
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 14:40:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8f36f28a-967b-4fb2-8d99-6fc5eefa4b04
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc3NDUyMzkzNzcyNzUzNjI5Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 07B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEO0zw35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE0wJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQgh8ZwJbWnS8OqHMmf5afgXmBGOOPFtxBkyezp7P_eqoOs49DkOJSjgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM2MTkwNDU4ODcxODcwMzEYoMMc&sigh=76YVaqSXhp4&uach_m=[UACH]&cid=CAQSOwBygQiD91hujS2L4NN6l4KO2zD8MRfHaBGRZwQBHj0W6pt-TU_Axp9omjFmTE2abI1ucsD9LoZIkMQfGAE
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 07B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jnpd7m6e19g2h6k5r8t10r9q5bxvsdewem1mm7a1p96j2nr3nrc8mw4sdx65mpd7fhqt2qcpf0edchv60bzfaea45gtm4mpnjqxkyd3ymstkxv7pgtfxpzpmwnfj3w2ygsf6m30bc1712d7ry6q5mbjrqrxad5rtfv78w1h0y3pm9pq5haq6z408n0kyre9dcr50pxjk9118p8kvkyvy1r21nrm28xbndpje9v0hs70fqtjc5xa1x1xj40pge4zkrksk6jg1e2xb2nqy4fa5zhsx6tmr23q7kr9d49thex9w931t2s00zr4hwt433f0rb1e1qkjhkh603z82xj5jmhak70q6p9amjh28t8q81mg7xhyt5b5xxznfsw4z1rgg470tva90w5nh8g&b=ZGt-wwAAGjsKd74XAAggkDHkTDBEiC0WDsKl0g
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 14:40:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame C2AF 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kmfcv8q5ebbwyvk5shf37qn6kzg6r0rmbdqehcp9qppyvet41c8jz3xgjx4jn7em10eb7t60qrztg8ks55ae21shpzy64ssmsj8xkjqsnsj3ngexgg1h02chwy08rpcvz5j6s5fc6vcc6m01jpmht8rqra07gscpk93r1n2xwg4mf0bg0jvttz7ebe1rm8dzczmgf28q5sqbmwj8jwafay06b73q2c430sbz1xr2vz08my54pn3p5j47q3ga3zdp51k3xzfs9ajvt92n2p978814ck5e80j6qbwsx86m9m32hk7gpmz7jrrrhxvhd3rb7tbnbfp4a8e35wx8fjwpv5c0v8arrj1ytazf22adksas8m352ewg80zrag8fwm1mmnthk5pan6bhq926zf4cn0c2vj5rfrf3c81ek67nwcjgmwpewhb3rp6c7c1rvsy48shfwf58r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%26client%3Dca-pub-3619045887187031%26adurl%3D
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
727daf7b18a31addf0ee4cc1791946735537b00bbbc19b46a8d4cfb3539b5bb1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cb5cfe73a51383a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:03 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 07B2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:58:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
2510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 13:58:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ECA5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27123
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Tue, 23 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 07B2 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
14511
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:38:12 GMT
l
www.google.com/ads/measurement/ Frame 07B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRP8n4Tb8lNA_U7c89LgWyIIYjt54Y2EQ5MUMdJf8HDbFOmYes7-F6QVmuFtl0d6P1kfFlRKDtBLv32kPMvw3cT3D5DAw
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 07B2 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 14:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
258468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 14:52:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 07B2 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 14:40:03 GMT
truncated
/ Frame 931E 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4e4df64aea8be9642e5974862177d6fac3ec66a540aa6b1f1e6d9aeacccce91

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 941F 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBbl-jaOPNrC6zkaOUvv_jA&google_cver=1&google_push=ATf1kGMUwNPh2VUIAv9ckDmk7KsvU9pRQy15sWmcD26l8JbwuN8CJpyzAG7XJX-Hnsk17bwGZ96Y04ZD0kLuKCO37vaH16xBlP4Z
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams02-nessy-float2.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 941F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFryYqop9qr1OMaWImb4JPI&google_cver=1&google_push=ATf1kGOdsMjAMRYZhPxGo1rhOMt737dxBNvMzxoMXmXiefEQOEF4MstMCEPG9gTnb92d0EAONLjPEMAhJESG1MELaOinUz8s-T2LS...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFryYqop9qr1OMaWImb4JPI&google_cver=1&google_push=ATf1kGOdsMjAMRYZhPxGo1rhOMt737dxBNvMzxoMXmXiefEQOEF4MstMCEPG9gTnb92d0EAONLjPEMAhJESG1MELaOinUz8s-T2...
43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFryYqop9qr1OMaWImb4JPI&google_cver=1&google_push=ATf1kGOdsMjAMRYZhPxGo1rhOMt737dxBNvMzxoMXmXiefEQOEF4MstMCEPG9gTnb92d0EAONLjPEMAhJESG1MELaOinUz8s-T2LSQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOdsMjAMRYZhPxGo1rhOMt737dxBNvMzxoMXmXiefEQOEF4MstMCEPG9gTnb92d0EAONLjPEMAhJESG1MELaOinUz8s-T2LSQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7cb5cfe90b4b9199-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
200
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFryYqop9qr1OMaWImb4JPI&google_cver=1&google_push=ATf1kGOdsMjAMRYZhPxGo1rhOMt737dxBNvMzxoMXmXiefEQOEF4MstMCEPG9gTnb92d0EAONLjPEMAhJESG1MELaOinUz8s-T2LSQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOdsMjAMRYZhPxGo1rhOMt737dxBNvMzxoMXmXiefEQOEF4MstMCEPG9gTnb92d0EAONLjPEMAhJESG1MELaOinUz8s-T2LSQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7cb5cfe799f19199-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 941F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBAFduniw3h_ZhxYxaGEP0A&google_cver=1&google_push=ATf1kGMM1z0cVpRxHOBlTZtw0-w05yK4kJ_4FTrS5BbH5SSElPL2RnXoAVV3BwdhmrB8NkS4SZLLO6-T7g8RmK...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNjAxNjYwMjMxMDk2NTM5MQ%3D%3D&google_push=ATf1kGMM1z0cVpRxHOBlTZtw0-w05yK4kJ_4FTrS5BbH5SSElPL2RnXoAVV3BwdhmrB8NkS4SZLLO6-T7g8RmKbYnU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNjAxNjYwMjMxMDk2NTM5MQ%3D%3D&google_push=ATf1kGMM1z0cVpRxHOBlTZtw0-w05yK4kJ_4FTrS5BbH5SSElPL2RnXoAVV3BwdhmrB8NkS4SZLLO6-T7g8RmKbYnUwcVxpzdJ-X
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNjAxNjYwMjMxMDk2NTM5MQ%3D%3D&google_push=ATf1kGMM1z0cVpRxHOBlTZtw0-w05yK4kJ_4FTrS5BbH5SSElPL2RnXoAVV3BwdhmrB8NkS4SZLLO6-T7g8RmKbYnUwcVxpzdJ-X
Date
Mon, 22 May 2023 14:40:03 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 941F
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEO8Kn8pL_7almaXTxqPqq9o&c_param1=ATf1kGM-9BOLjW7VyDo1I13UeMhzM8DxsEfNkbjBLCTN4YtEkhRoEvYk9Oou29YBnbILrQM6O_qcPiWG75xrnrrmT94nmmosqqssVw&gdpr=%%GDPR%...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGM-9BOLjW7VyDo1I13UeMhzM8DxsEfNkbjBLCTN4YtEkhRoEvYk9Oou29YBnbILrQM6O_qcPiWG75xrnrrmT94nmmosqqssVw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGM-9BOLjW7VyDo1I13UeMhzM8DxsEfNkbjBLCTN4YtEkhRoEvYk9Oou29YBnbILrQM6O_qcPiWG75xrnrrmT94nmmosqqssVw
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGM-9BOLjW7VyDo1I13UeMhzM8DxsEfNkbjBLCTN4YtEkhRoEvYk9Oou29YBnbILrQM6O_qcPiWG75xrnrrmT94nmmosqqssVw
date
Mon, 22 May 2023 14:40:03 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 941F
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJ0EoxGRANH-BiEpvt4hkdc&google_cver=1&google_push=ATf1kGNkLOjkn9bEfjhRupDd4A-0RPbENIvy1oDsMF0MhV3wmYVZRdRY0o7nAd_HPub_eT0LOmSaIARCvJEiI9jeP...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJ0EoxGRANH-BiEpvt4hkdc&google_cver=1&google_push=ATf1kGNkLOjkn9bEfjhRupDd4A-0RPbENIvy1oDsMF0MhV3wmYVZRdRY0o7nAd_HPub_eT0LOmSaIARCvJEiI9jeP...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNkLOjkn9bEfjhRupDd4A-0RPbENIvy1oDsMF0MhV3wmYVZRdRY0o7nAd_HPub_eT0LOmSaIARCvJEiI9jePBsYO0d3y94n&google_hm=GsEQuGZHbNnVuB61SYeKo7od
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNkLOjkn9bEfjhRupDd4A-0RPbENIvy1oDsMF0MhV3wmYVZRdRY0o7nAd_HPub_eT0LOmSaIARCvJEiI9jePBsYO0d3y94n&google_hm=GsEQuGZHbNnVuB61SYeKo7od
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 14:40:03 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNkLOjkn9bEfjhRupDd4A-0RPbENIvy1oDsMF0MhV3wmYVZRdRY0o7nAd_HPub_eT0LOmSaIARCvJEiI9jePBsYO0d3y94n&google_hm=GsEQuGZHbNnVuB61SYeKo7od
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pub
cs.chocolateplatform.com/ Frame 941F 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEDRgKcWVvHY0eBhykPyzy0o&google_cver=1&google_push=ATf1kGMUn2ITwPD_bvUQW7suFnbz_yezfy_TTf08hOyCohD7K0YgbtntZ38aCNn0MRXbqhCJ51Ypo0VBXvMAdN6mu54vv3DDM1xUuA
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
CookieSync Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 14:40:03 GMT
server
CookieSync Server
content-length
0
/
cc.adingo.jp/adx/push/ Frame 941F 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEOc-0yybuzMhS0CnpaguVlY&google_cver=1&google_push=ATf1kGPR44TEqqRq8BiMLbtu3RpytQUJFBgZ4NGyHX8TdGftrEQcmISOXfAT63XuKJ_EQd3xG3MTCI5Cj5dtRvCNultTvyv2ltNR5A
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.134.93 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-134-93.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame 941F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IpVAmJESgC3Ugn01v8TDI9VErzf9RlKADCiZ3TWCTK9Bljf0fAXcxN-7Ajumu9n4hYN5Dn
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6EDA 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Origin
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18770
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 6EDA 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJZZ8XWwev1Sh9q-wtPNShPH-itS8RGF_Cg558Qozilr8oXdd7M6k9ftvjm1oBdLgUatYEC91ceG8065pTqLwC-7lrMA&cry=1&dbm_d=AKAmf-AdOufLRQYO4dcdY4qkTLtsn58WuaPJAatjdCJEqMPBEhMOu_Sz9Wo91az4IOrdh_3KqspL6IaZ3pcBdhTEOxMK-g3bXtYt16gUw0kSwc1qZMBDBbB4p_k1DVBrZwsKJeBFnh0fbLFGQ9UXOd8x7HB8_5k-I78toE0_zF2Ho3KmQG3nfzBXfNmtoecNpGL-patiwF8r9JOWABGVY8tEdJ66WqkyrEF7r49LHRtMeO86PSTdogkRwNaS8f2gUfNZIbKSOBTJz-ScZbAiNKCDv5-rKwtnXRgunSASn0v_RP1N8AMiX2C0o4rKSDqQj3fQJWpEN98bu7paSB0Z9lpy3WnnTP_rfbyb7mHeOVdQkzeWAKJxZjRxOJAc2PE19rxD8dTncQ8VgdjXuC298q3Yq_Qp0mgxRITspvi6LpiOuMgQ7lHMQ1LdzIbVpRnlRqWVLv7JYgNJ8-jqXfxJYruUpcSzaxFNJLJDDAkN1MS6Apj09NHNkZLUML7jiAeIKTTLxh3xNLi3Q7hikMOr-w6iaDabrK7oGqxhih-EFxcBrDWacgj-j7sxj2W7R0Bsc401O6oCRDisLOsqmUK_eeeSktDGhx0Ezux8Tlu2NKLTNrc20tHRJYADmSYBi3HUHanDyTSLQwWZILhMuIsn6eXCcFt2mgt2bqztYDzkUeGVeR8KUK8b-hDzsySznvU7cKqihu5gzFcE8PMtK-6-D393X1AEvUkDdVI94c8whbLarkB8CHbtiij3Hgr-UDT6pN__VHdIqN6BxFfvy1-xIJ14mPd0GWYU7FdhSAov3sGRBlLuVsUSG09e1MVqljnYQsA1r_5gcG0SPclPU0QF7hJbU2Kxwzoj9fm3dTyuX1uHzAKZ-jdlqjWH1u_sTFcG2vKFOZmCPjHLLyIkuKueIGkn-5pYLu4sObZ-jAuiQ0LVUDOikCQiw3UUx3GTh1QZYMv0FperRuRGXboWtrHoSrQ3FQLrmEheLRcnyGvn4JiNGeDLvQfxT8ExgJIdjIGdWTEwGWvqcfXc3Drq_wtwc6a9sTgK26S-O6dWjvVgsFXD9nSnPDw3dvmD77Fn5I5vYim9ttI_0ylz3pwwzkBYflT9yogZv_OD0O6Af6G3AN0HDb2_vgkwgAzFhzgjKvRN27IdbzLl___BUc3kiFTBDobpBPLWY4H5yfaYl5v_ysynCzKIi-dQL_VE_-efoO7E5DgSpJw3lTV9oiqceOpPkzXp1D8Oh99XVjpUsdFRCqkUAM-2d9vdD7s2PKRgqO0NQFoh14J0w5IaVRj0uITMU2EH49awCaogLMt_AGeugu2llDf11pf-XBM4oo6Fu-qNRrFfKlsJ46mcrwP38CC_xS_fWHAhM1bnPeO-xmAknMQ99pOXrbQa2PnZ392bqBWf5lT1KE5mcE27hp1RXeoq0xKXL_owigTii39dShIrT9_zpt49oh75o3e9Jy6EtAYvKvG8T9aJRyJVy1mnpbI_t7rr-rpBmgyQVkAfD4jnpZN4i-HDHVDRz5sRKNxvRcsbhQnADQ_0_tJ2PmyqKefjJjcoXiIVpjkEpxZqpNoNemG25QMVe2ORIxPg3oRy8gc2YZMO0HjEYevMgskqTWM4dvesD_V8zjevssaQjDK7J25M41Xf-Jm4AHa3GvXOvoTZ1aP1cZuo4FTdonKjCvQI7VDipxGsR55zAFWSa8le7xqqSe1wKf69ie1YsayHjMQGI-jOunAt2WxwclCps1-eJTufUWzNWsjzJLZQIoOO9dBknDLgwqeYtFLw2bVSgb9CvQJHNWQZVG2coq47M8RmcrmQqe5QyDfKdR6yRPIuOL0UlZ7OvTJ4zrndgPB9mPqZ-ZYlYHkIBtQ26eu97Gnf97GyC7WaCa4uMnMAv73eCg-_Er2TFl6lKBMPdGcuWmwwPga1Mr8Szm8GY2ygI34bQKe9jaUwgtrc2IsBgEo7nX5DXeeeNJbY_3q4cb5ws2JbLzK05wwFxJ3mmx7lFU9h0tBOtxZNWOy3Q72sMqWMMml-J25c8TveHdssDB38BTBcEgcFWVeH8R4j9tIUoel0t1c8L8vCaZocMGQGiSaeMiKrAiYozwCPzJVXSdt__LFhqvN7m29dphefSVmDXtrFukRxTnyO-UyJw6_vyMRqPIBc6hQ4ORFj1LyrELnPDhgCw-ZqVIqg-_nKrE1JN8dWhFHjNeU3Zq9cM2p0521qcHyeCzlLKP2GwF65ObAY7Ea3Szcz72-BtS8awHflt0BsqQ97l83KiQd31eBJgJXF72rg3VrZGQ-_eC3pY-yMFBW7iP69CxjL0Slrs1HKusD-CWQdKNvdZOcfUFSzvlOie2JbAm4K2hMXJns5dTKjgClCmaAsmOhr2TFV8s6ipl_1rV3a-1OHFbR_pJfx7B5jUDwaeMIfZSX4yUtT5QiHinQPgUQyFiRXE1tCDvZ_ASQHgdbn_rg1IXoBNprGGFxVTw8DLO5BWoN1G_gRCcyA-_nADsCO3OHeYXuHHGAlMuohWTPCJaX7i-cAcddSISEoO14jpgopVjqnsd3yX1P1XJLTflxGuxqMCsO3hMNP8cilY1hY3x79dF_pxP1Bt2Uym7GnqSR6LleWfw5IWX6xUD9uT0qLa5JY2iRDQFqlpvYAUs5u_5G-TpyIy-aI7vHIKUqEXRw8hizHVn2mUrGzCO3kCUC0lv0MABiAnLD8gO8nCnCkPthUcbM2zeUNZsIK_JmMUriX0knEO5aU78RQTgblGa0cD6nwuiM7V7LsE9cgdD0RwWasJWHWWgto6a0PHTBm7yDNmNzsf90j4v46tieMhcsbDcuk0cEk3P2PdCnlep_04odgAuRC0pzt-VJTDvKU3Xx4atBAYDYmnJQkwxSfyLidiyrdl7KJecNi3xXr8KhGgGF7YB6ONC5NjUIdjEHgS6uRs3WETHJ_iJ52REdjvbIJCPOZ6vC3pM6QrTVPNH0HkE-kocLUtiJih28f2iqCvqv0UAILoGeHNtBLtI1Hpjf9AubPo9HCLyZ5YfzFBppWNcMhIWfA7o5UEYPSkN37PBcSBXYb0yk4GZ52RGQ6Pp1uQ2AndjUhcePoY5SWb-GzgGIHgKJOqDMf0SQ8HC-Xdg9a6BgMEA_Ok4ECgLONNww7zmk6a7a7EpTPQWumcqR_wRyE7ozkhd3S2tSPtConrMGOXCqgx7LA1Orub-E-7dY9HeyelGAz0NjxbKIsGsM-fXJ2WJEWnjnPxiae0-uFBGvyP3Q_kNf1rVmHCaYkzr9OtrfFTKKldhnegp4FFiSd-7v6tDBfMREfPWyor_N5M9irBjo-Z3gw__zVPii3rTEnWicAI6K5bdGy0De9aoQj5IyeXje4HhNFV-ioNhIhk_K8JPhesICi-lsHRPIhA_mb9P6938AlLNVWpinMtMKOxYhvaoq95VPpvDXnrq-22RIDLTk3t-V2_RjxmZES1-pz7ELdU4lakIDxTyOWbeadLH4SSqroRICS5XoQo5AQ9M9TBQZDLYkwrdGtQX7Rm0IQVRP4zB5022-oL6mt_z4uXxo6j5uzZMGwvoWLzDB1vPJ2cCKwTltKaJT-7MmxwcNpF8g1xdoBxzntWrzwHt-0YVp0OA_fUtgoVLgEYVw0an-q-91U64k&cid=CAQSOwBygQiDk16MvISuWxTN2p9heARYJj0QNt1JuZtPrdA8Uegr7Bm_yZcp18lgrkbzsP8f70NwXco5pmGXGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bandab.com.br%2F&ds=l&xdt=1&iif=1&cor=12188449494175971000&adk=2923430907&idt=112&cac=0&dtd=33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
14622
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:36:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 6EDA 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJZZ8XWwev1Sh9q-wtPNShPH-itS8RGF_Cg558Qozilr8oXdd7M6k9ftvjm1oBdLgUatYEC91ceG8065pTqLwC-7lrMA&cry=1&dbm_d=AKAmf-AdOufLRQYO4dcdY4qkTLtsn58WuaPJAatjdCJEqMPBEhMOu_Sz9Wo91az4IOrdh_3KqspL6IaZ3pcBdhTEOxMK-g3bXtYt16gUw0kSwc1qZMBDBbB4p_k1DVBrZwsKJeBFnh0fbLFGQ9UXOd8x7HB8_5k-I78toE0_zF2Ho3KmQG3nfzBXfNmtoecNpGL-patiwF8r9JOWABGVY8tEdJ66WqkyrEF7r49LHRtMeO86PSTdogkRwNaS8f2gUfNZIbKSOBTJz-ScZbAiNKCDv5-rKwtnXRgunSASn0v_RP1N8AMiX2C0o4rKSDqQj3fQJWpEN98bu7paSB0Z9lpy3WnnTP_rfbyb7mHeOVdQkzeWAKJxZjRxOJAc2PE19rxD8dTncQ8VgdjXuC298q3Yq_Qp0mgxRITspvi6LpiOuMgQ7lHMQ1LdzIbVpRnlRqWVLv7JYgNJ8-jqXfxJYruUpcSzaxFNJLJDDAkN1MS6Apj09NHNkZLUML7jiAeIKTTLxh3xNLi3Q7hikMOr-w6iaDabrK7oGqxhih-EFxcBrDWacgj-j7sxj2W7R0Bsc401O6oCRDisLOsqmUK_eeeSktDGhx0Ezux8Tlu2NKLTNrc20tHRJYADmSYBi3HUHanDyTSLQwWZILhMuIsn6eXCcFt2mgt2bqztYDzkUeGVeR8KUK8b-hDzsySznvU7cKqihu5gzFcE8PMtK-6-D393X1AEvUkDdVI94c8whbLarkB8CHbtiij3Hgr-UDT6pN__VHdIqN6BxFfvy1-xIJ14mPd0GWYU7FdhSAov3sGRBlLuVsUSG09e1MVqljnYQsA1r_5gcG0SPclPU0QF7hJbU2Kxwzoj9fm3dTyuX1uHzAKZ-jdlqjWH1u_sTFcG2vKFOZmCPjHLLyIkuKueIGkn-5pYLu4sObZ-jAuiQ0LVUDOikCQiw3UUx3GTh1QZYMv0FperRuRGXboWtrHoSrQ3FQLrmEheLRcnyGvn4JiNGeDLvQfxT8ExgJIdjIGdWTEwGWvqcfXc3Drq_wtwc6a9sTgK26S-O6dWjvVgsFXD9nSnPDw3dvmD77Fn5I5vYim9ttI_0ylz3pwwzkBYflT9yogZv_OD0O6Af6G3AN0HDb2_vgkwgAzFhzgjKvRN27IdbzLl___BUc3kiFTBDobpBPLWY4H5yfaYl5v_ysynCzKIi-dQL_VE_-efoO7E5DgSpJw3lTV9oiqceOpPkzXp1D8Oh99XVjpUsdFRCqkUAM-2d9vdD7s2PKRgqO0NQFoh14J0w5IaVRj0uITMU2EH49awCaogLMt_AGeugu2llDf11pf-XBM4oo6Fu-qNRrFfKlsJ46mcrwP38CC_xS_fWHAhM1bnPeO-xmAknMQ99pOXrbQa2PnZ392bqBWf5lT1KE5mcE27hp1RXeoq0xKXL_owigTii39dShIrT9_zpt49oh75o3e9Jy6EtAYvKvG8T9aJRyJVy1mnpbI_t7rr-rpBmgyQVkAfD4jnpZN4i-HDHVDRz5sRKNxvRcsbhQnADQ_0_tJ2PmyqKefjJjcoXiIVpjkEpxZqpNoNemG25QMVe2ORIxPg3oRy8gc2YZMO0HjEYevMgskqTWM4dvesD_V8zjevssaQjDK7J25M41Xf-Jm4AHa3GvXOvoTZ1aP1cZuo4FTdonKjCvQI7VDipxGsR55zAFWSa8le7xqqSe1wKf69ie1YsayHjMQGI-jOunAt2WxwclCps1-eJTufUWzNWsjzJLZQIoOO9dBknDLgwqeYtFLw2bVSgb9CvQJHNWQZVG2coq47M8RmcrmQqe5QyDfKdR6yRPIuOL0UlZ7OvTJ4zrndgPB9mPqZ-ZYlYHkIBtQ26eu97Gnf97GyC7WaCa4uMnMAv73eCg-_Er2TFl6lKBMPdGcuWmwwPga1Mr8Szm8GY2ygI34bQKe9jaUwgtrc2IsBgEo7nX5DXeeeNJbY_3q4cb5ws2JbLzK05wwFxJ3mmx7lFU9h0tBOtxZNWOy3Q72sMqWMMml-J25c8TveHdssDB38BTBcEgcFWVeH8R4j9tIUoel0t1c8L8vCaZocMGQGiSaeMiKrAiYozwCPzJVXSdt__LFhqvN7m29dphefSVmDXtrFukRxTnyO-UyJw6_vyMRqPIBc6hQ4ORFj1LyrELnPDhgCw-ZqVIqg-_nKrE1JN8dWhFHjNeU3Zq9cM2p0521qcHyeCzlLKP2GwF65ObAY7Ea3Szcz72-BtS8awHflt0BsqQ97l83KiQd31eBJgJXF72rg3VrZGQ-_eC3pY-yMFBW7iP69CxjL0Slrs1HKusD-CWQdKNvdZOcfUFSzvlOie2JbAm4K2hMXJns5dTKjgClCmaAsmOhr2TFV8s6ipl_1rV3a-1OHFbR_pJfx7B5jUDwaeMIfZSX4yUtT5QiHinQPgUQyFiRXE1tCDvZ_ASQHgdbn_rg1IXoBNprGGFxVTw8DLO5BWoN1G_gRCcyA-_nADsCO3OHeYXuHHGAlMuohWTPCJaX7i-cAcddSISEoO14jpgopVjqnsd3yX1P1XJLTflxGuxqMCsO3hMNP8cilY1hY3x79dF_pxP1Bt2Uym7GnqSR6LleWfw5IWX6xUD9uT0qLa5JY2iRDQFqlpvYAUs5u_5G-TpyIy-aI7vHIKUqEXRw8hizHVn2mUrGzCO3kCUC0lv0MABiAnLD8gO8nCnCkPthUcbM2zeUNZsIK_JmMUriX0knEO5aU78RQTgblGa0cD6nwuiM7V7LsE9cgdD0RwWasJWHWWgto6a0PHTBm7yDNmNzsf90j4v46tieMhcsbDcuk0cEk3P2PdCnlep_04odgAuRC0pzt-VJTDvKU3Xx4atBAYDYmnJQkwxSfyLidiyrdl7KJecNi3xXr8KhGgGF7YB6ONC5NjUIdjEHgS6uRs3WETHJ_iJ52REdjvbIJCPOZ6vC3pM6QrTVPNH0HkE-kocLUtiJih28f2iqCvqv0UAILoGeHNtBLtI1Hpjf9AubPo9HCLyZ5YfzFBppWNcMhIWfA7o5UEYPSkN37PBcSBXYb0yk4GZ52RGQ6Pp1uQ2AndjUhcePoY5SWb-GzgGIHgKJOqDMf0SQ8HC-Xdg9a6BgMEA_Ok4ECgLONNww7zmk6a7a7EpTPQWumcqR_wRyE7ozkhd3S2tSPtConrMGOXCqgx7LA1Orub-E-7dY9HeyelGAz0NjxbKIsGsM-fXJ2WJEWnjnPxiae0-uFBGvyP3Q_kNf1rVmHCaYkzr9OtrfFTKKldhnegp4FFiSd-7v6tDBfMREfPWyor_N5M9irBjo-Z3gw__zVPii3rTEnWicAI6K5bdGy0De9aoQj5IyeXje4HhNFV-ioNhIhk_K8JPhesICi-lsHRPIhA_mb9P6938AlLNVWpinMtMKOxYhvaoq95VPpvDXnrq-22RIDLTk3t-V2_RjxmZES1-pz7ELdU4lakIDxTyOWbeadLH4SSqroRICS5XoQo5AQ9M9TBQZDLYkwrdGtQX7Rm0IQVRP4zB5022-oL6mt_z4uXxo6j5uzZMGwvoWLzDB1vPJ2cCKwTltKaJT-7MmxwcNpF8g1xdoBxzntWrzwHt-0YVp0OA_fUtgoVLgEYVw0an-q-91U64k&cid=CAQSOwBygQiDk16MvISuWxTN2p9heARYJj0QNt1JuZtPrdA8Uegr7Bm_yZcp18lgrkbzsP8f70NwXco5pmGXGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bandab.com.br%2F&ds=l&xdt=1&iif=1&cor=12188449494175971000&adk=2923430907&idt=112&cac=0&dtd=33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
14622
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11001
x-xss-protection
0
server
cafe
etag
16383942900985251592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:36:21 GMT
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame C2AF 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kmfcv8q5ebbwyvk5shf37qn6kzg6r0rmbdqehcp9qppyvet41c8jz3xgjx4jn7em10eb7t60qrztg8ks55ae21shpzy64ssmsj8xkjqsnsj3ngexgg1h02chwy08rpcvz5j6s5fc6vcc6m01jpmht8rqra07gscpk93r1n2xwg4mf0bg0jvttz7ebe1rm8dzczmgf28q5sqbmwj8jwafay06b73q2c430sbz1xr2vz08my54pn3p5j47q3ga3zdp51k3xzfs9ajvt92n2p978814ck5e80j6qbwsx86m9m32hk7gpmz7jrrrhxvhd3rb7tbnbfp4a8e35wx8fjwpv5c0v8arrj1ytazf22adksas8m352ewg80zrag8fwm1mmnthk5pan6bhq926zf4cn0c2vj5rfrf3c81ek67nwcjgmwpewhb3rp6c7c1rvsy48shfwf58r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%26client%3Dca-pub-3619045887187031%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kmfcv8q5ebbwyvk5shf37qn6kzg6r0rmbdqehcp9qppyvet41c8jz3xgjx4jn7em10eb7t60qrztg8ks55ae21shpzy64ssmsj8xkjqsnsj3ngexgg1h02chwy08rpcvz5j6s5fc6vcc6m01jpmht8rqra07gscpk93r1n2xwg4mf0bg0jvttz7ebe1rm8dzczmgf28q5sqbmwj8jwafay06b73q2c430sbz1xr2vz08my54pn3p5j47q3ga3zdp51k3xzfs9ajvt92n2p978814ck5e80j6qbwsx86m9m32hk7gpmz7jrrrhxvhd3rb7tbnbfp4a8e35wx8fjwpv5c0v8arrj1ytazf22adksas8m352ewg80zrag8fwm1mmnthk5pan6bhq926zf4cn0c2vj5rfrf3c81ek67nwcjgmwpewhb3rp6c7c1rvsy48shfwf58r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%26client%3Dca-pub-3619045887187031%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
1206047
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oraGnpVxnGp5B37vhFSP3hLLurCZfvIDnHsYmKoelwzuIqpWxgr454zyuaYibGuCZdWo95I6iAp4MID%2FDHV7zOXvwNREFQ7Kz4qzmv6Lq9gWbbEdBvfYk8KFgHl9Fk8qI9VqJEyOuQU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cb5cfe80e980476-FRA
expires
Mon, 22 May 2023 15:40:03 GMT
r62eglto.js
ad4m.at/ Frame C2AF 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kmfcv8q5ebbwyvk5shf37qn6kzg6r0rmbdqehcp9qppyvet41c8jz3xgjx4jn7em10eb7t60qrztg8ks55ae21shpzy64ssmsj8xkjqsnsj3ngexgg1h02chwy08rpcvz5j6s5fc6vcc6m01jpmht8rqra07gscpk93r1n2xwg4mf0bg0jvttz7ebe1rm8dzczmgf28q5sqbmwj8jwafay06b73q2c430sbz1xr2vz08my54pn3p5j47q3ga3zdp51k3xzfs9ajvt92n2p978814ck5e80j6qbwsx86m9m32hk7gpmz7jrrrhxvhd3rb7tbnbfp4a8e35wx8fjwpv5c0v8arrj1ytazf22adksas8m352ewg80zrag8fwm1mmnthk5pan6bhq926zf4cn0c2vj5rfrf3c81ek67nwcjgmwpewhb3rp6c7c1rvsy48shfwf58r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%26client%3Dca-pub-3619045887187031%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
594990
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XflTaKzUvmOaK2%2BL%2BnHolX3vyV%2Bp39NtoTdiIMzO2ArpntqcmoyeMa4UoozAs1lKjgQgasdfg8u8bOjwdeiovt8fiXHBPElWlF3bVJCfZtnx11xeNw8V5Jow7Hv8aPjJ6kFeeR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7cb5cfe81e9a0476-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 09 May 2023 13:46:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 015A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2438
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 13:59:25 GMT
expires
Tue, 21 May 2024 13:59:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7E25 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a96a508dc58111f791dbcbf33b98995b1a222d9a59370dbf7998c8217f1c8468
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lzg7qxmlcCpLLYZfJr7FTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-lzg7qxmlcCpLLYZfJr7FTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:03 GMT
expires
Mon, 22 May 2023 14:40:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame CA30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGIqbkOkBMAE&v=APEucNWby5d1KXwyIU0B8pajHziup0HhO7N7ekwuNB_tlm5Zu5roEvoMBY5BZ3WHGq_ifTzmtKxRHYqSSOCMgTUKloJ7tX3PiyDBQPfvZly5X8DaAlwir607dvUxaEXkZBS7dddkutDUCG2o1NmGnBQb2pX0Gewl_CudmSxeuQ5T2zS--cs-prk
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CA30
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGt.w9Fr1DMayGvHe.zftQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGIqbkOkBMAE&v=APEucNWby5d1KXwyIU0B8pajHziup0HhO7N7ekwuNB_tlm5Zu5roEvoMBY5BZ3WHGq_ifTzmtKxRHYqSSOCMgTUKloJ7tX3PiyDBQPfvZly5X8DaAlwir607dvUxaEXkZBS7dddkutDUCG2o1NmGnBQb2pX0Gewl_CudmSxeuQ5T2zS--cs-prk
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSxLspxFDTEQ9jlKzue60M&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame CA30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPrILlbBBy3sVQkjCLTd8XE&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPrILlbBBy3sVQkjCLTd8XE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGIqbkOkBMAE&v=APEucNWby5d1KXwyIU0B8pajHziup0HhO7N7ekwuNB_tlm5Zu5roEvoMBY5BZ3WHGq_ifTzmtKxRHYqSSOCMgTUKloJ7tX3PiyDBQPfvZly5X8DaAlwir607dvUxaEXkZBS7dddkutDUCG2o1NmGnBQb2pX0Gewl_CudmSxeuQ5T2zS--cs-prk
Protocol
HTTP/1.1
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:03 GMT
AN-X-Request-Uuid
acaa4a76-201e-4d42-9723-177b4f8aa8f0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPrILlbBBy3sVQkjCLTd8XE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CA30
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc3NDUyMzkzNzcyNzUzNjI5Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc3NDUyMzkzNzcyNzUzNjI5Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGIqbkOkBMAE&v=APEucNWby5d1KXwyIU0B8pajHziup0HhO7N7ekwuNB_tlm5Zu5roEvoMBY5BZ3WHGq_ifTzmtKxRHYqSSOCMgTUKloJ7tX3PiyDBQPfvZly5X8DaAlwir607dvUxaEXkZBS7dddkutDUCG2o1NmGnBQb2pX0Gewl_CudmSxeuQ5T2zS--cs-prk
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 14:40:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
351703f7-eddb-4c0a-bdeb-f0dec9637e3a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc3NDUyMzkzNzcyNzUzNjI5Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5351877245125&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5351877245125&version=m202301230201&ct=76&x=1&cor=8997772101050812000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 064E 		86 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjKTKYmS_LHc7d4RQrsVdoG4glfu8uA5JkEWlc85Sj7H2dr1tZf3n-JXvuu2jcg1UJSx1S0HfXPo2katolouq-KsGgNw&cry=1&dbm_d=AKAmf-Ark74VOalz05DbDHJ8csE7avJ3gOa4T94ntOkl7lY15BuPY6OGzQh_c58e54OOGqz3gZ9-Ex9qS2rVFcsl3xr2rbRBrcmBiRWHsAawTjbQhACCqkWrDUO2HW8jM-WICVmqUNUH-bYp8uVaw8FLX6euqGmDwa7tGOnIPgIthIDpzX3mxr_BKRUocgaSiuZnc4dV-QVLVqdFBvWUNbbneNyeVDuZwasCJAm4QEJd4qgzrYdLMoEE4KZn965p5shF1LDDC3Ax6NHevCqa3umAXO2ceraHpRm0bQqv4bBzfL-t34BCAh86bi6W2h-UDH2RtJMLaK1rK7oS7mJfETRmCJ5jIH3bDwStzPja2W6ApfYTBjL1RP6yEq_2Rer46UZl6432eS2r4fVBBpwSrdpduOMjb1yYOxJJRUIZg5E8EE5JR2fcjU1JY1fC_adDF1RKe78AIcesbf7r2QmyHWXeeh9VMRQ9GacjJgTNBefZTyoyaOmoNCjsUpJHXTVHZ-bixuS4Dm3QnfNanJO_MCkkLGRPOBuYcjz0ctBAFfAGYQhuErdqWKdyNkPfIahxvFiHr4PHXpLpmDOfjBd77QYs2S6tFpQtUyBWkvzgUJqp8DZEK47Zn28lYVZxt5X4Q-jGHnDFwIv-bBaK1owqUbYDmGAvxfeiPWnXOzpf3GXUTqyIwe2M_hcdwVopz7ihmpG8xtVgCJyjEQeDUl5eBEQlIvGhc6RuqnG8Ci6oKWnITFeP4DxpfsAzASS0PpmYS4d2hbDNIXQDJZVENxtRJyBgGTddsKzTDngGdI8RbDHhO-WYHMeGiL2PButLmgV1LQ9sODdLxXv1AqbxHevkzqICQNs1BIwLUbh0k58_hpOpB3hwIgBOQfccVHl_SjKZxVhQtE7rZmulHSl5YcAl0u6s2RdlPhoNizcg2CgF80M-eTjCZrdka7kAE268Ir0Ba4Ai4WPNC7wyimRecsZ95J7uYEobCPl68cmocV0w11UkGahlJMfwGuNI8WMjTTQPqD09gOaDPh-hoQyrFoS0eF_yTWQFhyGZqhBT9Q2dOBuVFsefzk-GhUcYZ_mg6V-GltDSy0RYWzCtGjMGkCX1R93P2jWEgwnm1DZFN81u0lq9hed2crfTxmBYy9vae4wrDA4i_gmOVv1uxlAsokEg6DvEa5KJTmvtq5EUGAK-WFGbrzB7el-xbrBehZSqNyY1-8d1pkZy3-5WWpagJXKF4ugVeT1jeZBe47q6HYHLU97TF2ezYF-eQHvYZQiF97VY7tDS6H50ntTbgB79ZrQfJNv9lc74XWE9IOG7W5YimXn-sk-ZdnhyxZS3afKcuh9SVFIzajsl1NDewmN8J8fFSvcBhdMKrCZNArjKs0s385I1f1-aqhIze2ppie-qytwtUlIO6v9MRVCXkBClUfrbYo4GiOPZHggTpV7CuLBj-xgur5N579O-BB_Zb3xt_zStTuyph9uF8-sli0YYy0E_PICtwOjyJskxnY3nJseuGjXVtBpOi7jwZOgi1rvVNLuC2tiUw3iAi2Y0fDVpsTOR9bL9EkC86O3IboGRTAS0LvVx96qwfeg_7JOEZqrAycwQ5yM6Di6XweF5VEw5nHePpJqf3SLpXemr5S0RqdcI4QtaZjz70vfApxWEzEJXjVO4b5MwjEMvUPjrV69vn5i0TzxWvN7-toHUsKfYn2Ufj6A2xyAs0S1xuDSom34h2Sf3GyCTZ7npNL1z1rfefEPABz2wDG7Q4SwDE6wfTZq9LLZrpkC4uNYfq0IkugMqzVxPzRah-NTQhYI_oS6N-xt08wyGLIiyJxyyS3RJlF5Mryv3Tlz4Mqz-kCDY2dzrOolTzU1Lym6AU0JqisiXJUvJxKbU1Kw_whyQ1GaQRyMXn0MrAj4zVzqS5BQTfrTISrhY41VtacBLTEwCZxny8_LwMrKIIHw5C9rbrdSrmfMVRgICT-YrZ2LDZm_7bcJ0tKrTZxoFGvhnxF9ZAQtmy9I3IJhblbl1KEodcPeinkHcAJZSiPyJwoUfPcrJ3ck8NUy0R27WrmexmGI-gMUW2LwUdDsqr4GBMEEbvbex8ignJCrtKc7fM4OIrT3YMDwq8iCoe04_ACbrdMG4LYlThycp92LuICfQyJ__7b54oeye_HN3Zn-Q2J54LfeQ5jXsqTqOZwBQvMt9fxbnIV-3dPSygsmsmDG_gotso0SVKSF4zxCdjj1FNQSFGZfILzzY6vik5aM4qCDorhBXAAdiyFlO2gmnmhIdUH7lR3SuVp9sbTgr5pk2U_Dojc5WkCXdYsWkCyCYC_EX24Od10xPMN8H6y7UjPL2BtJ_J6ttBV8dfxxrd143gAr4mw9eD7W-I0lduSwjCRomShdly-hMmryCvRoO4tMuskhuYCzuHnzu7aSAf4bmZWkshd5fHFhVqjQRaGFzYQKy8tg49k5hECXAUFj7rDgJVwaFhdZV_HBiuWM8FPALyTx5wMvFpCb9Mj_SdqOTMHBFRroT3JnxXQt2rr_F69ya2P4dOvudQ-G-Q_-JoduC-kro6C0bALKq3r6OCOfSfncoN_0e2jhsGzmImF7i1cAF2vVNO0Jz1DJ6U87snGg_jMI5knwmmbarXvJ3aEr0d5pnM3eD_-JFadYk-x_WmetdlV0vgCHer_7BnNoS1G-_0Nh_h2RDvSQXQs10PpezVe5_nFBG_ETFHezPt4UMbNeUByZrign66awUKOqgGfUpwSnN2aYhGD_6uxbJ1gklV8_aMry_nLF6UAqCIJwRUdH7dWfFfqIpafFH6XCfpARxkbxEJ4Wo1dog0vyJNkNwYv5ohtARABTkwsQIlSoqoGiUjRpqGEAM44kvrvoL_-dHIm2arm6ZwDOUdsoaniTzI5v9YbZGHtR04p-_D0VZGgFuDqAMqjStfskdfp82B-d9W0n1LFslJBQtBEAC0NJ26utDfynKgM4R7b71PdzbNd04haxg86hVQF2XF70acXu2BgIj21SJiWjt1P3DC8_FgmJLKXnRoW4vft31qDgeu0-TsN4RZpCG-S5Wn5dfNvVLCjNRKRT2lvJdu4CZeqqtURayRF5w1gowQbk54O5RKM71GCO87ZyVXoix2Lg5Bqnn3K7bx5soHKWEBuN0NO_Ei_sv9jWY4b6-_h8wAdypCWeN7SOzZqr4PFt6-nA9tMXqC4GaO-TNvdmiGpDQwDGDrd5dvjTnVSIO_OJLwxY0PdkTbgylnAJWd4cVrYcmrmEbIa9rsVzaIG9trzci1dlklVYK9BxfFLMTvGdPjrH5NrfO3IGtu7bijfDVISUj4rIbAId0kD3Qe8lVH70OiGIqY6qcVYEjWOE6_mMQ180EFWf7L2z5Dd2GHxp9C8F5GBpqziROLpR2icsuNd9MwO5sHxWlQhqf5LhRRp_q_-pK_LPx6mWdRV-AphRsPFnFLTzX2FtOpoH27MTJPZLjp_4_b8eRSd-MtVfkW-OFKz8HS3aPQo8jk2R0z-3Jdb_gZakbnc6yiAB9vUBml_7otsrUuBi7JEQu_RCjT8JvKZB6IOPLIShGc4G2MaKAPEbu3-0yxxwj7FJpcJzfD3l1rcNwqPA_jxSNEaAuW3Qoew1xZrQO7NLSBiNbiszCRCoTG-FDq8hRpzZTyn0upoe46O15e8VDDXJm8ocOnV3aTlc-QYqqiFnUmOaEU0L9M277ldwIWdc6HX-eA52AXgw4QXT7yCxbZuRz3OEZ_pIXp6FP8fnyGVbdVw&cid=CAQSOwBygQiD91hujS2L4NN6l4KO2zD8MRfHaBGRZwQBHj0W6pt-TU_Axp9omjFmTE2abI1ucsD9LoZIkMQfGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bandab.com.br%2F&ds=l&xdt=1&iif=1&cor=8997772101050812000&adk=2228999115&idt=127&cac=0&dtd=27
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceb052f605d12555bea80bd885b725c126c50ef4a82035c4bee838d2f5d2e88d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36742
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame ECA5 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBbl-jaOPNrC6zkaOUvv_jA&google_cver=1&google_push=ATf1kGPrq4KuKM4r5_4DvVFG4-6vmmXeiQIkXgMy9S1JHDdrTsC_Vo_IY_4KIwPgCEBazDBX3j1vT_DV8llRclUDwnsr64wQus8
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams02-nessy-float2.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame ECA5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGeweGXRWkxZsNAPpftNj7w&google_push=ATf1kGOh-jV809GuCeEH0T5kkmHCiEyhDsPDQbdwS4A9iFxWOAfxEa7U8V...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGeweGXRWkxZsNAPpftNj7w&google_push=ATf1kGOh-jV809GuCeEH0T5kkmHCiEyhDsPDQbdwS4A9iFxWOAfxEa7U8VBkn6B9rLgUKAbFS5V9AVFppoEZ0OwkkL78npssOw
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230128-FRA
pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1684766404.002557,VS0,VE88
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGeweGXRWkxZsNAPpftNj7w&google_push=ATf1kGOh-jV809GuCeEH0T5kkmHCiEyhDsPDQbdwS4A9iFxWOAfxEa7U8VBkn6B9rLgUKAbFS5V9AVFppoEZ0OwkkL78npssOw
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame ECA5
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECXl2kVpE8ikDyWlKpObL9A&google_cver=1&google_push=ATf1kGMo6xssNAwFBiO-osfGc4x3fZjbrbedMVBBbci4F7DW_AYXkl_P7zjPW90OyK5tfoSDDoFtW2_fitL...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMo6xssNAwFBiO-osfGc4x3fZjbrbedMVBBbci4F7DW_AYXkl_P7zjPW90OyK5tfoSDDoFtW2_fitLhNAP1Yf4IogJ6OTI&google_hm=Rwe3HHLdQcq91uewQXrgKQk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMo6xssNAwFBiO-osfGc4x3fZjbrbedMVBBbci4F7DW_AYXkl_P7zjPW90OyK5tfoSDDoFtW2_fitLhNAP1Yf4IogJ6OTI&google_hm=Rwe3HHLdQcq91uewQXrgKQk
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMo6xssNAwFBiO-osfGc4x3fZjbrbedMVBBbci4F7DW_AYXkl_P7zjPW90OyK5tfoSDDoFtW2_fitLhNAP1Yf4IogJ6OTI&google_hm=Rwe3HHLdQcq91uewQXrgKQk
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
adx
pr-bh.ybp.yahoo.com/sync/ Frame ECA5 		0
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHTM_XmbqukpSDgRLOJZKrM&google_cver=1&google_push=ATf1kGMT6B6W9WZSmYFA1cyyY79rvpMKN5MssfWRDqoYYXduAvLco6DIYHRPKQNXOHg7Iqri24QOVNz8oAQYRjx65O74VJPO3Bw
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:d660:350f:5ea6:8858 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame ECA5 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEN_s7MdolGE72fstpoYwzcg&google_cver=1&google_push=ATf1kGNqZkhB7K7eEfwW073rlZ2HU7fmGKiISiD2R4O_QcQmQbiyO7tVcF1rxEawA6AGZATtU7nYOdHmt9iQA2Q3_kFAycz8zg
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
197729
expires
Mon, 22 May 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame ECA5 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEAH4dzkjK4T_W7J9WQLp2nE&google_cver=1&google_push=ATf1kGOJIPK2wtKZObjjxfrqRQQy3O42SafHfd_W7looQ-rt0PLx-0Te53Gi8mYtfUSfUYIwI-2JLGiaKOcKI3xRf2AdHDW7m_c
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame ECA5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF71Ormx_bAJ4C6KZbrT-Fw&google_cver=1&google_push=ATf1kGNybWPfjfQgukgN9Z9_dvle5SIH5PnCzW1OplSFwwURIhD8hgbpIGn4AJ2vWB7u6dBTGAX...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZWUVaWjYtMjAtQ1k2Rw==&google_push=ATf1kGNybWPfjfQgukgN9Z9_dvle5SIH5PnCzW1OplSFwwURIhD8hgbpIGn4AJ2vWB7u6dBTGAXgzypmfJQyhgI0sp7brwRqT2s
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZWUVaWjYtMjAtQ1k2Rw==&google_push=ATf1kGNybWPfjfQgukgN9Z9_dvle5SIH5PnCzW1OplSFwwURIhD8hgbpIGn4AJ2vWB7u6dBTGAXgzypmfJQyhgI0sp7brwRqT2s
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZWUVaWjYtMjAtQ1k2Rw==&google_push=ATf1kGNybWPfjfQgukgN9Z9_dvle5SIH5PnCzW1OplSFwwURIhD8hgbpIGn4AJ2vWB7u6dBTGAXgzypmfJQyhgI0sp7brwRqT2s
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame ECA5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IXFJhwUpvUNH3Cn6M2wYs40PU8sFhdj3baPUhg5JJkzpKTcSmYnjrHYDNKj6xmvlEolS3a
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9A42 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
394
x-guploader-uploadid
ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZDrqclkEUUizv4EaMQJLaUt2lFiCxht8zQCoeOITUSyC414Lcc%2Buswn4V0mkkC4KlmAQHN0HwdzaDDnN9QqNodAlNHLGVSbzD3upeIhRbaphCk0%2Ft69%2BddeK%2BMNA9bnJMMVc9JaFXnwk8bq24SmRFKN"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7cb5cfe9091f3a76-FRA
expires
Mon, 22 May 2023 14:42:42 GMT
index.html
s0.2mdn.net/sadbundle/6227621190088989798/ Frame 8C26 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6227621190088989798/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
560bcb51ce6dc23b896ad41c74087121eef0ce078fc89ea611a01ca2b3132e0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
25824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4016
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 07:29:40 GMT
expires
Tue, 21 May 2024 07:29:40 GMT
last-modified
Fri, 05 May 2023 13:01:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6EDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst2n4R6h5dsa_RtqP0LxNF3LBrcAgP-9FHJyjyszPb2Kp65dcNa7YHlrAt1ZwGZw5o-xRhF9gQUL0yun2EhyURuaQ6sW8jDVkq5eoA5liNeiBpkXL6AN1Dv1TY_QlgkGE2wM_9tUcplvR8NWcYqKkJ8uzsEkAHtrBGxsYQJuiiAu5wgRTpPtgbWKJLYP4Ur40fdnMg8CqqEyixFA6ARhxmIW3TZzNqKGNz0G6lAudSd3kpUVK-7gBntJ6jALt6bIX8UTK9lrb5BkTsIKTwkBgPicZk1tgj7QEybGMVMFzdzT-3CTZJzAcLb6vfzwYzLmwrFMZTwSg1PljnUMXJC1ZOYdIC2q9QdXSxVJJmlJp6EnHjrlh6JNzFT-GIll7086UwZ00Lo2eyDkMX0e6af2TERl4qdS8gq2O5j32fBoBqSGnqcVm3LHi-ajGNjh6kRtkwHVsPl788dkGJcHar9FKLKL8vPl0YO-USb3vevyb7dLFgvdJv2ZWrmI6ItXlJ8DrH0Cxp0rStQn22h42g8huRvf4iGdg9LBpLSLlSzBgbarvxnH6cXnX-OtVIdMN3hJxfBIpR-kwe1z_06h4pA0Sd5WybahEgFiX8Ibi-h34hIBsUD3XZOL6_7djjlqyhSKnFMj9XkAYzY2yNUUhyLDdLSRqyMmKESP3b1IscIYpsEsCejHxZookq0UJ0v9IwUkSVi-xTF9VAY8YTNSpSrSURBER_-By21ENMjdtJ6eMi9_tr7iLdmt9g00EbpechcvX-Dl5Mm39Xt7vT7vDS5Pq6z24N4V585JE2DUN-oTNGAOh0wJ1k7HPSJEQAkdYFO1tANRtN9qkcAYboGuREFgk2d2DXurE5DYtHMiT044hPh1tvc854A8q4YXr42JZyowrVwJn8xT8VdGchHIDKsOV_nihnU7ZlJbunSBS2v5Jzyrn6lc-_W61Xt6osLQAj_4C1UvwtqrUl8Zvxh2pjIOw34NWwMYQ_LUP4zyeSPIQkB2hxUvIGOpyGXED-Ur0uH2KCMtKWzOgcgvQK3iY_9v5ZDAIMPuSLDfz8z1JuM_7VhFOI5Zs2Qy0N-lhb33yhEkuptItjCKKf-ojxV8VTE07PnWdhLgpNFigQTP2OVDlrUxtSUem1wW4qkbnFH4ZeSfNvLAghGh3FBmVk2V8gVibcDpBdKnOIrhn3AOog9a9sp8he6z5DS6zcjMExApkKQIGZdFNozF5HqVN_u1JmcSkkIyN1JPoS1uhXS63QShwxD0-xKf5EIGnwBOo1G3Am3sLVwFAWDSj5RoQT8xv9YkK0wZWjrFiqHPLiY35r0COtATZrVE4s&sai=AMfl-YSlgdk0Lj7QrVRnyaTm-L4PVEdrbwLfCRrC9qNLn-Zex1HSG_ZmDvlNZXWaptXOIDAfUvFLWVWWCyeNVssllMbVn-2KeLdlbjMr7vE8bhSKMCaTHztxQ85Asc_usbpkngnmdR9XGgRo9PpgWwF9yKpnIIRMo__JwUNdgo5I4vzn50pu7zMc4AKqgiN66-hwNVw9oXJdyTNt-GAJSPcDrXUvs_lGCgOoqjJotoeAhKNp-6i2vV_RLunE5TAREFqgqCdv&sig=Cg0ArKJSzLTa_sXV4hVbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=214&cbvp=1&cstd=210&cisv=r20230517.97741&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 May 2023 14:40:04 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 22 May 2023 14:40:04 GMT
ai.aspx
m.exactag.com/ Frame 6EDA 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=8&extPu=31180-dfa&extLi=29882837&extCr=191262100&extPm=366664431&gdpr=&gdpr_consent=
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.10 Grenzach-Wyhlen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 14:40:03 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mo, 22 Mai 2023 02:40:03 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1645
Expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 07B2 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3dbcc888c4fd1f9437c817782240fb515e619813ee617513244a81e3326d2b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
frame.html
ad4m.at/ Frame E9B4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
99253
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7cb5cfe92fd70476-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 14:40:04 GMT
expires
Mon, 08 May 2023 00:16:30 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yU0pLSSxULvjM36%2BkoS4JzuOVeD%2FaA6W2SbGXyT6rjwb%2BW1bCgpUVzSxfRyK%2BeeumsL8znHvSUwsk6ittRsBlS1k4GZ8dZc5NO3GpN5ZU5OfP0wDQnuO2bRAIaFjMfIq2GMBR1U%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C2AF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
394
x-guploader-uploadid
ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXa5oQPdXJZpvJlwKGJ69ckQZmcxxBAx0cTK%2BsgjqLi3CavD3g5iv2O8ZajaXkQ%2FLGsDSOX8Dq4zCibllrJtrFg44601UTt%2BGkJ%2FwXS9NpgdEVGEZWzQ%2BDpiuJpyG77NCjrl2VjetIUwTgmrZ8Qx%2B72n"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7cb5cfe9496c3a76-FRA
expires
Mon, 22 May 2023 14:42:42 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8C26 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6227621190088989798/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6227621190088989798/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 14:40:04 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6EDA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70489
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 May 2024 19:05:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9FAC 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Tue, 23 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6EDA 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e5d2fee3f71fad3b1ac7c100001c25b43f61e44827217138e9f935b8af8e894

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 064E 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Origin
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 064E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjKTKYmS_LHc7d4RQrsVdoG4glfu8uA5JkEWlc85Sj7H2dr1tZf3n-JXvuu2jcg1UJSx1S0HfXPo2katolouq-KsGgNw&cry=1&dbm_d=AKAmf-Ark74VOalz05DbDHJ8csE7avJ3gOa4T94ntOkl7lY15BuPY6OGzQh_c58e54OOGqz3gZ9-Ex9qS2rVFcsl3xr2rbRBrcmBiRWHsAawTjbQhACCqkWrDUO2HW8jM-WICVmqUNUH-bYp8uVaw8FLX6euqGmDwa7tGOnIPgIthIDpzX3mxr_BKRUocgaSiuZnc4dV-QVLVqdFBvWUNbbneNyeVDuZwasCJAm4QEJd4qgzrYdLMoEE4KZn965p5shF1LDDC3Ax6NHevCqa3umAXO2ceraHpRm0bQqv4bBzfL-t34BCAh86bi6W2h-UDH2RtJMLaK1rK7oS7mJfETRmCJ5jIH3bDwStzPja2W6ApfYTBjL1RP6yEq_2Rer46UZl6432eS2r4fVBBpwSrdpduOMjb1yYOxJJRUIZg5E8EE5JR2fcjU1JY1fC_adDF1RKe78AIcesbf7r2QmyHWXeeh9VMRQ9GacjJgTNBefZTyoyaOmoNCjsUpJHXTVHZ-bixuS4Dm3QnfNanJO_MCkkLGRPOBuYcjz0ctBAFfAGYQhuErdqWKdyNkPfIahxvFiHr4PHXpLpmDOfjBd77QYs2S6tFpQtUyBWkvzgUJqp8DZEK47Zn28lYVZxt5X4Q-jGHnDFwIv-bBaK1owqUbYDmGAvxfeiPWnXOzpf3GXUTqyIwe2M_hcdwVopz7ihmpG8xtVgCJyjEQeDUl5eBEQlIvGhc6RuqnG8Ci6oKWnITFeP4DxpfsAzASS0PpmYS4d2hbDNIXQDJZVENxtRJyBgGTddsKzTDngGdI8RbDHhO-WYHMeGiL2PButLmgV1LQ9sODdLxXv1AqbxHevkzqICQNs1BIwLUbh0k58_hpOpB3hwIgBOQfccVHl_SjKZxVhQtE7rZmulHSl5YcAl0u6s2RdlPhoNizcg2CgF80M-eTjCZrdka7kAE268Ir0Ba4Ai4WPNC7wyimRecsZ95J7uYEobCPl68cmocV0w11UkGahlJMfwGuNI8WMjTTQPqD09gOaDPh-hoQyrFoS0eF_yTWQFhyGZqhBT9Q2dOBuVFsefzk-GhUcYZ_mg6V-GltDSy0RYWzCtGjMGkCX1R93P2jWEgwnm1DZFN81u0lq9hed2crfTxmBYy9vae4wrDA4i_gmOVv1uxlAsokEg6DvEa5KJTmvtq5EUGAK-WFGbrzB7el-xbrBehZSqNyY1-8d1pkZy3-5WWpagJXKF4ugVeT1jeZBe47q6HYHLU97TF2ezYF-eQHvYZQiF97VY7tDS6H50ntTbgB79ZrQfJNv9lc74XWE9IOG7W5YimXn-sk-ZdnhyxZS3afKcuh9SVFIzajsl1NDewmN8J8fFSvcBhdMKrCZNArjKs0s385I1f1-aqhIze2ppie-qytwtUlIO6v9MRVCXkBClUfrbYo4GiOPZHggTpV7CuLBj-xgur5N579O-BB_Zb3xt_zStTuyph9uF8-sli0YYy0E_PICtwOjyJskxnY3nJseuGjXVtBpOi7jwZOgi1rvVNLuC2tiUw3iAi2Y0fDVpsTOR9bL9EkC86O3IboGRTAS0LvVx96qwfeg_7JOEZqrAycwQ5yM6Di6XweF5VEw5nHePpJqf3SLpXemr5S0RqdcI4QtaZjz70vfApxWEzEJXjVO4b5MwjEMvUPjrV69vn5i0TzxWvN7-toHUsKfYn2Ufj6A2xyAs0S1xuDSom34h2Sf3GyCTZ7npNL1z1rfefEPABz2wDG7Q4SwDE6wfTZq9LLZrpkC4uNYfq0IkugMqzVxPzRah-NTQhYI_oS6N-xt08wyGLIiyJxyyS3RJlF5Mryv3Tlz4Mqz-kCDY2dzrOolTzU1Lym6AU0JqisiXJUvJxKbU1Kw_whyQ1GaQRyMXn0MrAj4zVzqS5BQTfrTISrhY41VtacBLTEwCZxny8_LwMrKIIHw5C9rbrdSrmfMVRgICT-YrZ2LDZm_7bcJ0tKrTZxoFGvhnxF9ZAQtmy9I3IJhblbl1KEodcPeinkHcAJZSiPyJwoUfPcrJ3ck8NUy0R27WrmexmGI-gMUW2LwUdDsqr4GBMEEbvbex8ignJCrtKc7fM4OIrT3YMDwq8iCoe04_ACbrdMG4LYlThycp92LuICfQyJ__7b54oeye_HN3Zn-Q2J54LfeQ5jXsqTqOZwBQvMt9fxbnIV-3dPSygsmsmDG_gotso0SVKSF4zxCdjj1FNQSFGZfILzzY6vik5aM4qCDorhBXAAdiyFlO2gmnmhIdUH7lR3SuVp9sbTgr5pk2U_Dojc5WkCXdYsWkCyCYC_EX24Od10xPMN8H6y7UjPL2BtJ_J6ttBV8dfxxrd143gAr4mw9eD7W-I0lduSwjCRomShdly-hMmryCvRoO4tMuskhuYCzuHnzu7aSAf4bmZWkshd5fHFhVqjQRaGFzYQKy8tg49k5hECXAUFj7rDgJVwaFhdZV_HBiuWM8FPALyTx5wMvFpCb9Mj_SdqOTMHBFRroT3JnxXQt2rr_F69ya2P4dOvudQ-G-Q_-JoduC-kro6C0bALKq3r6OCOfSfncoN_0e2jhsGzmImF7i1cAF2vVNO0Jz1DJ6U87snGg_jMI5knwmmbarXvJ3aEr0d5pnM3eD_-JFadYk-x_WmetdlV0vgCHer_7BnNoS1G-_0Nh_h2RDvSQXQs10PpezVe5_nFBG_ETFHezPt4UMbNeUByZrign66awUKOqgGfUpwSnN2aYhGD_6uxbJ1gklV8_aMry_nLF6UAqCIJwRUdH7dWfFfqIpafFH6XCfpARxkbxEJ4Wo1dog0vyJNkNwYv5ohtARABTkwsQIlSoqoGiUjRpqGEAM44kvrvoL_-dHIm2arm6ZwDOUdsoaniTzI5v9YbZGHtR04p-_D0VZGgFuDqAMqjStfskdfp82B-d9W0n1LFslJBQtBEAC0NJ26utDfynKgM4R7b71PdzbNd04haxg86hVQF2XF70acXu2BgIj21SJiWjt1P3DC8_FgmJLKXnRoW4vft31qDgeu0-TsN4RZpCG-S5Wn5dfNvVLCjNRKRT2lvJdu4CZeqqtURayRF5w1gowQbk54O5RKM71GCO87ZyVXoix2Lg5Bqnn3K7bx5soHKWEBuN0NO_Ei_sv9jWY4b6-_h8wAdypCWeN7SOzZqr4PFt6-nA9tMXqC4GaO-TNvdmiGpDQwDGDrd5dvjTnVSIO_OJLwxY0PdkTbgylnAJWd4cVrYcmrmEbIa9rsVzaIG9trzci1dlklVYK9BxfFLMTvGdPjrH5NrfO3IGtu7bijfDVISUj4rIbAId0kD3Qe8lVH70OiGIqY6qcVYEjWOE6_mMQ180EFWf7L2z5Dd2GHxp9C8F5GBpqziROLpR2icsuNd9MwO5sHxWlQhqf5LhRRp_q_-pK_LPx6mWdRV-AphRsPFnFLTzX2FtOpoH27MTJPZLjp_4_b8eRSd-MtVfkW-OFKz8HS3aPQo8jk2R0z-3Jdb_gZakbnc6yiAB9vUBml_7otsrUuBi7JEQu_RCjT8JvKZB6IOPLIShGc4G2MaKAPEbu3-0yxxwj7FJpcJzfD3l1rcNwqPA_jxSNEaAuW3Qoew1xZrQO7NLSBiNbiszCRCoTG-FDq8hRpzZTyn0upoe46O15e8VDDXJm8ocOnV3aTlc-QYqqiFnUmOaEU0L9M277ldwIWdc6HX-eA52AXgw4QXT7yCxbZuRz3OEZ_pIXp6FP8fnyGVbdVw&cid=CAQSOwBygQiD91hujS2L4NN6l4KO2zD8MRfHaBGRZwQBHj0W6pt-TU_Axp9omjFmTE2abI1ucsD9LoZIkMQfGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bandab.com.br%2F&ds=l&xdt=1&iif=1&cor=8997772101050812000&adk=2228999115&idt=127&cac=0&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
14623
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:36:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 064E 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjKTKYmS_LHc7d4RQrsVdoG4glfu8uA5JkEWlc85Sj7H2dr1tZf3n-JXvuu2jcg1UJSx1S0HfXPo2katolouq-KsGgNw&cry=1&dbm_d=AKAmf-Ark74VOalz05DbDHJ8csE7avJ3gOa4T94ntOkl7lY15BuPY6OGzQh_c58e54OOGqz3gZ9-Ex9qS2rVFcsl3xr2rbRBrcmBiRWHsAawTjbQhACCqkWrDUO2HW8jM-WICVmqUNUH-bYp8uVaw8FLX6euqGmDwa7tGOnIPgIthIDpzX3mxr_BKRUocgaSiuZnc4dV-QVLVqdFBvWUNbbneNyeVDuZwasCJAm4QEJd4qgzrYdLMoEE4KZn965p5shF1LDDC3Ax6NHevCqa3umAXO2ceraHpRm0bQqv4bBzfL-t34BCAh86bi6W2h-UDH2RtJMLaK1rK7oS7mJfETRmCJ5jIH3bDwStzPja2W6ApfYTBjL1RP6yEq_2Rer46UZl6432eS2r4fVBBpwSrdpduOMjb1yYOxJJRUIZg5E8EE5JR2fcjU1JY1fC_adDF1RKe78AIcesbf7r2QmyHWXeeh9VMRQ9GacjJgTNBefZTyoyaOmoNCjsUpJHXTVHZ-bixuS4Dm3QnfNanJO_MCkkLGRPOBuYcjz0ctBAFfAGYQhuErdqWKdyNkPfIahxvFiHr4PHXpLpmDOfjBd77QYs2S6tFpQtUyBWkvzgUJqp8DZEK47Zn28lYVZxt5X4Q-jGHnDFwIv-bBaK1owqUbYDmGAvxfeiPWnXOzpf3GXUTqyIwe2M_hcdwVopz7ihmpG8xtVgCJyjEQeDUl5eBEQlIvGhc6RuqnG8Ci6oKWnITFeP4DxpfsAzASS0PpmYS4d2hbDNIXQDJZVENxtRJyBgGTddsKzTDngGdI8RbDHhO-WYHMeGiL2PButLmgV1LQ9sODdLxXv1AqbxHevkzqICQNs1BIwLUbh0k58_hpOpB3hwIgBOQfccVHl_SjKZxVhQtE7rZmulHSl5YcAl0u6s2RdlPhoNizcg2CgF80M-eTjCZrdka7kAE268Ir0Ba4Ai4WPNC7wyimRecsZ95J7uYEobCPl68cmocV0w11UkGahlJMfwGuNI8WMjTTQPqD09gOaDPh-hoQyrFoS0eF_yTWQFhyGZqhBT9Q2dOBuVFsefzk-GhUcYZ_mg6V-GltDSy0RYWzCtGjMGkCX1R93P2jWEgwnm1DZFN81u0lq9hed2crfTxmBYy9vae4wrDA4i_gmOVv1uxlAsokEg6DvEa5KJTmvtq5EUGAK-WFGbrzB7el-xbrBehZSqNyY1-8d1pkZy3-5WWpagJXKF4ugVeT1jeZBe47q6HYHLU97TF2ezYF-eQHvYZQiF97VY7tDS6H50ntTbgB79ZrQfJNv9lc74XWE9IOG7W5YimXn-sk-ZdnhyxZS3afKcuh9SVFIzajsl1NDewmN8J8fFSvcBhdMKrCZNArjKs0s385I1f1-aqhIze2ppie-qytwtUlIO6v9MRVCXkBClUfrbYo4GiOPZHggTpV7CuLBj-xgur5N579O-BB_Zb3xt_zStTuyph9uF8-sli0YYy0E_PICtwOjyJskxnY3nJseuGjXVtBpOi7jwZOgi1rvVNLuC2tiUw3iAi2Y0fDVpsTOR9bL9EkC86O3IboGRTAS0LvVx96qwfeg_7JOEZqrAycwQ5yM6Di6XweF5VEw5nHePpJqf3SLpXemr5S0RqdcI4QtaZjz70vfApxWEzEJXjVO4b5MwjEMvUPjrV69vn5i0TzxWvN7-toHUsKfYn2Ufj6A2xyAs0S1xuDSom34h2Sf3GyCTZ7npNL1z1rfefEPABz2wDG7Q4SwDE6wfTZq9LLZrpkC4uNYfq0IkugMqzVxPzRah-NTQhYI_oS6N-xt08wyGLIiyJxyyS3RJlF5Mryv3Tlz4Mqz-kCDY2dzrOolTzU1Lym6AU0JqisiXJUvJxKbU1Kw_whyQ1GaQRyMXn0MrAj4zVzqS5BQTfrTISrhY41VtacBLTEwCZxny8_LwMrKIIHw5C9rbrdSrmfMVRgICT-YrZ2LDZm_7bcJ0tKrTZxoFGvhnxF9ZAQtmy9I3IJhblbl1KEodcPeinkHcAJZSiPyJwoUfPcrJ3ck8NUy0R27WrmexmGI-gMUW2LwUdDsqr4GBMEEbvbex8ignJCrtKc7fM4OIrT3YMDwq8iCoe04_ACbrdMG4LYlThycp92LuICfQyJ__7b54oeye_HN3Zn-Q2J54LfeQ5jXsqTqOZwBQvMt9fxbnIV-3dPSygsmsmDG_gotso0SVKSF4zxCdjj1FNQSFGZfILzzY6vik5aM4qCDorhBXAAdiyFlO2gmnmhIdUH7lR3SuVp9sbTgr5pk2U_Dojc5WkCXdYsWkCyCYC_EX24Od10xPMN8H6y7UjPL2BtJ_J6ttBV8dfxxrd143gAr4mw9eD7W-I0lduSwjCRomShdly-hMmryCvRoO4tMuskhuYCzuHnzu7aSAf4bmZWkshd5fHFhVqjQRaGFzYQKy8tg49k5hECXAUFj7rDgJVwaFhdZV_HBiuWM8FPALyTx5wMvFpCb9Mj_SdqOTMHBFRroT3JnxXQt2rr_F69ya2P4dOvudQ-G-Q_-JoduC-kro6C0bALKq3r6OCOfSfncoN_0e2jhsGzmImF7i1cAF2vVNO0Jz1DJ6U87snGg_jMI5knwmmbarXvJ3aEr0d5pnM3eD_-JFadYk-x_WmetdlV0vgCHer_7BnNoS1G-_0Nh_h2RDvSQXQs10PpezVe5_nFBG_ETFHezPt4UMbNeUByZrign66awUKOqgGfUpwSnN2aYhGD_6uxbJ1gklV8_aMry_nLF6UAqCIJwRUdH7dWfFfqIpafFH6XCfpARxkbxEJ4Wo1dog0vyJNkNwYv5ohtARABTkwsQIlSoqoGiUjRpqGEAM44kvrvoL_-dHIm2arm6ZwDOUdsoaniTzI5v9YbZGHtR04p-_D0VZGgFuDqAMqjStfskdfp82B-d9W0n1LFslJBQtBEAC0NJ26utDfynKgM4R7b71PdzbNd04haxg86hVQF2XF70acXu2BgIj21SJiWjt1P3DC8_FgmJLKXnRoW4vft31qDgeu0-TsN4RZpCG-S5Wn5dfNvVLCjNRKRT2lvJdu4CZeqqtURayRF5w1gowQbk54O5RKM71GCO87ZyVXoix2Lg5Bqnn3K7bx5soHKWEBuN0NO_Ei_sv9jWY4b6-_h8wAdypCWeN7SOzZqr4PFt6-nA9tMXqC4GaO-TNvdmiGpDQwDGDrd5dvjTnVSIO_OJLwxY0PdkTbgylnAJWd4cVrYcmrmEbIa9rsVzaIG9trzci1dlklVYK9BxfFLMTvGdPjrH5NrfO3IGtu7bijfDVISUj4rIbAId0kD3Qe8lVH70OiGIqY6qcVYEjWOE6_mMQ180EFWf7L2z5Dd2GHxp9C8F5GBpqziROLpR2icsuNd9MwO5sHxWlQhqf5LhRRp_q_-pK_LPx6mWdRV-AphRsPFnFLTzX2FtOpoH27MTJPZLjp_4_b8eRSd-MtVfkW-OFKz8HS3aPQo8jk2R0z-3Jdb_gZakbnc6yiAB9vUBml_7otsrUuBi7JEQu_RCjT8JvKZB6IOPLIShGc4G2MaKAPEbu3-0yxxwj7FJpcJzfD3l1rcNwqPA_jxSNEaAuW3Qoew1xZrQO7NLSBiNbiszCRCoTG-FDq8hRpzZTyn0upoe46O15e8VDDXJm8ocOnV3aTlc-QYqqiFnUmOaEU0L9M277ldwIWdc6HX-eA52AXgw4QXT7yCxbZuRz3OEZ_pIXp6FP8fnyGVbdVw&cid=CAQSOwBygQiD91hujS2L4NN6l4KO2zD8MRfHaBGRZwQBHj0W6pt-TU_Axp9omjFmTE2abI1ucsD9LoZIkMQfGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bandab.com.br%2F&ds=l&xdt=1&iif=1&cor=8997772101050812000&adk=2228999115&idt=127&cac=0&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
14623
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11001
x-xss-protection
0
server
cafe
etag
16383942900985251592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:36:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7E25 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305150101&jk=2270490427165444&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
frame.html
ad4m.at/ Frame A426 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
99253
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7cb5cfe9b8830476-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 14:40:04 GMT
expires
Mon, 08 May 2023 00:16:30 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8f5uiAW3N1w581q2%2BSh7hSdMra5h7egHr%2BdU3b5dOP%2Bs3rl3aRUlt820B3PNjIUwLswzTMPlBSTuTWQaZ%2F5ZRoWeR4HxPIj6XifcZfoXcOtaw%2BJwQofzYH4Lv%2BbSc%2BfVds%2Bv9E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 015A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
29920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B681 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
70116
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 May 2023 19:11:28 GMT
expires
Mon, 20 May 2024 19:11:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 9FAC 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECwJi0_uUic9NNcjYQK1IMM&google_cver=1&google_push=ATf1kGPmuisMhC3bIKHXXCCfaUL2IJKRkGu4ZRu0WQUJYY_DBLjX-dm6TCzszd0sy20H-sHyJn9ItHUia8iSw1bc_T0GyHBuCdoSag
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 9FAC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFvpfh_ryH2iSNEhmVLc4aQ&google_cver=1&google_push=ATf1kGMrXt0gZSDHer_6D05IC_5QTatWK_xZlwUjjRSCicKjg2CBW1God4oYueErCppEqSa8adLDpI9z6UT9cfdqZRpU...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFvpfh_ryH2iSNEhmVLc4aQ&google_cver=1&google_push=ATf1kGMrXt0gZSDHer_6D05IC_5QTatWK_xZlwUjjRSCicKjg2CBW1God4oYueErCppEqSa8adLDpI9z6UT9cf...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=ee0e385f-a3c9-4e5c-803f-00ca52479362&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMrXt0gZSDHer_6D05IC_5QTatWK_xZlwUjjRSCicKjg2CBW1God4oYueErCppEqSa8adLDpI9z6UT9cfdqZRpUnXhR_-1wrw&google_hm=ZW5fiZ2jS6iglEXUQ4NmEw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMrXt0gZSDHer_6D05IC_5QTatWK_xZlwUjjRSCicKjg2CBW1God4oYueErCppEqSa8adLDpI9z6UT9cfdqZRpUnXhR_-1wrw&google_hm=ZW5fiZ2jS6iglEXUQ4NmEw==
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMrXt0gZSDHer_6D05IC_5QTatWK_xZlwUjjRSCicKjg2CBW1God4oYueErCppEqSa8adLDpI9z6UT9cfdqZRpUnXhR_-1wrw&google_hm=ZW5fiZ2jS6iglEXUQ4NmEw==
date
Mon, 22 May 2023 14:40:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 9FAC 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEN_s7MdolGE72fstpoYwzcg&google_cver=1&google_push=ATf1kGPf-Amokf4Lyai5GFOe4cckY_c6EKxRRAnl8RS51188tDC7O-vp6Kr2LJR8NO0nIUzpP2G48qwiW-zIprgyyF1nGKsKf3d8
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
217726
expires
Mon, 22 May 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9FAC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENCRpMMmri5KC0hS7z_d6J0&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENCRpMMmri5KC0hS7z_d6J0&google_hm=ZGt-w9Fr1DMayGvHe-zftQAABFMAAAAB&google_nid=index&google_push=ATf1kGN7ELJW0eHDIA1ykpSIkvy4CSAJ2ayHQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENCRpMMmri5KC0hS7z_d6J0&google_hm=ZGt-w9Fr1DMayGvHe-zftQAABFMAAAAB&google_nid=index&google_push=ATf1kGN7ELJW0eHDIA1ykpSIkvy4CSAJ2ayHQVwHq_4DoiXcFJGzEluTcL4pDLVl5po7uAUa40yqWxITMr6p2Bm8GXUf3PIvs500Jw
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENCRpMMmri5KC0hS7z_d6J0&google_hm=ZGt-w9Fr1DMayGvHe-zftQAABFMAAAAB&google_nid=index&google_push=ATf1kGN7ELJW0eHDIA1ykpSIkvy4CSAJ2ayHQVwHq_4DoiXcFJGzEluTcL4pDLVl5po7uAUa40yqWxITMr6p2Bm8GXUf3PIvs500Jw
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9FAC
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJ0EoxGRANH-BiEpvt4hkdc&google_cver=1&google_push=ATf1kGMN21T2GYsszSsBYTNR-OQRF5QILzepwdFLwKqhjdfHpK8CqW4olDxF7pAaZvUs8oQsfBNT63Wg92QZTH49c...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMN21T2GYsszSsBYTNR-OQRF5QILzepwdFLwKqhjdfHpK8CqW4olDxF7pAaZvUs8oQsfBNT63Wg92QZTH49cHh08PVGn7w57Q&google_hm=GsEQuGZHbNnVuB61SYeK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMN21T2GYsszSsBYTNR-OQRF5QILzepwdFLwKqhjdfHpK8CqW4olDxF7pAaZvUs8oQsfBNT63Wg92QZTH49cHh08PVGn7w57Q&google_hm=GsEQuGZHbNnVuB61SYeKo7od
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 14:40:04 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMN21T2GYsszSsBYTNR-OQRF5QILzepwdFLwKqhjdfHpK8CqW4olDxF7pAaZvUs8oQsfBNT63Wg92QZTH49cHh08PVGn7w57Q&google_hm=GsEQuGZHbNnVuB61SYeKo7od
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pub
cs.chocolateplatform.com/ Frame 9FAC 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEDRgKcWVvHY0eBhykPyzy0o&google_cver=1&google_push=ATf1kGPCzVgD1wlmgYVzydF44tS7K7n-5LYYIKGUpqkeCdnf7nfvs8lGqpLK98sTyk-5A0sh2Ng05hkykhgLMx4yz45zHOwJ_bZTEQ
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
CookieSync Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 14:40:03 GMT
server
CookieSync Server
content-length
0
/
onetag-sys.com/match/ Frame 9FAC
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEEUFxmGdEJmwSHMUPmZP8do&google_cver=1&google_push=ATf1kGM9ULHTP0afsQeep8zLqBR9UMVfEKVIqMAUo2HdhakNDTlDaZfIMtW5GMwwr-fWYWNWt9zTnciw1WI...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM9ULHTP0afsQeep8zLqBR9UMVfEKVIqMAUo2HdhakNDTlDaZfIMtW5GMwwr-fWYWNWt9zTnciw1WIVx2PUAFzaF8z5qJi4PZU
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9FAC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KBbC7OKpVZUlTQoUSrNfjofS5JvbAfU4PkmT-dXlPAehBsT_r8MJsaigHYlEj_UrPvmJk80A
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/10980965880029082187/ Frame 23CA 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10980965880029082187/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7c9d306bb08ff848ecf8ecf5a043a8d566be5b87d0fc07503917db9ad38bcbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
25783
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4019
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 07:30:21 GMT
expires
Tue, 21 May 2024 07:30:21 GMT
last-modified
Fri, 05 May 2023 13:01:08 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 064E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuMKULNgtw7UUX4RKbb_M49vRJ73uuDF9dTyUZaSLUzIMMlAbeI2gTPtOHqEg82h13QqjifBtuIeE6ZWL76FdNM6qBxsVa9Ww_xjUjq7vmylHiC7lOXIT3-nNdT1D0xoZi55xnyz-yAqKa4VHc8ZZAKcGr2VnR2G5b4TFyZpHwcoObMD7shuwxlrzR_oRCfRrkSVTWG9zJPwvrsqelqfiXxTX1MnzP2luuERoDwUHigaIu_Q4biWEu-uxzrp9AZHOJmiPPhTdFg1FPMSQ8XnCcokj9B8E3Em3q_YE2PN_lpiK05EDlBL5z-jBJM2jXpufXtxV41mWqDFvERMGQD1gvBc_SEAC3DQcfCjf9zXdSRgLZmDb9zFi5QctnECfqyZwYi4MJoVuJTm0xpfMplK2fBfGARjcQ2GIJckttR6uclvO8eu_6DBAWD8Emf_K4gkPbsckb0VoTFjR8ZCzNIyjapq3rk1MK3NM4oMlnvGpl01EO5zpEbNV1trVcw3LbkEbtz7JFrWofpXJTv-7Hz5iqFNV8XyueDxch6TZIA83p0WtkFHiM9TFndBhhte_6lPfi4ALrr_8CJdpdjv9lfHU4-Nks-sUYTXuYChyjZnygV68YPuy8CiGRMSHR8Q5MTyUwnIEvU8XCirR3oK9NjgVrnV0b5Q0ndlrMtZStqacDWsfFQFbU9RPGEtFyp77ehHDjxsEtjeYcEKB1SGgjlu480LpJj1RFZHXKjuIHlOyjeSRs-tNwll-Fvwu4rhmGNbdBTMm8PcD4blFGuxHxrsI-pZFrb2Yj3kQtmYo5-FDdQnisiUzWM0LHqmOfJHa0pjL2-E9X95PSzEQ8dpwvNvkIYm4Q8AqBM7ljdydaz5nfte9wFJpkVwFe87q2Jc5KwyMH5vQw8NoWIaq733z4Dm7wX4q7dTwyFBPtN6XE3w9u3UNtVkoCFtKD2GBGdeLugPIy9k7_74WC5qWWiV-fN2wvUeDFa9P1QvaEM9yv8YLqn0x3lFVnuNO7SM2Y92sub-6h_pCAQ6F4UxiohqCINNwIJACqz2Ta7s4OUK3r28yhbgxBaxAMah34sqgGUpc4HSWEO-Pg0Gf4FmmPeEr2RjYl6lMqcxrNcYmZmLA6Ut9LPei7tpfnbKHyfCUreW5RyH8OngEkllRTRTvl2odvLYU9hPEC27YBnUU4FX1tNR6WTcVNUDgnKGQL37S_TR29qRtMNnmpepn6HmD-PX5Dmd6Y4TrS4LSwh3hGaVb841O9ceBJ6hZVOF-orRYsmKl9EKhQa5LK6-i1l2YkKDwiwFEMrpposefy6gyvsQlb16Sl2xsqOKWGxgrzyXbjSQGeRZNFrCRD26AXwWHORnjKuM6cPns4lmZkgWqxL9cE&sai=AMfl-YTyD2NhE0VyZ6_CerTLMzWEAeMvAP-TuiAJKjtZUtoiycfvNKbxlSw7qeQjS298Og_W8mC0a9K84SbMbqFxGuv7F3eCcmy_ZsQklJwNCTFzR9KEW_5KN8W2lJZJJtN7pKMf18EgxHvgf-z_WFkqUvLpzd7uf8Yx6DNr9juYPNh1j0R0HHlhvSBooqYOO6M8YK8yWlvqQcTRQ792RCbFiR08hkzk0OuRZgZzgQMDhF6-91wVmAJlRhHhJTATLI7ck-7D&sig=Cg0ArKJSzP4yfxxw68IgEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=103&cbvp=1&cstd=101&cisv=r20230517.45192&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 May 2023 14:40:04 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 22 May 2023 14:40:04 GMT
ai.aspx
m.exactag.com/ Frame 064E 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=8&extPu=31180-dfa&extLi=29882837&extCr=191817546&extPm=366668577&gdpr=&gdpr_consent=
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.10 Grenzach-Wyhlen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 14:40:04 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mo, 22 Mai 2023 02:40:04 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1645
Expires
Mon, 26 Jul 1997 05:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6EDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst2n4R6h5dsa_RtqP0LxNF3LBrcAgP-9FHJyjyszPb2Kp65dcNa7YHlrAt1ZwGZw5o-xRhF9gQUL0yun2EhyURuaQ6sW8jDVkq5eoA5liNeiBpkXL6AN1Dv1TY_QlgkGE2wM_9tUcplvR8NWcYqKkJ8uzsEkAHtrBGxsYQJuiiAu5wgRTpPtgbWKJLYP4Ur40fdnMg8CqqEyixFA6ARhxmIW3TZzNqKGNz0G6lAudSd3kpUVK-7gBntJ6jALt6bIX8UTK9lrb5BkTsIKTwkBgPicZk1tgj7QEybGMVMFzdzT-3CTZJzAcLb6vfzwYzLmwrFMZTwSg1PljnUMXJC1ZOYdIC2q9QdXSxVJJmlJp6EnHjrlh6JNzFT-GIll7086UwZ00Lo2eyDkMX0e6af2TERl4qdS8gq2O5j32fBoBqSGnqcVm3LHi-ajGNjh6kRtkwHVsPl788dkGJcHar9FKLKL8vPl0YO-USb3vevyb7dLFgvdJv2ZWrmI6ItXlJ8DrH0Cxp0rStQn22h42g8huRvf4iGdg9LBpLSLlSzBgbarvxnH6cXnX-OtVIdMN3hJxfBIpR-kwe1z_06h4pA0Sd5WybahEgFiX8Ibi-h34hIBsUD3XZOL6_7djjlqyhSKnFMj9XkAYzY2yNUUhyLDdLSRqyMmKESP3b1IscIYpsEsCejHxZookq0UJ0v9IwUkSVi-xTF9VAY8YTNSpSrSURBER_-By21ENMjdtJ6eMi9_tr7iLdmt9g00EbpechcvX-Dl5Mm39Xt7vT7vDS5Pq6z24N4V585JE2DUN-oTNGAOh0wJ1k7HPSJEQAkdYFO1tANRtN9qkcAYboGuREFgk2d2DXurE5DYtHMiT044hPh1tvc854A8q4YXr42JZyowrVwJn8xT8VdGchHIDKsOV_nihnU7ZlJbunSBS2v5Jzyrn6lc-_W61Xt6osLQAj_4C1UvwtqrUl8Zvxh2pjIOw34NWwMYQ_LUP4zyeSPIQkB2hxUvIGOpyGXED-Ur0uH2KCMtKWzOgcgvQK3iY_9v5ZDAIMPuSLDfz8z1JuM_7VhFOI5Zs2Qy0N-lhb33yhEkuptItjCKKf-ojxV8VTE07PnWdhLgpNFigQTP2OVDlrUxtSUem1wW4qkbnFH4ZeSfNvLAghGh3FBmVk2V8gVibcDpBdKnOIrhn3AOog9a9sp8he6z5DS6zcjMExApkKQIGZdFNozF5HqVN_u1JmcSkkIyN1JPoS1uhXS63QShwxD0-xKf5EIGnwBOo1G3Am3sLVwFAWDSj5RoQT8xv9YkK0wZWjrFiqHPLiY35r0COtATZrVE4s&sai=AMfl-YSlgdk0Lj7QrVRnyaTm-L4PVEdrbwLfCRrC9qNLn-Zex1HSG_ZmDvlNZXWaptXOIDAfUvFLWVWWCyeNVssllMbVn-2KeLdlbjMr7vE8bhSKMCaTHztxQ85Asc_usbpkngnmdR9XGgRo9PpgWwF9yKpnIIRMo__JwUNdgo5I4vzn50pu7zMc4AKqgiN66-hwNVw9oXJdyTNt-GAJSPcDrXUvs_lGCgOoqjJotoeAhKNp-6i2vV_RLunE5TAREFqgqCdv&sig=Cg0ArKJSzLTa_sXV4hVbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=424&vt=11&dtpt=210&dett=3&cstd=210&cisv=r20230517.97741&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 14:40:04 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 23CA 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10980965880029082187/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10980965880029082187/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 14:40:04 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 064E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70489
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 May 2024 19:05:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7223 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Tue, 23 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 064E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d64d83e1aa0d4ffe11ab7c221a6270ffd50d8b0c91f78fda13435b2875635d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame B681 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
29920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 54D5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
70116
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 May 2023 19:11:28 GMT
expires
Mon, 20 May 2024 19:11:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 7223
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkd0X3hBQUxfQ19YUWdCTA==&google_gid=CAESEGeweGXRWkxZsNAPpftNj7w&google_cver=1&google_push=ATf1kGMtMlgbcCuzIZmtQ8sIb8jvIj50ps...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkd0X3hBQUxfQ19YUWdCTA==&google_gid=CAESEGeweGXRWkxZsNAPpftNj7w&google_cver=1&google_push=ATf1kGMtMlgbcCuzIZmtQ8sIb8jvIj50ps4jI6-VTC-zkBIvmAKFZ-zemKxIkM_XzjIetMeJ1ioLS9tTjg9bmzSnoZttCYvku8U
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230128-FRA
pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684766404.356223,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkd0X3hBQUxfQ19YUWdCTA==&google_gid=CAESEGeweGXRWkxZsNAPpftNj7w&google_cver=1&google_push=ATf1kGMtMlgbcCuzIZmtQ8sIb8jvIj50ps4jI6-VTC-zkBIvmAKFZ-zemKxIkM_XzjIetMeJ1ioLS9tTjg9bmzSnoZttCYvku8U
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 7223 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMAAIpUnOCzW370UV78IkYo&google_cver=1&google_push=ATf1kGNbVucmfl49eC8QV3Tf3TUDoaCetGMmxHVomnPW9mawJWjay9ZBv7dtAY2Dj7TLCj2hq07WhF710z2DXdDbuilaxI8z5JA
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7223
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBAFduniw3h_ZhxYxaGEP0A&google_cver=1&google_push=ATf1kGN0G9AqZ8DO0-j78zMUPGjcrs8gg8ZU0PWmCZATqmGg35rgv9_YjOteuPdeVCfE0Ew2kectBj_eKWj0fv...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNjAxNjYwMjMxMDk2NTM5MQ%3D%3D&google_push=ATf1kGN0G9AqZ8DO0-j78zMUPGjcrs8gg8ZU0PWmCZATqmGg35rgv9_YjOteuPdeVCfE0Ew2kectBj_eKWj0fvEe3Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNjAxNjYwMjMxMDk2NTM5MQ%3D%3D&google_push=ATf1kGN0G9AqZ8DO0-j78zMUPGjcrs8gg8ZU0PWmCZATqmGg35rgv9_YjOteuPdeVCfE0Ew2kectBj_eKWj0fvEe3Zz_8Hw_pR8
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNjAxNjYwMjMxMDk2NTM5MQ%3D%3D&google_push=ATf1kGN0G9AqZ8DO0-j78zMUPGjcrs8gg8ZU0PWmCZATqmGg35rgv9_YjOteuPdeVCfE0Ew2kectBj_eKWj0fvEe3Zz_8Hw_pR8
Date
Mon, 22 May 2023 14:40:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 7223
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEED4_Ocj0eDVy5FN2RG60Ss&google_cver=1&google_push=ATf1kGNcOJI9pi54DmePNmNI0g1VUPYjTYX7CU6B4LX-LRXf8taGn08YCFW3FOXpYu88JuLlSxI6sofkpmvpeyPxUsAOOHv...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEED4_Ocj0eDVy5FN2RG60Ss&google_cver=1&google_push=ATf1kGNcOJI9pi54DmePNmNI0g1VUPYjTYX7CU6B4LX-LRXf8taGn08YCFW3FOXpYu88JuLlSxI6sofkpmvpeyPxUsAOO...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNcOJI9pi54DmePNmNI0g1VUPYjTYX7CU6B4LX-LRXf8taGn08YCFW3FOXpYu88JuLlSxI6sofkpmvpeyPxUsAOOHvSKJo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNcOJI9pi54DmePNmNI0g1VUPYjTYX7CU6B4LX-LRXf8taGn08YCFW3FOXpYu88JuLlSxI6sofkpmvpeyPxUsAOOHvSKJo
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNcOJI9pi54DmePNmNI0g1VUPYjTYX7CU6B4LX-LRXf8taGn08YCFW3FOXpYu88JuLlSxI6sofkpmvpeyPxUsAOOHvSKJo
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 7223 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEN_s7MdolGE72fstpoYwzcg&google_cver=1&google_push=ATf1kGPHDU2wgkiuzuB-RW4YG46q9kHoNP-aN6mIVhuAarJYarbreD1L9yh7FMcChoYJCjiLy_uEvYUs4VxDzZYZepkv9K6_Tj0
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
314797
expires
Mon, 22 May 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7223
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOqQ3rGAnIirNUUiWPa5mQY&google_cver=1&google_push=ATf1kGM1FiLkNurO4k-jFyF_3UFaLFJAw17Zhl1HZvMquzBBuiVNv5DnM7eQvfrhVkzgF_nZgJ1pezpy...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOqQ3rGAnIirNUUiWPa5mQY&google_cver=1&google_push=ATf1kGM1FiLkNurO4k-jFyF_3UFaLFJAw17Zhl1HZvMquzBBuiVNv5DnM7eQvfrhVkzgF_nZgJ1...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjM3MjgzOTA5OTM2ODY1NzM1Nw&google_push=ATf1kGM1FiLkNurO4k-jFyF_3UFaLFJAw17Zhl1HZvMquzBBuiVNv5DnM7eQvfrhVkzgF_nZgJ1pez...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjM3MjgzOTA5OTM2ODY1NzM1Nw&google_push=ATf1kGM1FiLkNurO4k-jFyF_3UFaLFJAw17Zhl1HZvMquzBBuiVNv5DnM7eQvfrhVkzgF_nZgJ1pezpyA753lEyKbnn1jUQIjg
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjM3MjgzOTA5OTM2ODY1NzM1Nw&google_push=ATf1kGM1FiLkNurO4k-jFyF_3UFaLFJAw17Zhl1HZvMquzBBuiVNv5DnM7eQvfrhVkzgF_nZgJ1pezpyA753lEyKbnn1jUQIjg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 7223 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEAH4dzkjK4T_W7J9WQLp2nE&google_cver=1&google_push=ATf1kGNE4Ra9Aw4YpfHUS0Z4Z3ENzJcGXBh5yYu8NirYgu1uFRBI11xnV0NscTGoOUDIKkuG0WdkUCsqjZG_ybmBs2AiCDYNbQ
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
attr
cm.g.doubleclick.net/pixel/ Frame 7223 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KcAvyPo3mL7pqbzr60_1Yz2hcH8bYZHRo0yfMd8JCQsl7biTJtrWt4cDNuVNFp3vWx3pMq
Requested by
Host: 4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
URL: https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
rs
ad4m.at/ Frame 9A42 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
139970b635a56e6264835457f28769f59ded5b3eaa14877e2d574e9b9f7893fe

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fbr3FjSPUiWlZ%2BKLgR5T5jBpVIPuCgxx9ya6ew7dxJfbZTj4v0YFSRJrIchqhww2Ts5V67F90mFpou%2FGHQEh7ayoceCvOlGihXjsdLTuQTJAPI3ilMsJu6qnripBWef31YISFYc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7cb5cfeb9cff39e0-FRA
x-backend-server
aa-reachservice-group-europe-west1-n6pb
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cb5cfeb5ca739e0-FRA
content-length
24
content-type
text/plain
date
Mon, 22 May 2023 14:40:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmA9ppzh802EVWsA6GMPW1ok9RpLDDJt6oPd4q70biPH%2BAuKGJJWDPh%2Fc0sQNLxvAIvDTNfA8eMbl6%2FZil7pG6MzwylrDX1czcZ9EdqKARIS3FItyM3UhfVk81r%2FJp95DhlpgWk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-0pxx
view
googleads4.g.doubleclick.net/pcs/ Frame 064E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuMKULNgtw7UUX4RKbb_M49vRJ73uuDF9dTyUZaSLUzIMMlAbeI2gTPtOHqEg82h13QqjifBtuIeE6ZWL76FdNM6qBxsVa9Ww_xjUjq7vmylHiC7lOXIT3-nNdT1D0xoZi55xnyz-yAqKa4VHc8ZZAKcGr2VnR2G5b4TFyZpHwcoObMD7shuwxlrzR_oRCfRrkSVTWG9zJPwvrsqelqfiXxTX1MnzP2luuERoDwUHigaIu_Q4biWEu-uxzrp9AZHOJmiPPhTdFg1FPMSQ8XnCcokj9B8E3Em3q_YE2PN_lpiK05EDlBL5z-jBJM2jXpufXtxV41mWqDFvERMGQD1gvBc_SEAC3DQcfCjf9zXdSRgLZmDb9zFi5QctnECfqyZwYi4MJoVuJTm0xpfMplK2fBfGARjcQ2GIJckttR6uclvO8eu_6DBAWD8Emf_K4gkPbsckb0VoTFjR8ZCzNIyjapq3rk1MK3NM4oMlnvGpl01EO5zpEbNV1trVcw3LbkEbtz7JFrWofpXJTv-7Hz5iqFNV8XyueDxch6TZIA83p0WtkFHiM9TFndBhhte_6lPfi4ALrr_8CJdpdjv9lfHU4-Nks-sUYTXuYChyjZnygV68YPuy8CiGRMSHR8Q5MTyUwnIEvU8XCirR3oK9NjgVrnV0b5Q0ndlrMtZStqacDWsfFQFbU9RPGEtFyp77ehHDjxsEtjeYcEKB1SGgjlu480LpJj1RFZHXKjuIHlOyjeSRs-tNwll-Fvwu4rhmGNbdBTMm8PcD4blFGuxHxrsI-pZFrb2Yj3kQtmYo5-FDdQnisiUzWM0LHqmOfJHa0pjL2-E9X95PSzEQ8dpwvNvkIYm4Q8AqBM7ljdydaz5nfte9wFJpkVwFe87q2Jc5KwyMH5vQw8NoWIaq733z4Dm7wX4q7dTwyFBPtN6XE3w9u3UNtVkoCFtKD2GBGdeLugPIy9k7_74WC5qWWiV-fN2wvUeDFa9P1QvaEM9yv8YLqn0x3lFVnuNO7SM2Y92sub-6h_pCAQ6F4UxiohqCINNwIJACqz2Ta7s4OUK3r28yhbgxBaxAMah34sqgGUpc4HSWEO-Pg0Gf4FmmPeEr2RjYl6lMqcxrNcYmZmLA6Ut9LPei7tpfnbKHyfCUreW5RyH8OngEkllRTRTvl2odvLYU9hPEC27YBnUU4FX1tNR6WTcVNUDgnKGQL37S_TR29qRtMNnmpepn6HmD-PX5Dmd6Y4TrS4LSwh3hGaVb841O9ceBJ6hZVOF-orRYsmKl9EKhQa5LK6-i1l2YkKDwiwFEMrpposefy6gyvsQlb16Sl2xsqOKWGxgrzyXbjSQGeRZNFrCRD26AXwWHORnjKuM6cPns4lmZkgWqxL9cE&sai=AMfl-YTyD2NhE0VyZ6_CerTLMzWEAeMvAP-TuiAJKjtZUtoiycfvNKbxlSw7qeQjS298Og_W8mC0a9K84SbMbqFxGuv7F3eCcmy_ZsQklJwNCTFzR9KEW_5KN8W2lJZJJtN7pKMf18EgxHvgf-z_WFkqUvLpzd7uf8Yx6DNr9juYPNh1j0R0HHlhvSBooqYOO6M8YK8yWlvqQcTRQ792RCbFiR08hkzk0OuRZgZzgQMDhF6-91wVmAJlRhHhJTATLI7ck-7D&sig=Cg0ArKJSzP4yfxxw68IgEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=270&vt=11&dtpt=167&dett=3&cstd=101&cisv=r20230517.45192&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 14:40:04 GMT
rs
ad4m.at/ Frame C2AF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ea3075171e1c9cd8ef59a5cf72da62ad887d4f7780002171983a3c0bccc556a

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjnTMGzeL84PAm3M5owsBVS%2F2Q7besTSs%2F2ThjXBeA78zeN4Po%2FzRmPR7rp%2BTd%2BePXH62fe1vRje%2B3uBR4%2BdZHwtV447uDJiNzhF3dqQdouXcPmBhrknDYxDBYr8qqufKVnap%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7cb5cfebdd5439e0-FRA
x-backend-server
aa-reachservice-group-europe-west1-0pxx
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cb5cfebad1e39e0-FRA
content-length
24
content-type
text/plain
date
Mon, 22 May 2023 14:40:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gm5cRM19fXLMou6NHUzci0TmsHi56HlUrRTWyY0%2BJtI8cfjOee162zwDYURRfcQfFgEaVbqN8PYresVhTKJTW1LQgrgvG8pIU9B9KwDR7K1W%2FWcVLd5gQv8UxqfuXTUdar37kEo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-0pxx
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 54D5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
29920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
rar
as.ad4m.at/ad/ Frame 7561 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
600111cdd819fcc01669c425745c2725073214e21a5e838a12ea0e2e09ed86ab
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hbd9wb3veyxhtd8fymm2qydwf3p4n0xcfst5mevrer8fn03wc4g4qxc81ysxn56z5yj15d59gw64xcnyw8efxnpv4m9fjp8jx0zyd4dfxgphay53hk0qn0xk2pa2cjzjphsfyy8rtkems14s43sy5ecp41yc8fxnrbj7hf63rtweqxd28x7r6xy5d8cjbth5973k8esg3h8faamq272w2xva505kzadygj88bt3vnsppfwk8ksqsvpbtkbdmxqhqps4qj0nbg7b3zen9rhetsvr0s9bwyywvtjdkthv8svvgrd1qhgpjb973rpb4sqpnssbbmfk26ydhpksbeeb8z0znpgx01hmbg8dc2h05zjb5a5epf1t7t1kqrpjp61z40nqe27dt6bhgbk82vcjdbdycdt15sftbxcywktmexme837mfaqvg0qrws78sbsjtk7bkh6asr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%26client%3Dca-pub-8170966538152543%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cb5cfebdbc60476-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:04 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 015A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SC-SGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 7561 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
1206048
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7K2fBxwV8fXQ1tvCz%2BDbNlcS0iO2uGqeE71X8eB5P0emq07wJNmMk38wroplbA%2BjknIkgpkHchH5PYavbvmGx0C7CZmc%2FHFcy%2BI3ta6Cv34oXTfsDdxCUllmd1YY86I2WZRdOOMLj8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cb5cfec2c390476-FRA
expires
Mon, 22 May 2023 15:40:04 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 7561 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2128902
cf-polished
origSize=9357, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4429
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7q5fsCZag2BUyn5hN%2BPFv08lTLI43Ka6xPSJ69GaCNLpsjS80jG2KnwiqI64aqAYdx2YtzyDO%2F9uEdyoNqzOaSzbRiUuWM1T%2FgRNUaB8UQkH3AWGGcRPFFFtQIANszibr%2Bpfanuj1XccH6o"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb5cfec39c2383a-FRA
expires
Tue, 23 May 2023 14:40:04 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 7561 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2129440
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FOFMNem9Xf6nw9jvjlj0N6IeVBEOhrQNFZ6P8xgIxS4J%2B59Z7WP5eMet5mx7kUjTVb4SerYkaYECNc6PFRsiPS%2BSeacVNzAs8I0yBGRMIfaFoPrUT7qNGI9%2FnvQScQtHdjRCjtI1ZNDno6V"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb5cfec9a46383a-FRA
expires
Tue, 23 May 2023 14:40:04 GMT
cshow.php
www.awin1.com/ Frame 7561 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.202.60 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-202-60.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:04 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 7561 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2165437
cf-polished
origSize=115129, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75430
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teYdTyrRxSIU%2BrpHPCES2HAaXaJzL%2F1Nooxn31RvgoJcgKHZepYXsPQxvAPrYhse2Z0XWfTJTETdUaDKNFV4ndjDIVyUkXGpC1rwJq3nTvDz0AfgFNyzIH4xBpaEkUTncHFCrvVkIz3LWYmi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb5cfec9a49383a-FRA
expires
Tue, 23 May 2023 14:40:04 GMT
BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
assets.ad4m.at/product_image/ Frame 7561 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f517fb84e0461bf59d148d2cf42b9bdfd8cbee080020b56fc208f581ba556fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2163447
cf-polished
origSize=62182, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59907
cf-bgj
imgq:85,h2pri
last-modified
Wed, 09 Sep 2020 07:43:04 GMT
server
cloudflare
etag
"080d0c4839d9eb4fd08cffea44b1069a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j73IM25n3K9EQWyyMWhf2NoAGIa%2FfUof8LzwWwDyXa1LKcpA%2BBWaPYx0P8VCAdgK5wWlVQM9CW01L8myOThJSTZJlxOc0mxqI5CwNwWvINPsH8IKPPJcGvfQjjiQevLSY7H6JCeV5YkDEEl9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb5cfec9a4a383a-FRA
expires
Tue, 23 May 2023 14:40:04 GMT
/
partner.o2online.de/a/ Frame 7561
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPb1y_iTif8CFRWJgwcdgqwPEA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023052216400485170561513X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023052216400485170561513X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023052216400485170561513X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 14:40:04 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023052216400485170561513X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023052216400485170561513X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date
Mon, 22 May 2023 14:40:04 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
5FB9B3427737FDA312C6FA4E0849313711F7F26054777D6C81D6202E7D98AE8802F064B73B30A04B546FBF8A548520015DCC69D22E7BF9FF52BC602A1018F899
assets.ad4m.at/logo/ Frame 7561 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5FB9B3427737FDA312C6FA4E0849313711F7F26054777D6C81D6202E7D98AE8802F064B73B30A04B546FBF8A548520015DCC69D22E7BF9FF52BC602A1018F899
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ea5202259a2e4df17bacdd1192cea241274f70679e414bb0c5511c211e8d77

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
802857
cf-polished
origSize=8558, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8550
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:10:18 GMT
server
cloudflare
etag
"5203715d0f55d13af590e9f28d8795eb"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mN4w4Wof08MGeR1bMZOB9mPhKvJExKaTdbjK6xy3cQzzgja9xLMy2nwKfcwXwLRuZ1PA4qCMDWV4uaRoKp1pfiuQ4wTTcpaEj%2Fh9iO3L23sj5vaaLqWpX%2FGlbfhc87GhStsS9uUvI%2Fk9EIXV"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb5cfec9a4c383a-FRA
expires
Tue, 23 May 2023 14:40:04 GMT
F3A53E150EC550CAC02870D02E4D1E9EB78763EE5FA58E7A08D12C5B7640944E57BFC6F75D13CC687394C93320F509D886973C9A0261D848B0A15FD18149EE1B
assets.ad4m.at/product_image/ Frame 7561 		363 KB
364 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F3A53E150EC550CAC02870D02E4D1E9EB78763EE5FA58E7A08D12C5B7640944E57BFC6F75D13CC687394C93320F509D886973C9A0261D848B0A15FD18149EE1B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
818eef554e5ff296db4a7e4c63631e6fc2c59dbc8c704392fe226d4eabba8879

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
272762
cf-polished
origFmt=png, origSize=687738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
371318
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Feb 2023 10:02:07 GMT
server
cloudflare
etag
"feadad16829babe54a6f0f27bb4d89f9"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4cvfpFdCGOuvXseoNHQczKmKqj%2B54Ex2rttDkt1cGszuxT9Vf5BTNH6qRF8v9xRMi7LrSgkQxjBCCfQNPkkKvDzXannTvM%2FGQIp1JSKS3IFgZN9GVR5JOzanWT8qbXHYZOF2xG5oFknO5Qx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb5cfec9a4f383a-FRA
expires
Tue, 23 May 2023 14:40:04 GMT
htlp
htlp.eon.de/ Frame 7561
Redirect Chain
  • https://www.lead-alliance.net/tpv.php?t=112510V1336142131M&subid=oneid41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://htlp.eon.de/htlp?mc=0112012000&clid=2023052216400485170561399X112510V1336142131MSoneid41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://htlp.eon.de/htlp?mc=0112012000&clid=2023052216400485170561399X112510V1336142131MSoneid41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
server
Google Frontend
x-powered-by
Express
vary
Origin
content-type
text/html
x-cloud-trace-context
50c79703c9c247755ca21de11e1dff0b
cache-control
private
access-control-allow-credentials
true
content-length
0
expires
Mon, 22 May 2023 14:40:04 GMT

Redirect headers

location
https://htlp.eon.de/htlp?mc=0112012000&clid=2023052216400485170561399X112510V1336142131MSoneid41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER
date
Mon, 22 May 2023 14:40:04 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
rar
as.ad4m.at/ad/ Frame B110 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
874261e524d8109fdcbd2456c8ef722842956254e9d9cdbae2d9e73a28c7f251
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kmfcv8q5ebbwyvk5shf37qn6kzg6r0rmbdqehcp9qppyvet41c8jz3xgjx4jn7em10eb7t60qrztg8ks55ae21shpzy64ssmsj8xkjqsnsj3ngexgg1h02chwy08rpcvz5j6s5fc6vcc6m01jpmht8rqra07gscpk93r1n2xwg4mf0bg0jvttz7ebe1rm8dzczmgf28q5sqbmwj8jwafay06b73q2c430sbz1xr2vz08my54pn3p5j47q3ga3zdp51k3xzfs9ajvt92n2p978814ck5e80j6qbwsx86m9m32hk7gpmz7jrrrhxvhd3rb7tbnbfp4a8e35wx8fjwpv5c0v8arrj1ytazf22adksas8m352ewg80zrag8fwm1mmnthk5pan6bhq926zf4cn0c2vj5rfrf3c81ek67nwcjgmwpewhb3rp6c7c1rvsy48shfwf58r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%26client%3Dca-pub-3619045887187031%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cb5cfec4c610476-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:04 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame B110 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
1206048
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ez6dPtI%2BlR%2FKqoi7c%2B4%2BJrI7lKO96EYfrGdedDjVQMrdoWms00iWLOquTVCHerUBWfEex9RQWfzEi2W5B%2FpEhgya%2Bqx6V1JGN5MAwhiuDVa99t7RQd1EQLHL%2BzLcgHpDxVqSKqyRCI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cb5cfecbce30476-FRA
expires
Mon, 22 May 2023 15:40:04 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame B110 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2467225
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbl%2F6z%2BmQPNjAp0T9BBhDNxB800xVPjUeX0bylsSSv6tav%2B%2FJxhoIIjDwHq3wJdHbiL8E%2FfloHrCPUzdfl9Fek6gfNgiQrmJqWkCK2k5be8dmeRLHAUmnF5p0Lm411EERa2OVpfIL8SjH4PH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb5cfecbce50476-FRA
expires
Tue, 23 May 2023 14:40:04 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame B110 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2047103
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVXzV%2B%2Bx8HyOxGzc%2BdfTsN7Qmv%2Fp2MqYdviyP3IJVoZEhlKRXEc0p%2BHALkzz5D6uFbKS3SaEczS8fFL4Y%2BeLMhyVZWVWtTRReJYEcEEj5ji%2Bw%2Fw12Ssr2UTMw7mkRJ3tSxxAmgZMc924yhw7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb5cfeced2a0476-FRA
expires
Tue, 23 May 2023 14:40:04 GMT
cshow.php
www.awin1.com/ Frame B110 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.202.60 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-202-60.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:04 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame B110 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336564
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1n2nuzSfNn6l%2BSN2ddbusXrMbC%2BiFpn4JuplWoPeJ6fMrZ1rIfFm%2FsHhPYgUpRTIY9%2FCNlri9u052D8K%2BuNt6R9xldoSKUPjrux06n8TA2KthZkVHPJY2CUG0d7vvqTt6HuygWPucXtfqQ%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb5cfeced2b0476-FRA
expires
Tue, 23 May 2023 14:40:04 GMT
0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame B110 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2562499
cf-polished
qual=85, origFmt=jpeg, origSize=60344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22974
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Mar 2023 22:26:34 GMT
server
cloudflare
etag
"06609266defcd14ec685b2464aeced2e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCipW%2BpDGSNJCDaSfFQtZz1b38BcgbQMO36GoZ4GHqWmbhT4Q4WaikjyevbdVjII3iIX%2BJmZ1lL0cTjbT0JG7YwguTv5R6WT4iQJ92bPHoG%2FKJxzdl2W%2BKnf4xCE8MTcPh4XnluwP98hBbbM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb5cfeced2c0476-FRA
expires
Tue, 23 May 2023 14:40:04 GMT
/
partner.o2online.de/a/ Frame B110
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CL-2z_iTif8CFXLkuwgd6NEPDg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023052216400485170561515X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202305...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023052216400485170561515X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023052216400485170561515X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 14:40:04 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023052216400485170561515X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023052216400485170561515X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
date
Mon, 22 May 2023 14:40:04 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
5FB9B3427737FDA312C6FA4E0849313711F7F26054777D6C81D6202E7D98AE8802F064B73B30A04B546FBF8A548520015DCC69D22E7BF9FF52BC602A1018F899
assets.ad4m.at/logo/ Frame B110 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5FB9B3427737FDA312C6FA4E0849313711F7F26054777D6C81D6202E7D98AE8802F064B73B30A04B546FBF8A548520015DCC69D22E7BF9FF52BC602A1018F899
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ea5202259a2e4df17bacdd1192cea241274f70679e414bb0c5511c211e8d77

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1083599
cf-polished
origSize=8558, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8550
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:10:18 GMT
server
cloudflare
etag
"5203715d0f55d13af590e9f28d8795eb"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEjwxXit%2FJQm2ph0aPaQrSekrWqAPrj8oK%2B1nC%2BbSMYHVnaDXgh6YGWJpNV1VCaPiiluOHRcUNq3TRSuR%2BxEQodXM3k1byPVmPLD3c6yF58ygeUctLrW7QdfAF6%2BbMZS0i7JTF4avAUUPzyK"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb5cfeced2d0476-FRA
expires
Tue, 23 May 2023 14:40:04 GMT
F3A53E150EC550CAC02870D02E4D1E9EB78763EE5FA58E7A08D12C5B7640944E57BFC6F75D13CC687394C93320F509D886973C9A0261D848B0A15FD18149EE1B
assets.ad4m.at/product_image/ Frame B110 		363 KB
363 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F3A53E150EC550CAC02870D02E4D1E9EB78763EE5FA58E7A08D12C5B7640944E57BFC6F75D13CC687394C93320F509D886973C9A0261D848B0A15FD18149EE1B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
818eef554e5ff296db4a7e4c63631e6fc2c59dbc8c704392fe226d4eabba8879

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
267134
cf-polished
origFmt=png, origSize=687738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
371318
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Feb 2023 10:02:07 GMT
server
cloudflare
etag
"feadad16829babe54a6f0f27bb4d89f9"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6UHf0%2BTyV158H13LqUe5ZPtzsElzRQqcfswW4STkSjAbCJsBo5etmF3ptiityRCHzgvK0qahnczcqBFlz0EwA5CDH%2F%2BLZ1s%2FBW37y3PUlpelyJXo9w9vbJb1DfoysrawE4WWkiyXqklrjkD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb5cfeced2e0476-FRA
expires
Tue, 23 May 2023 14:40:04 GMT
htlp
htlp.eon.de/ Frame B110
Redirect Chain
  • https://www.lead-alliance.net/tpv.php?t=112510V1336142131M&subid=oneid41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://htlp.eon.de/htlp?mc=0112012000&clid=2023052216400485170561423X112510V1336142131MSoneid41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://htlp.eon.de/htlp?mc=0112012000&clid=2023052216400485170561423X112510V1336142131MSoneid41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
server
Google Frontend
x-powered-by
Express
vary
Origin
content-type
text/html
x-cloud-trace-context
6a66bc573923e3736bd8ba91fd3c74c3
cache-control
private
access-control-allow-credentials
true
content-length
0
expires
Mon, 22 May 2023 14:40:04 GMT

Redirect headers

location
https://htlp.eon.de/htlp?mc=0112012000&clid=2023052216400485170561423X112510V1336142131MSoneid41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER
date
Mon, 22 May 2023 14:40:04 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame B681 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXmmfw35rZNizJfGs9u8Psd2o0AMAAAAAOAHgBAI&bg=!GxilGEzNAAZ8_aWmXP07ADkAdvg8WkFzc1eGFC_iztAqf1LG1u-kXzUiCHhafEERxAqSxifcTN5EOzVjJcdmNNOzHkQm66mELPQCAAABGlIAAAADaAEHmQLsY81ACzWFyjGSE3mfsKj501x1Nhav09gtkVUJoSPR6vmzrCf_iFD-18Ri15lvetL7KB7lK-xcFAQ1hBhWIQULqdkF_s-lrUvrvTXnTU-enGJRKboJwcdoUDZx0gOdZSSRWpSaJ_csUzCetvGPu6iLp4v8222tP7RB2cKWQ2b1BKYBIFNua1ubNMmopHP53t6ywrtjDlmxl5XrzP0XMIb1s-ebldZJ-AaA0s4prIAE9WTpUqAyGi-Lw-W0WisIJybUec0gxGcEVuWeG3wYFdcf5whSV31VuOyYYAiQwmmnpnb4Ck2WbCllzOY1fRRSF6ZRyodDNWpXHSm4frSjRS5AWxQ861AG1i6iXyluHjZ2A1uClCxeSGkAXA_Qq3P1MeKOPKvfkfugBXAk85ILLAGSLI_Y8H5zcpsTHBnyBiYWH2XiCxyMXWGa5OF5cUM8NcCKqj6kgMpF-mQWuPExlrlS0ONDCxjQ2MERbGPaN5sVkwM5-cTrqZmOB3RdCDa-s2CO1yaMMiGKRK3bTSBPpBNoqdyVaUIlhlSzhOrgwTGT-Qxs8ERQhUL6Cbj3j7PQ1iPNRUQk5FHExf5-e-HaY-HAoVn9K1haHiXoZUT07tWpLU7jq2XdPDBwtZfVnRkFRU9jVUtIBYUe47xDuJ4se6sDYOjMnF7HPnFGRCaf5_S7fm-zffNQq4_ePmebs3FtoUGqbtYlytvQgLmkOzUQmFDlM3gegskmh5T8DVL__uG9X1alar3b8nGMNhlQc_YY5LgnZnkO4esv2ibtmUEdfEkefGUhsAvU1QBgAsDkcg00B355eqx9U0XZvBPG6arWgHDP0H4UaYjhbXLXp-u5DUSFmz37fPMabltnCDhUcu6A5_SjrGDS5leyV4tNPg1x9iHeFRp5oz6zvQK_Xn6GbW2-n0iN_WIPCISW9jzNIgsYOjl9efzOwnzbe5_60pwNdXkVRCqlQ9m17wAcnpny6_LliB2VrfXmNCnBW3jGNg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 54D5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BA6Hlw35rZOePOfSPjuwPi7uviAsAAAAAOAHgBAI&bg=!Li2lLXnNAAZ8_aWmXP07ADkAdvg8WmjUTaE9iLBgKVNoqK30G9ndyhuPrqJJIVZc1FfdneUj-c_8xyoOLu5KsqvXWnv0Xe9QXcYCAAABG1IAAAADaAEHCgCMJ0AGAi_yuOijqqCHu5LLDktTLmltolOtmh0ugG1MFr5hBsGMAocK-o9laufS6B5-PtG_Y6XbU8APnm0EpSVomZQLjnmpp5XcnB1E-ZD3oWTwbgu0XU-bDZPZBnzCVAlNaUvv3ohiITR2gYuA2po8UbEr9_xMved1hMGvGWSey_6iOCNjdVd9XJ6AUcaZAuU5j2ORYmZlDMl5we9sOxKr9k8mammw91jneCHhoNgiR8EsJclLbP53WOPrEkh8CrxaMII9kDd2bhodv3h5A3Saf2tU0vtiizA-1YCQBLGMYcGpmvX7bcN-Ot8PhwW6ulFtrEORwKGVdJZsleVqb_Png-vfYQK8T2YEhyKYj1ic1KnJfaOBtzYiCf9_G4jeYUuTTmyYI8HjWvwuU6nvDWV0jHRTlqQ2mcf2AIwvBzA0FSF3NUwvqyt3ZglXWZtDc8CvjR5XY0d7pu8gRfxRlfBGY8Fc_THrcDB-WieHCJ6mZ5Ep8V_vRkkf4jG-Wz1VPyv1TmFQOOVQJrAcznooxpsKVrGbfwxv1p0D1dNxS_Izi6Xj_PWlws_3_hxfcQZNq5Hfc85epI4WAvQRjlMWeISoQwx7KkvppP9Cz_CavdTDN2zj_kF3KPWYhYiUJQVqdNoSKzlQCzsK5e9zU9UHVo7C264-2qTSwx6r953htsPkl5xZRbltPzJ8rBnhwVZeKYuvR6AG7p9-uvqHGfGRCLDY4siN0RSxo_5wP8ha_dHR8vFQBU7VdRNNzr45Z-R5JSqrHpinPU7vpcEakWwCnc3ewzWVVIuCRjmAByPH0KRNRrEXcNBAp1PtP-yJHOrXeiEXfP2n4eERckP11E3yGZDYQthXZ0D5ENhch08mn9l2aFZAxSlXUEGDvtwXJ48OEs6e6-9KUUWxQbUPjiDSIWlbyn_km5TuDGmLQYVVG2WrWhRv-Rdtxvr9zsiF69QnkQfMKLuL8TKwBKTnQbOaH9xIjwpCZL_uOCxaWBlvkY08PS1B40g4_z5KJftMU8TNDzK7Y1C4NkSY-9oA2-iQyYTiBFJx0UifiGtnJ_TkaUuO0FofGjAhjFt6UCcf-pcvv5RB4-Uwxe2AvisCPkDYomcypM6ZOqoJI0TsxoDQJ8-fATfVgM1SBjw7XvCO2bCch7x891hsHNbK5N_efoha9a9ikrasCK0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 931E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWDQYyZepvFeCvHTio13-wqmwj-9bYt9eq4l17gjZRgq2_gPgtOc_zs5DfeSRIo-OU0-SueXnF00kVCLeC5BClpZ7d&sig=Cg0ArKJSzJz7mwWDM5QiEAE&id=lidar2&mcvt=1001&p=300,1480,900,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2650462719&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684766403332&rpt=495&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 23 May 2023 14:40:04 GMT
syncframe
gum.criteo.com/ Frame 18E4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bandab.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 14:40:04 GMT
server
Kestrel
server-processing-duration-in-ticks
638128
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 23 May 2023 14:40:05 GMT
sid
mug.criteo.com/ Frame 18E4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bandab.com.br&sn=ChromeSyncframe&so=0&topUrl=www.bandab.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=_E_8w3xCVkN4VHR0ODR1L21FM08wdk5TR0szT0V6bkdtenllUHQ2d1h2bDArWkt6UkdTYjBuMVdyZmxrU2MvREthSjI1WEpaM1ZDYXMvTWZjbGRSYytvSngra1hYbjg3NEs2Y3NqZDVqc1YyUEtGNTRkVmJidTdYRVJZc2...
428 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_E_8w3xCVkN4VHR0ODR1L21FM08wdk5TR0szT0V6bkdtenllUHQ2d1h2bDArWkt6UkdTYjBuMVdyZmxrU2MvREthSjI1WEpaM1ZDYXMvTWZjbGRSYytvSngra1hYbjg3NEs2Y3NqZDVqc1YyUEtGNTRkVmJidTdYRVJZc2xXUDlYRDRwVTlabnRyWGpSRDB0aFZrYlY5dXpoRG4xM0pXZVhQT3dNVXZCZHJOa003SXdHZU9CKzEzRjhVaHVVV1hocDNNNitSZFFDazBFbGVvaENIMWdnam5RQk96MmRxazV0SzM5MExreVVtRURoaUVjVnY2d3FmWHV1ZUlOOG1HTjgyVzZsT051dGViNVZmWFE0L2RkRGJDMHdhRFd5VTRiYU15WXFvZG1MZ3dXWUYrbz18&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c2c950ef52766cd59b6ff3d815c79dc1adfb6aa51dfb5eb4fcc06344a37a6750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1326400
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=_E_8w3xCVkN4VHR0ODR1L21FM08wdk5TR0szT0V6bkdtenllUHQ2d1h2bDArWkt6UkdTYjBuMVdyZmxrU2MvREthSjI1WEpaM1ZDYXMvTWZjbGRSYytvSngra1hYbjg3NEs2Y3NqZDVqc1YyUEtGNTRkVmJidTdYRVJZc2xXUDlYRDRwVTlabnRyWGpSRDB0aFZrYlY5dXpoRG4xM0pXZVhQT3dNVXZCZHJOa003SXdHZU9CKzEzRjhVaHVVV1hocDNNNitSZFFDazBFbGVvaENIMWdnam5RQk96MmRxazV0SzM5MExreVVtRURoaUVjVnY2d3FmWHV1ZUlOOG1HTjgyVzZsT051dGViNVZmWFE0L2RkRGJDMHdhRFd5VTRiYU15WXFvZG1MZ3dXWUYrbz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
361003
content-length
0
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 07B2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgxE_E5fxa_l84G-YoZsqqpwd_RewDTV2wZhf16WtJ5arF2_dJp2OGM_9_t_68tlmDNH1mB9vhdAqQ6TVX7uGlwL1M&sig=Cg0ArKJSzJg7yz0sDswaEAE&id=lidar2&mcvt=1011&p=366,1195,616,1495&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1765800575&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684766403447&rpt=572&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305150101&jk=2270490427165444&bg=!dXaldiLNAAZ8_aWmXP07ADkAdvg8WjhM4ucD1SYnyGXkl7dS1DyUzDYWjRrj-_yip3eIfF2ZotyCldpB1Mm6JLUikYJc92BGS2ECAAABGlIAAAAEaAEHCgCwN2Lj0lzFD87JFwdksVWSZJOGANf1UWXgr57b9JWtbFqM-AMxIQG2ch7Eg9RVJ3Rqilwe1Ec6SDaQr3eMRgaO39Xi3R0zIMuCeYOTuaRPeJMrDxv-Mft_R7XdFxkPnmocD7nUWKtUaeycGixJRiv0QysnT-g1JMcEvzsTcbaTWfBrhWrdyFpUqh9rqOMHhvLAKeaSjnMvpYcaSs9UDe4WTGTdwTnEVoraSP4oTi3seiGZAqVdnb5K9JSgd3zQ4KJeQMwS8NuYkC9Zh2fKc_dUSzYGlf4e-1Ndu593Cc3mB7PbJG5Sy9w1GIXaMnC0imf-xrXg_n6QGqEtBsJ-nlCh8KrCnnOcq3y_s1sWMIL6oeyp3yewP1og8YATToTLVMK320KvPLvVD_ygDXGbowTt_2SMmS7EnylmlpuCGw-Q1RBem2dAm2Epju38wDOQuAnLWxi-6GZgRs2gEQGex66imrXk0mDkkvz3g9d58xqr-eVWV_KkNl_WRCf9qZLjz0H7i1lrcmfqyjYGU_hpX-HwG7WOz1ohIQrH5OUnURu-DjRDXX-a30ILQKNAihzYYbf_KRoDsMy7Cs3E1Wk77-lso8QQb3sfUpAXf6i4hcrQWlR1aNd9ZcuNOmUuQ4MCJ-nrDZWYU3i_NrKEx8pYyFgwyDigHagfAwjRrZB6X6aRPo0QaiyJO1Cf-DfYm4f0C8eWI1qKsxzs1x2VcocezKGdURX_J-v9kCb7Yy5qESoX9xBK07hoqZulWbomdW8tNbyZou70LEG2KP8mEF2CTe2HvHqpS_G03P8QqN0Wjxe6RI4YQOnRyFzPjzSMIyyXxeMPNpIPSulLS3F1WfqJ5MBQCaOjE7gwoBFieOjwJ-Z9A4XwIr3xlNBq6AMmEtKK3gLFrlWSanzEfj8k9iYoB7BhVfj1KpMoP-y_IvB-DQ3smwJOcReTDzjX3DYxqteRGvd5uyh38hXqKFmgBRpB0Uh-4Y9S_TWxy-W9EvtrrPsNDu-Gy8m-6oXQNM__eJB3OT34E-So32Z-6Dj2oXEb9IHj3irru9mDxBsveuljL98XYL9mdiBAj2Oczb4wOv-c-6dclONWYM8OEXZWRi74FdITbeJUCxzPURYg7v3aFTMJWSd1QsZFVHEemA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 6EDA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssN_fC27H77KeTqbZVcxNaeL1CWQXQFVWsyqolS4EIJ9O7gSnxuHtUZbuDYQ8T_mt04Wm3dkAWAdv9OyMFDcbORsZm46cH5reTUEE1idp5vtd2hGpfy_xiE3Qo60I9sot9EC13AgQ&sai=AMfl-YS2UyNUvbEQ2TkHzSI5UwLIOI25aeANNUvV8oYUeRo-HYwGYw6f9PhPjtFAJJbR7E0-3GFYo3-8cjWZYVxEtvo-MUvw3G0-6dJnq_aFY6ccI3ull2CS-brpfo0&sig=Cg0ArKJSzGFsBM0NNF3PEAE&cid=CAQSOwBygQiDk16MvISuWxTN2p9heARYJj0QNt1JuZtPrdA8Uegr7Bm_yZcp18lgrkbzsP8f70NwXco5pmGXGAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2933335047&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684766403275&rpt=801&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.js
s0.2mdn.net/sadbundle/6227621190088989798/ Frame 8C26 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6227621190088989798/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6227621190088989798/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
974132eaf5911226932a23788fda26253aea5c2ef13abc16e41f016a2c3f0752
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6227621190088989798/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:29:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25824
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12578
x-xss-protection
0
last-modified
Fri, 05 May 2023 13:01:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 May 2024 07:29:41 GMT
index_atlas_P_1.png
s0.2mdn.net/sadbundle/6227621190088989798/images/ Frame 8C26 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6227621190088989798/images/index_atlas_P_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35ea259050268dc8f2f96aa1ebaee347fce2f5188bc825a30d53e8369779707a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6227621190088989798/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:29:48 GMT
x-content-type-options
nosniff
age
25817
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62915
x-xss-protection
0
last-modified
Fri, 05 May 2023 13:01:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 May 2024 07:29:48 GMT
api.gif
tags.denakop.com/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10617&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&t=1684766405292&cb=0.8076856015924823&aa=under
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:05 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
7cb5cff11b2a2c52-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 064E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZalT8CXc6TDx0JDEZmJdZlSRU83iFOJoMTwJ47t-266thqjPaZE2r4yr2OS0CBTnw2UTom8_gbniW2S13tQnQNLSKsrxFctOIC2NiEvgLGtCx0EsG7bh7qpgazpIyFzsvrnqpjQ&sai=AMfl-YTqi3OcpgavYn_qDpnfpUZLuLJzuT1rF-H0saEy16mbhywwAskDz97DJwDSu4F6H67JO_qdsZs1FvTf6L6mXDnYIV2ofar1y9f6C7dF-udLegJ9WcJHT-CSN0Y&sig=Cg0ArKJSzPVudo_GGKhJEAE&cid=CAQSOwBygQiD91hujS2L4NN6l4KO2zD8MRfHaBGRZwQBHj0W6pt-TU_Axp9omjFmTE2abI1ucsD9LoZIkMQfGAE&id=lidar2&mcvt=1000&p=1060,1195,1310,1495&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=0.56&if=1&vu=1&app=0&itpl=20&adk=3194573437&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684766403436&rpt=830&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EDA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9786932653159&version=m202301230201&ct=76&x=1&cor=12188449494175971000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.gif
tags.denakop.com/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10617&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&t=1684766405326&cb=0.3919407035148259&aa=intext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:05 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
7cb5cff15b6b2c52-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
tags.denakop.com/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10617&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&t=1684766405344&cb=0.5633312736834826&aa=side
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:05 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
7cb5cff16b832c52-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
index.js
s0.2mdn.net/sadbundle/10980965880029082187/ Frame 23CA 		74 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10980965880029082187/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10980965880029082187/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2510e20fc9f85b1557c7bdd5174e1282f4b2a6a5a1992785c6539b77434b56b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10980965880029082187/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:30:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25774
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14772
x-xss-protection
0
last-modified
Fri, 05 May 2023 13:01:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 May 2024 07:30:31 GMT
index_atlas_P_1.png
s0.2mdn.net/sadbundle/10980965880029082187/images/ Frame 23CA 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10980965880029082187/images/index_atlas_P_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
accdd64f7c9861dd84466451f51453ad9acc5ae1036e84db35156a58e41fbf99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10980965880029082187/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:30:31 GMT
x-content-type-options
nosniff
age
25774
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80470
x-xss-protection
0
last-modified
Fri, 05 May 2023 13:01:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 May 2024 07:30:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5351877245125&version=m202301230201&ct=76&x=1&cor=8997772101050812000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ 		2 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bandab.com.br%2F&domain=www.bandab.com.br&cw=1&pbt=1&lsw=1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
256027
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bandab.com.br%2F&domain=www.bandab.com.br&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bandab.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 22 May 2023 14:40:06 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
297247
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 86FE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
29853
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 22 May 2023 14:40:06 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 May 2023 06:21:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
4303, 215965
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230117-FRA
X-Timer
S1684766406.259009,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 720C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 14:40:06 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6D03 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
29853
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 22 May 2023 14:40:06 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 May 2023 06:21:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
4303, 215966
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230117-FRA
X-Timer
S1684766406.259548,VS0,VE0
/
csync.smilewanted.com/ Frame 1FAE 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42869601ae87a83476b74dbfb615c3acde329931afc04beea4bd387f3703c7e

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cb5cff70a0c9be9-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 14:40:06 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 86FE 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:06 GMT
AN-X-Request-Uuid
e485880b-eb23-4d94-aa9e-85ecfc17e9e1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6D03 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:06 GMT
AN-X-Request-Uuid
f27dd4cc-ed3a-4824-9284-cb5fc04427d3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 720C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 14:40:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 02:03:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40935
Connection
keep-alive
Content-Length
10085
Expires
Tue, 23 May 2023 02:02:21 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 1FAE 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
285671
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7cb5cff78b0b9be9-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 9283 		0
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cb5cff7cb609be9-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 14:40:06 GMT
server
cloudflare
vary
Accept-Encoding
GsEQuGZHbNnVuB61SYeKo7od
csync.smilewanted.com/set_partner_userid_get/sovrn/ Frame 71E8
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/GsEQuGZHbNnVuB61SYeKo7od
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/sovrn/GsEQuGZHbNnVuB61SYeKo7od
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cb5cff7eb849be9-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 14:40:06 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 22 May 2023 14:40:06 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/sovrn/GsEQuGZHbNnVuB61SYeKo7od
X-Sovrn-Pod
ad_ap6ams1
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame DA56
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Mon, 22 May 2023 14:40:05 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 14:40:05 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
pixel
cm.g.doubleclick.net/ Frame 720C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhZWUVaWjYtMjAtQ1k2Rw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF71Ormx_bAJ4C6KZbrT-Fw&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZWUVaWjYtMjAtQ1k2Rw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZWUVaWjYtMjAtQ1k2Rw==&google_push=
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZWUVaWjYtMjAtQ1k2Rw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 720C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGUj9bm9TkD735uWeG_j6Yw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGUj9bm9TkD735uWeG_j6Yw&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGUj9bm9TkD735uWeG_j6Yw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3266xunIngTpAVtjq7cPCcn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 720C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3266xunIngTpAVtjq7cPCcn5EUdSAgOZEtemQ7w0kco?csrc=
0
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/rubicon/3266xunIngTpAVtjq7cPCcn5EUdSAgOZEtemQ7w0kco?csrc=
Protocol
H2
Server
2a05:d018:d29:3602:d660:350f:5ea6:8858 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-length
0

Redirect headers

Location
https://pr-bh.ybp.yahoo.com/sync/rubicon/3266xunIngTpAVtjq7cPCcn5EUdSAgOZEtemQ7w0kco?csrc=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 720C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 14:40:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 720C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HuJ5LBIORomx8WJYMEyK_g&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HuJ5LBIORomx8WJYMEyK_g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HuJ5LBIORomx8WJYMEyK_g
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:07 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N4Z6RD6RXM7K6H6X1PB0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HuJ5LBIORomx8WJYMEyK_g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 720C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWZjNzczNjdkZGQ2YTQyMmQ0MGFhMGYwMjBjZDhiY2RlYmFjM2FmZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWZjNzczNjdkZGQ2YTQyMmQ0MGFhMGYwMjBjZDhiY2RlYmFjM2FmZg
Protocol
H3
Server
142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWZjNzczNjdkZGQ2YTQyMmQ0MGFhMGYwMjBjZDhiY2RlYmFjM2FmZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 720C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=g912nRGnQFukwsQheX_MoA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=g912nRGnQFukwsQheX_MoA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=g912nRGnQFukwsQheX_MoA
Protocol
HTTP/1.1
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V86TDPKYMQRFGXAWAVVC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=g912nRGnQFukwsQheX_MoA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 720C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHYYEZZ6-20-CY6G
0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHYYEZZ6-20-CY6G
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:06 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 48FAF4BCD2464248B22D63A4E37C3504 Ref B: FRAEDGE1520 Ref C: 2023-05-22T14:40:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8ST8xMXOuPS2PTaCmxA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHYYEZZ6-20-CY6G
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
RX-311a44fe-ba3a-4f1e-ba7c-432e5911f1d3-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 384A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1684766406504
  • https://ad.turn.com/r/cs?pid=45&rndcb=768000748
  • https://sync.1rx.io/usersync/turn/3954291611569019833?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-311a44fe-ba3a-4f1e-ba7c-432e5911f1d3-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-311a44fe-ba3a-4f1e-ba7c-432...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-311a44fe-ba3a-4f1e-ba7c-432e5911f1d3-003
0
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-311a44fe-ba3a-4f1e-ba7c-432e5911f1d3-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cb5cffcea729be9-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 14:40:07 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Mon, 22 May 2023 14:40:07 GMT
etag
RX311a44feba3a4f1eba7c432e5911f1d3003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-311a44fe-ba3a-4f1e-ba7c-432e5911f1d3-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
9e46add6-3d2f-528e-a77b-a97fc310d7b9
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame D215
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/9e46add6-3d2f-528e-a77b-a97fc310d7b9
0
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/9e46add6-3d2f-528e-a77b-a97fc310d7b9
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cb5cffa3e929be9-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 14:40:06 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/9e46add6-3d2f-528e-a77b-a97fc310d7b9
smwt256.gif
us.ck-ie.com/ Frame FB68 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 22 May 2023 14:40:06 GMT
Server
nginx
2372839099368657357
csync.smilewanted.com/set_partner_userid_get/adform/ Frame F1C9
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/2372839099368657357
0
386 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/2372839099368657357
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cb5cff9fe379be9-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 14:40:06 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 22 May 2023 14:40:06 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/2372839099368657357
server
nginx
6b21f225c1819795ab8a174c443b7
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 8EB4
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/6b21f225c1819795ab8a174c443b7?gdpr_consent=&gdpr=0
0
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/6b21f225c1819795ab8a174c443b7?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cb5cffaaf0a9be9-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 14:40:06 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 22 May 2023 14:40:06 GMT
Expires
Mon, 22 May 2023 14:40:06 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/6b21f225c1819795ab8a174c443b7?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1684766406793000-388
v1
match.sharethrough.com/universal/ Frame 5232 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.58.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-58-251.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 22 May 2023 14:40:06 GMT
smw888.gif
us.ck-ie.com/ Frame 6167 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 22 May 2023 14:40:06 GMT
Server
nginx
K29h69j8H797NC73kbbw
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 4EBC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/K29h69j8H797NC73kbbw?pi=smilewanted&tc=1
0
708 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/K29h69j8H797NC73kbbw?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cb5cffb1fa39be9-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 14:40:06 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 22 May 2023 14:40:06 GMT Mon, 22 May 2023 14:40:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/K29h69j8H797NC73kbbw?pi=smilewanted&tc=1
pragma
no-cache
46575
tag.navdmp.com/u/ 		497 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/46575
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 06 Apr 2023 18:41:30 GMT
server
cloudflare
etag
W/"642f125a-1f1"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7cb5cffcafdf8ffa-FRA
expires
Mon, 22 May 2023 15:40:07 GMT
0789-2521-01.js
t.seedtag.com/t/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/t/0789-2521-01.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f326cb3e-4302-4f7b-ac75-0b31153d0c59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.132.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea1b0f6faa91df6b0dd1a848645639500cdfdddf674f16f55d2b35543f0ddbeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
41
etag
W/"ae35-YawpaqtSxMMf1drKc9IV++aTHaI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1200
cf-ray
7cb5cffceb441e57-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 22 May 2023 15:00:07 GMT
st_1.5a8838d5fceb5581cbc3.js
t.seedtag.com/c/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_1.5a8838d5fceb5581cbc3.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/0789-2521-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.132.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dc37c7bc8375064defb49b1b7dab942097a1819c50c3c5e7dc1d8a38520c1bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
22997
x-guploader-uploadid
ADPycdvo5q6hvMU0O_0OsdPOxi5LQmlehdl3ESJUjn8wxlbnYJ9Vkrw0VPBTuKw0xNdRWaRqHgZkZQjk8cWeVY0dFTMDfMib6VR0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 22 May 2023 08:16:41 GMT
server
cloudflare
etag
W/"4b896b3366524ff127c93cfd4d038610"
vary
Accept-Encoding
x-goog-generation
1684743401511229
content-type
application/javascript
x-goog-hash
crc32c=0/RWxw==, md5=S4lrM2ZST/EnyTz9TQOGEA==
cache-control
public, max-age=5356800
x-goog-stored-content-length
17592
cf-ray
7cb5cffd2ba01e57-FRA
expires
Sun, 23 Jul 2023 14:40:07 GMT
st_0.49f6bbbd1a3fb1b6ddcc.js
t.seedtag.com/c/ 		298 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_0.49f6bbbd1a3fb1b6ddcc.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/0789-2521-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.132.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50f6363225c1d9d7377ba5dd0810df323328398e97c5cf849c16d43623dd725e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
22997
x-guploader-uploadid
ADPycdvP0-y_RsWjCZUiW5XeQI4YDA26gl9BvCxrzOmuhe3rXF_eaiJ9UtezjADYw9NS_mcmC1OfL0zb70-3PCW6-sNuM5h_iA79
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 22 May 2023 08:16:41 GMT
server
cloudflare
etag
W/"ecd3a87d92354aa5e132d4ded0346f66"
vary
Accept-Encoding
x-goog-generation
1684743401333106
content-type
application/javascript
x-goog-hash
crc32c=yiuAWQ==, md5=7NOofZI1SqXhMtTe0DRvZg==
cache-control
public, max-age=5356800
x-goog-stored-content-length
85211
cf-ray
7cb5cffd2ba11e57-FRA
expires
Sun, 23 Jul 2023 14:40:07 GMT
st_2.836ef3530aceebaa98fd.js
t.seedtag.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_2.836ef3530aceebaa98fd.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/0789-2521-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.132.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90001592ce84626f9571fde45e9e52b9d413d3dad787049a6fe759ef2e55a8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
22997
x-guploader-uploadid
ADPycdtxQoxnIjgJ7R1YkOqAH6dk97HVuAQFhLMbtWY2s3ZiJJlKfasxgmqEqzE_iwekHDuHxMLO60xir5SYA0P1T-0T7u69QVlY
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 22 May 2023 08:16:41 GMT
server
cloudflare
etag
W/"eb4f37a08183eff67030c38e01af18bc"
vary
Accept-Encoding
x-goog-generation
1684743401505869
content-type
application/javascript
x-goog-hash
crc32c=HwcW0Q==, md5=6083oIGD7/ZwMMOOAa8YvA==
cache-control
public, max-age=5356800
x-goog-stored-content-length
1845
cf-ray
7cb5cffd2ba21e57-FRA
expires
Sun, 23 Jul 2023 14:40:07 GMT
st_3.564f4b0dd297c9c557e5.js
t.seedtag.com/c/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_3.564f4b0dd297c9c557e5.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/0789-2521-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.132.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fe7da2f9f9fe8a06bf51e4ebf4da8f4255417298e1a681c7c5260a68f91a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
22997
x-guploader-uploadid
ADPycdteHXO3FOwNkPMoLKREuDHaDdvSU3rBuxBa7_u3JKbBzT74X32fWH5QfpuOMNOKdY2evl_W2sHcarNlbxgNlnX7-uek1RFI
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 22 May 2023 08:16:41 GMT
server
cloudflare
etag
W/"632d8b1e4ff70b87d04623c16441986b"
vary
Accept-Encoding
x-goog-generation
1684743401537623
content-type
application/javascript
x-goog-hash
crc32c=agGXDA==, md5=Yy2LHk/3C4fQRiPBZEGYaw==
cache-control
public, max-age=5356800
x-goog-stored-content-length
2624
cf-ray
7cb5cffd2ba31e57-FRA
expires
Sun, 23 Jul 2023 14:40:07 GMT
st_4.69c2be29e8a047b8a26f.js
t.seedtag.com/c/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_4.69c2be29e8a047b8a26f.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/0789-2521-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.132.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6318ac32978fb62e78ba3d8214aa2834cfb84a51c6e052494313097de049b75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
22997
x-guploader-uploadid
ADPycduAC4hv9v9OPsjET1aYqszUPyYQe_GuYtslCCr4_RMYF3S_dSA7tJyAIxKnULD6cmrHR-CUn1heRMmG7Szdmrr51A
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 22 May 2023 08:16:42 GMT
server
cloudflare
etag
W/"bc1fcf7c7c007f01d2c82cf32ed32900"
vary
Accept-Encoding
x-goog-generation
1684743402067369
content-type
application/javascript
x-goog-hash
crc32c=d/SIbg==, md5=vB/PfHwAfwHSyCzzLtMpAA==
cache-control
public, max-age=5356800
x-goog-stored-content-length
11434
cf-ray
7cb5cffd2ba41e57-FRA
expires
Sun, 23 Jul 2023 14:40:07 GMT
async_usersync
ib.adnxs.com/ Frame 86FE 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:07 GMT
AN-X-Request-Uuid
49702206-e376-4622-975e-1eefac14b1c4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pv
s.seedtag.com/c/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/pv?token=0789-2521-01&device=desktop&fullUrl=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&cache=1684766407309&v=-&ft=true
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.49f6bbbd1a3fb1b6ddcc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e9dcb874a819c0e00d358431229ea84f704a98b01db9eba00962d0de70994f92

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
content-encoding
gzip
via
1.1 google
server
openresty
etag
W/"8a5-RXWcLzuVjM2pX5N2TnuuTN2XvIw"
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bandab.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame 6D03 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:07 GMT
AN-X-Request-Uuid
8685255c-9312-40e6-af7f-a7877fe5381c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usr
usr.navdmp.com/ 		1 KB
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61e29c8ff88cbfcd85161e1087ce04c3ca92ba9ee5c031fae9b986d4fc57a446

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
public
date
Mon, 22 May 2023 14:40:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
7cb5cffdc9ba8ffa-FRA
expires
Mon, 22 May 2023 15:40:07 GMT
quant.js
secure.quantserve.com/ Frame 19C5 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.49f6bbbd1a3fb1b6ddcc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 29 May 2023 14:40:07 GMT
t3m.js
tags.t.tailtarget.com/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-12765-5/CT-1068
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.49f6bbbd1a3fb1b6ddcc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:16:11 GMT
content-encoding
gzip
via
1.1 google
age
5036
x-guploader-uploadid
ADPycdvVxAG-oOZnW3_rUqMNmyQZnW_8MGe3BpFTfq5enoiiauARCRzhFQr3nLvBROHQYpXOKaBGtnuMr_78PPpMIhqq0X8jFqme
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7679
last-modified
Thu, 17 Mar 2022 15:35:15 GMT
server
nginx/1.8.1
etag
"ad2f9abb7bbec08e62cf17d0cc7d9125"
vary
Accept-Encoding
x-goog-generation
1647531315191220
x-goog-hash
md5=rS+au3u+wI5izxfQzH2RJQ==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
7679
accept-ranges
bytes
expires
Mon, 22 May 2023 15:16:11 GMT
p
sb.scorecardresearch.com/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=26817122&c3=$accountId&c7=$currentUrl&c9=$referrerUrl&cv=2.0&cj=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
jsZapg03zUfy5i2Thv6uwBfs2EFHdTUtZhQj0WtRR-XYMgKR0AdDfQ==
rules-p-PFW5FesqXn206.js
rules.quantcount.com/ Frame 19C5 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:15:16 GMT
content-encoding
gzip
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1492
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:36:52 GMT
server
AmazonS3
etag
W/"a521a7bf6d17b50bc9827eaad4be8ecc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
flr_jdXmdxxVzJzzQs53SDVcv79SQ6XZzl2G4F-3ogKmP8ospH_N9w==
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:31:05 GMT
content-encoding
gzip
age
14942
x-guploader-uploadid
ADPycdshFoBjAaBByFAR7vmbVk_6pwqL6EuugL6s9W4ecdUr6twcHHq5fQnVii8VOiBnerBu0ON4qmgxOt4GFrPnKcS7nA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6114
last-modified
Mon, 19 Sep 2022 18:20:35 GMT
server
UploadServer
etag
"1f6a2c178b385e908b632664e93aed26"
x-goog-hash
crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
x-goog-generation
1663611635525811
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
expires
Tue, 23 May 2023 10:31:05 GMT
pixel;r=765326365;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F;ref=https%3A%2F%2Fwww.bandab.com...
pixel.quantserve.com/ Frame 19C5 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=765326365;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F;ref=https%3A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F;uht=2;fpan=1;fpa=P0-1718586219-1684766407399;pbc=;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=bandab.com.br;dst=0;et=1684766407462;tzo=0;ogl=;ses=ac7d2ff3-ff68-4066-8010-dec3dc5bba28;mdl=
Requested by
Host: www.bandab.com.br
URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:07 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 17:02:10 GMT
content-encoding
gzip
age
77877
x-guploader-uploadid
ADPycduMaC2y3CRoaehnkF5QwGcs_vGRoCShJAlXT5oQmYFxY1SJoi7L2Bbi4TCwdyOgMS8z6c8Hhjzh5kPf4WPiB_QVWR5LDyiP
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8332
last-modified
Mon, 19 Sep 2022 18:20:35 GMT
server
UploadServer
etag
"e3068e8113c8f02d9b9a31f913c7a062"
x-goog-hash
crc32c=mUroJg==, md5=4waOgRPI8C2bmjH5E8egYg==
x-goog-generation
1663611635449519
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
expires
Mon, 22 May 2023 17:02:10 GMT
req
cdn.navdmp.com/ 		6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&id=12bd4024a7c9c6085c6dc4848c10%7C0&acc=46575&tit=Vizinhos%2520escutam%2520gritos%2520de%2520%2527socorro%2527%2520e%2520encontram%2520mulher%2520trans%2520morta%2520a%2520facadas%2520dentro%2520de%2520casa%2520em%2520Colombo%2520-%2520Banda%2520B&url=https%253A%2F%2Fwww.bandab.com.br%2Fseguranca%2Fmulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo%2F&upd=1&new=1&h1=Vizinhos%2520escutam%2520gritos%2520de%2520%25u2018socorro%25u2019%2520e%2520encontram%2520mulher%2520trans%2520morta%2520a%2520facadas%2520dentro%2520de%2520casa%2520em%2520Colombo
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7cb5cffecab38ffa-FRA
content-length
6
content-type
application/x-javascript
sync
sync.navdmp.com/
Redirect Chain
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=75
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
  • https://sync.navdmp.com/sync?prtid=25&sclid=e2f4f530-c77e-6b64-76af-83044d19f855
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.navdmp.com/sync?prtid=25&sclid=e2f4f530-c77e-6b64-76af-83044d19f855
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7cb5cfff4b5d8ffa-FRA
content-length
6
content-type
application/javascript

Redirect headers

date
Mon, 22 May 2023 14:40:07 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.navdmp.com/sync?prtid=25&sclid=e2f4f530-c77e-6b64-76af-83044d19f855
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
sync.navdmp.com/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D
  • https://sync.navdmp.com/sync?prtid=17&tubid=ZGt_xAAL_C_XQgBL
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.navdmp.com/sync?prtid=17&tubid=ZGt_xAAL_C_XQgBL
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7cb5cffedad28ffa-FRA
content-length
6
content-type
application/javascript

Redirect headers

x-served-by
cache-fra-eddf8230128-FRA
pragma
no-cache
date
Mon, 22 May 2023 14:40:07 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684766407.486454,VS0,VE0
x-cache
HIT
location
https://sync.navdmp.com/sync?prtid=17&tubid=ZGt_xAAL_C_XQgBL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
sync.navdmp.com/
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=95&redirectUri=https%3A//sync.navdmp.com/sync%3Fprtid%3D21%26dynid%3D%5Bssb_sync_pid%5D&gdpr=0
  • https://sync.navdmp.com/sync?prtid=21&dynid=1199352214656749734
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.navdmp.com/sync?prtid=21&dynid=1199352214656749734
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7cb5d000fcde8ffa-FRA
content-length
6
content-type
application/javascript

Redirect headers

location
https://sync.navdmp.com/sync?prtid=21&dynid=1199352214656749734
date
Mon, 22 May 2023 14:40:07 GMT
content-length
0
sync
sync.navdmp.com/
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=80484508839?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D
  • https://sync.navdmp.com/sync?prtid=38&lotid=
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.navdmp.com/sync?prtid=38&lotid=
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7cb5cfff7b828ffa-FRA
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.navdmp.com/sync?prtid=38&lotid=
cache-control
no-cache
x-server
10.45.1.241
content-length
0
expires
0
31435
tags.bluekai.com/site/ 		62 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/31435?id=80484508839&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 22 May 2023 14:40:07 GMT
content-length
62
content-type
image/gif
cm
trc.taboola.com/sg/navegg/1/ 		43 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/sg/navegg/1/cm
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 22 May 2023 14:40:07 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230098-FRA
server
nginx
x-timer
S1684766408.504747,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ 		0
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=12bd4024a7af03018e281bc82710
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.237.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-237-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by
beacon-n009-dub-prod.krxd.net
date
Mon, 22 May 2023 14:40:07 GMT
cache-control
private, no-cache, no-store
x-request-time
D=44 t=1684766407
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
sync.navdmp.com/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=822&dpuuid=80484508839&redir=https%3A//sync.navdmp.com/sync%3Fid%3D80484508839%26adID%3D%24%7BDD_UUID%7D%26img%3D1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=80484508839&redir=https%3A//sync.navdmp.com/sync%3Fid%3D80484508839%26adID%3D%24%7BDD_UUID%7D%26img%3D1
  • https://sync.navdmp.com/sync?id=80484508839&adID=81395048183915004002131468224158807354&img=1
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?id=80484508839&adID=81395048183915004002131468224158807354&img=1
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
7cb5cffffbfd8ffa-FRA
content-length
43
content-type
image/gif

Redirect headers

DCS
dcs-prod-irl1-2-v048-0be4f5bf0.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Pqt0V204TJ4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.navdmp.com/sync?id=80484508839&adID=81395048183915004002131468224158807354&img=1
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.navdmp.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1
  • https://sync.navdmp.com/sync?appNx=1774523937727536297&img=1
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?appNx=1774523937727536297&img=1
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:08 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
7cb5cffefb048ffa-FRA
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 22 May 2023 14:40:07 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
05e428de-22f9-409c-b02d-d1002b98efb1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.navdmp.com/sync?appNx=1774523937727536297&img=1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=u7695wg&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 14:40:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
Protocol
H2
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:07 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
pragma
no-cache
date
Mon, 22 May 2023 14:40:07 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
u
b.t.tailtarget.com/ 		75 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttq_tt_seedtag
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
6a5c48420053e71e4ed9701b57afc1a35a658e4f5fdee325d4e5e5ce6763292b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
b
b.t.tailtarget.com/ 		134 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-12765-5&tY=1&tS=3&tU=0100007FC77E6B646D063892021E2F04&tX=b.52&tZ=583137646&env=_ttq_tt_seedtag
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
4739e1e66e9c36872a8994cf517343d9646e01bf44aabbf5b8fb2348d53d8344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:07 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bandab.com.br%2F&domain=www.bandab.com.br&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bandab.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 22 May 2023 14:40:07 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
225039
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bandab.com.br%2F&domain=www.bandab.com.br&cw=1&pbt=1&lsw=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:40:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bandab.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
264978
expires
0
checksync.php
contextual.media.net/ Frame 0739 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b56d3e632dc3daacc20d561f55ad0245a6757b6461e609eed8ec093e7052e7d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8353
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 14:40:07 GMT
expires
Wed, 24 May 2023 14:40:07 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame D7C9 		61 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5133253
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 14:40:07 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
isyn
prebid.a-mo.net/ Frame E2D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 22 May 2023 14:40:06 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
/
onetag-sys.com/usync/ Frame 7137 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1684766402408
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame E70E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
29855
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 22 May 2023 14:40:07 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 May 2023 06:21:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
4303, 215975
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230117-FRA
X-Timer
S1684766408.836330,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 00EA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 14:40:07 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame AC3C 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230421
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bandab.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 22 May 2023 14:40:07 GMT
async_usersync
ib.adnxs.com/ Frame E70E 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:07 GMT
AN-X-Request-Uuid
e3b59bbc-b134-4e92-8134-81884cdff2b5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 00EA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 14:40:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 02:03:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40934
Connection
keep-alive
Content-Length
10085
Expires
Tue, 23 May 2023 02:02:21 GMT
ca
tt-12765-5.seg.t.tailtarget.com/ 		82 B
343 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-12765-5.seg.t.tailtarget.com/ca?tZ=417596814&env=_ttq_tt_seedtag
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
4a03cfe72c2554d8ac41fb877d9a2540cd2c0946c8d96234e14a4751fe82f451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:08 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
__tt.gif
t.tailtarget.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-12765-5&tE=0&tF=&tI=___de_1684766407796_3644888841&tJ=&tU=0100007FC77E6B646D063892021E2F04&tX=b.52&tY=1&tZ=968410222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bandab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:40:08 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
async_usersync
ib.adnxs.com/ Frame E70E 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 14:40:08 GMT
AN-X-Request-Uuid
53f96cd1-b1bd-4133-a57f-e2a61bc866da
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ev
s.seedtag.com/e/ 		0
14 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/e/ev
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.49f6bbbd1a3fb1b6ddcc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bandab.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 14:40:09 GMT
via
1.1 google
server
openresty
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
https://www.bandab.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id.navegg.com
URL
https://id.navegg.com/uid/

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 boolean| credentialless undefined| href boolean| ewww_webp_supported function| check_webp_feature object| Arrive function| ewwwLoadImages function| ewwwWebPInit function| ewwwAttr function| ewwwJSONParserInit function| ewwwWooParseVariations function| ewwwNggParseGalleries function| ewwwNggLoadGalleries function| ewwwNggParseImageList object| tabela_facil_vars function| documentInitOneSignal function| OneSignal object| dataLayer string| o object| a object| b function| Navegg object| naveggReady object| nvg40507 object| eio_lazy_vars object| ias_vars undefined| $ function| jQuery object| Foundation function| IASCallbacks function| IASHistoryExtension function| IASNoneLeftExtension function| IASPagingExtension function| IASSpinnerExtension function| IASTriggerExtension function| SimpleBar object| google_tag_manager object| google_tag_data function| shouldAutoScale function| constrainSrc object| lazySizesConfig object| lazySizes object| googletag object| ggeac object| google_js_reporting_queue string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| denakop object| cookieconsent boolean| mThumbnailScroller object| mc4wp object| __cfBeacon object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| _ppads object| _pbjs object| dkpbjs object| dkpbjsChunk function| onYouTubeIframeAPIReady number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| _pbjsChunk object| mnet object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| positionStyle object| links object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| google_image_requests object| nvg46575 object| _seedtagq object| webpackJsonp1684743295502 function| requestAnimationFrame1 function| cancelAnimationFrame1 boolean| _seedtagLoaded object| _seedtag function| nvgGetSegment function| ltgc object| TTTagManager function| TTTagManagerError object| _ttq_tt_seedtag string| n object| cmds object| _tt_seedtag object| ttcNamespace string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder function| arrive function| unbindArrive function| leave function| unbindLeave

96 Cookies

Domain/Path Name / Value
.navdmp.com/ Name: ac3
Value: 1
.bandab.com.br/ Name: _gid
Value: GA1.3.537390545.1684766402
.bandab.com.br/ Name: _gat_UA-12854420-1
Value: 1
.bandab.com.br/ Name: _gat_UA-66850008-1
Value: 1
.onesignal.com/ Name: __cf_bm
Value: 8a4vWB2OAPlWhB43LZfv0FSGLtMpFWt.RIm1AdWBWPY-1684766402-0-AVtNprGaaEx1zKhcVbV6idvHToqqyDEGAsIy5fQpPQt54u9GG+9la/fjhPP+pmM35CkzSPuG/X/m29R2l8mmPOM=
www.bandab.com.br/ Name: denakop_freq
Value: {}
www.bandab.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bandab.com.br/ Name: _ga_T0B40GWGJG
Value: GS1.1.1684766402.1.0.1684766402.0.0.0
.denakop.com/ Name: uxid
Value: hzR0HomFRZO4Yxeo7xTV1g%2F0
.bandab.com.br/ Name: nvg40507
Value: 12bd4024a79f0dd74891af59f910|0_143
.bandab.com.br/ Name: _ga
Value: GA1.3.148957993.1684766402
.mathtag.com/ Name: uuid
Value: cde7646b-7ec2-4700-a644-d2cfd59057f1
.prebid.a-mo.net/ Name: __amc
Value: 1_1684766402_1684766402
.doubleclick.net/ Name: IDE
Value: AHWqTUlBaSNjQmR0ht6XX5NuX7GsJJ2MMUse0-nUTXoMoxL6bI532cFHJ9bzKTOVnYs
.bandab.com.br/ Name: _fbp
Value: fb.2.1684766402520.1949633117
.rubiconproject.com/ Name: khaos
Value: LHYYEZZ6-20-CY6G
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrXSGxZu4hpGjpcd3HBZZ775PzI6EyVJjkkIUeXzf4l4XuJTzUevTncshbjmU7cfBp/ijrk/rMX6yCI33SoFvfUwxH/js3c4/7QD5U7tEfUTQ==
.bandab.com.br/ Name: __gads
Value: ID=6de6c8570146f0e6:T=1684766402:S=ALNI_MbwOcNKoPf_b2NuY1I4E1w2rfGz2A
.bandab.com.br/ Name: __gpi
Value: UID=00000c19ff2fd95d:T=1684766402:RT=1684766402:S=ALNI_MY8U0Y0a0UMWpMdnJu7TZ_SIS0_Og
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: uuid2
Value: 1774523937727536297
.casalemedia.com/ Name: CMID
Value: ZGt.w9Fr1DMayGvHe.zftQAA
.casalemedia.com/ Name: CMPS
Value: 1107
.casalemedia.com/ Name: CMPRO
Value: 1107
.adfarm1.adition.com/ Name: UserID1
Value: 7236016602310965391
.uuidksinc.net/ Name: jcsuuid
Value: 73PfG7mI0kokceLRXi71
.lijit.com/ Name: ljt_reader
Value: GsEQuGZHbNnVuB61SYeKo7od
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hc%vy?eh!@wnfH8K6pQK`!5=E<*L5>xi_fS?PffnYS4a5_$s76U?+/kPyI@X-F*`B[be*bpRz*qF1`*b`eT*AI3d
.ctnsnet.com/ Name: cid_4707b71c72dd41cabdd6e7b0417ae029
Value: 1
.ctnsnet.com/ Name: gid_CAESECXl2kVpE8ikDyWlKpObL9A
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBMJ-a2QCEJBhX9Oc5PTftcsGU1A7w4wFEv__AP8AAAAAAOANyiMAAMAAgA&S=AQAAAkFFiddYmJBiWT1lh5ptIOc
m.exactag.com/ Name: exactag_new_gk
Value: 6b76558004cf4b669307f668d16b07d2%7C21.07.2023%2014%3A40%3A03
m.exactag.com/ Name: exactag_new_uk
Value: 8765e722e71842e2bf338482d4606609%7C
m.exactag.com/ Name: session_session
Value: adb583a671d54700a3f4495e
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZGt_xAAL_C_XQgBL
.tribalfusion.com/ Name: ANON_ID
Value: avntmItMPmFUTgUpMDGeuHdUFVpKkZa9O1ZbyVPparcbwgvESqt1VcbiJxt6fgvMqYGRRta90rBG3FC4U17DWL7JBA
.blismedia.com/ Name: b
Value: 646B7EC436CB8BC14465ACC9BLIS
.bidswitch.net/ Name: tuuid
Value: 656e5f89-9da3-4ba8-a094-45d443836613
.bidswitch.net/ Name: c
Value: 1684766404
.bidswitch.net/ Name: tuuid_lu
Value: 1684766404
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.7638511156962269776
.adform.net/ Name: uid
Value: 2372839099368657357
ads.avct.cloud/ Name: uuid
Value: ee0e385f-a3c9-4e5c-803f-00ca52479362
.eon.de/ Name: mc
Value: 0112012000_V
.eon.de/ Name: mch
Value: 0112012000_V
.eon.de/ Name: clid
Value: 2023052216400485170561423X112510V1336142131MSoneid41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER
.awin1.com/ Name: AWSESS
Value: 415363:2904924
.awin1.com/ Name: awpv20044
Value: 412871|1684766404|8a5d6d50-f8ae-11ed-b339-2265b7c46fb7
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4NDc2NjQwNHZsZWExZGUyMDIzMDUyMjE2NDAwNDg1MTcwNTYxNTEzWDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWQ5a01hTWZtZnhFMWhLSEJIMnQ3dHJyOVU5U21UenptU3JiQlhvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023052216400485170561513X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4NDc2NjQwNHZsZWExZGUyMDIzMDUyMjE2NDAwNDg1MTcwNTYxNTEzWDExNzY3OVYxMjI2MTMyNzAyT
.criteo.com/ Name: uid
Value: 6327d357-3bdf-47d1-843a-9090e2087f5b
.bandab.com.br/ Name: cto_bundle
Value: wNCxJF9GTGNLTiUyQnhaNm93ZWFDMEswT211RjFRejVDWTBqU1c5MmlEJTJGd0dxOGhibVdINjFkRE9EUEdVMk84dFRGVjZ4Umk4TGE1ZFJJZFh6VmolMkJLd2MyRklnVHB4VnNaU2NZSVRWVDBpRVRJclUyM0FvQzhKNHNQbjNFVkpVRnFLUyUyQlV1NUhSQjFIeWVwZ2tzbEpYZEVvTnV4USUzRCUzRA
.linkedin.com/ Name: bcookie
Value: "v=2&e460e9a6-2c00-4671-8a5d-a829b5238896"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODQ3NjY0MDY7MjswMjFeUOT/dgFtrXDr3kcQRr9cA//4tsDRXFrgm89exVNvrA==
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2885:u=1:x=1:i=1684766406:t=1684852806:v=2:sig=AQHWT9qcMHHJW5Z8QgxVqIeW6PIM_vez"
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 9e46add6-3d2f-528e-a77b-a97fc310d7b9
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZGt-xgALUnD0t37dADM-1pV-EmaDaQ5v_QLZ3Q==
match.sharethrough.com/ Name: AWSALBCORS
Value: I1qnOhRtBakAOsigDSniILElAZPTed2RUdb55R4pyq12VaiiAxkg0iMkZKyxP+Ogl+5XfLuKFnvsuQQLWxePnHV1YFvYIvU3HbIr35C4dbxm1Dn2OypCefG2eDfB
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.creativecdn.com/ Name: u
Value: K29h69j8H797NC73kbbw
.creativecdn.com/ Name: ts
Value: 1684766406
.amazon-adsystem.com/ Name: ad-id
Value: AzPACst_wERopVp7NrXmp14
.turn.com/ Name: uid
Value: 3954291611569019833
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-311a44fe-ba3a-4f1e-ba7c-432e5911f1d3-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-311a44fe-ba3a-4f1e-ba7c-432e5911f1d3-003%22%7D
.smilewanted.com/ Name: sw_user_params_infos
Value: p7c%2BuxJRUGnNoVEGTpJxTINhxwRu0hxT%2FdBmZrNWBx0v30jazNDCvmG9K0msM09GXh3nIU6QbH8Y1gOTmbc%2F0tk5iOfHdowEnjNDv7YkyWglDKPAM%2F8gcwjN92e7EKhHOWeT6%2F08%2B7qLD5iA3ScDwwPb3F1LVTgTL3e8zSacfzpi8Kzcn6%2F5pPnbnJVRwbwNULz3YCS2guhTFCiW90d2qBC7m4%2FugB9w%2Br%2Fra25dkJeaLS0jNkBd97Trzk2eesFANOxcDv2jau5ka612KXGaiEUuzyeFDuhAslOPgYM6Gd5J7FSCXid77cHLBgnyD9pWslPjiNcEPtYP9BxhP03P5028kN3uWEGdfkgfKKMdGGGAW33LxpLgh%2BfGOcR5ydpBBDVhuutNkjNUcC%2F9AFJOGpkTtP61bMjzhUUlYNHV9EEJ%2FyAlEpUs4MJupXFMk9ho
www.bandab.com.br/ Name: tt_c_vmt
Value: 1684766407
www.bandab.com.br/ Name: tt_c_c
Value: direct
www.bandab.com.br/ Name: tt_c_s
Value: direct
www.bandab.com.br/ Name: tt_c_m
Value: direct
.navdmp.com/ Name: nid
Value: 12bd4024a7a6277e159c8b019d10|2|172
.quantserve.com/ Name: mc
Value: 646b7ec7-730f8-1786a-95d75
.bandab.com.br/ Name: nvg46575
Value: 12bd4024a7c9c6085c6dc4848c10|2_143
.bandab.com.br/ Name: __qca
Value: P0-1718586219-1684766407399
www.bandab.com.br/ Name: _ttuu.s
Value: 1684766407486
.sxp.smartclip.net/ Name: uuid
Value: e2f4f530-c77e-6b64-76af-83044d19f855
.sxp.smartclip.net/ Name: psyn
Value: 19499.75
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.krxd.net/ Name: _kuid_
Value: Pkd12Q2V
.demdex.net/ Name: demdex
Value: 81395048183915004002131468224158807354
.dpm.demdex.net/ Name: dpm
Value: 81395048183915004002131468224158807354
.t.tailtarget.com/ Name: u
Value: fwAAAWRrfseSOAZtBC8eAgB=
.t.tailtarget.com/ Name: _ssc
Value: y
www.bandab.com.br/ Name: tt.u
Value: 0100007FC77E6B646D063892021E2F04
.smartadserver.com/ Name: pid
Value: 1199352214656749734
.t.tailtarget.com/ Name: ttbprf
Value: ___de_1684766407796_3644888841
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
www.bandab.com.br/ Name: tt.nprf
Value:
.tt-12765-5.seg.t.tailtarget.com/ Name: ttca
Value: _1684766408
.t.tailtarget.com/ Name: n
Value: 1684766408

10 Console Messages

Source Level URL
Text
other warning URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/(Line 636)
Message:
Unrecognized feature: 'web-share'.
security error URL: https://as.ad4m.at/ad/dr?ed=1hbd9wb3veyxhtd8fymm2qydwf3p4n0xcfst5mevrer8fn03wc4g4qxc81ysxn56z5yj15d59gw64xcnyw8efxnpv4m9fjp8jx0zyd4dfxgphay53hk0qn0xk2pa2cjzjphsfyy8rtkems14s43sy5ecp41yc8fxnrbj7hf63rtweqxd28x7r6xy5d8cjbth5973k8esg3h8faamq272w2xva505kzadygj88bt3vnsppfwk8ksqsvpbtkbdmxqhqps4qj0nbg7b3zen9rhetsvr0s9bwyywvtjdkthv8svvgrd1qhgpjb973rpb4sqpnssbbmfk26ydhpksbeeb8z0znpgx01hmbg8dc2h05zjb5a5epf1t7t1kqrpjp61z40nqe27dt6bhgbk82vcjdbdycdt15sftbxcywktmexme837mfaqvg0qrws78sbsjtk7bkh6asr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%26client%3Dca-pub-8170966538152543%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1kmfcv8q5ebbwyvk5shf37qn6kzg6r0rmbdqehcp9qppyvet41c8jz3xgjx4jn7em10eb7t60qrztg8ks55ae21shpzy64ssmsj8xkjqsnsj3ngexgg1h02chwy08rpcvz5j6s5fc6vcc6m01jpmht8rqra07gscpk93r1n2xwg4mf0bg0jvttz7ebe1rm8dzczmgf28q5sqbmwj8jwafay06b73q2c430sbz1xr2vz08my54pn3p5j47q3ga3zdp51k3xzfs9ajvt92n2p978814ck5e80j6qbwsx86m9m32hk7gpmz7jrrrhxvhd3rb7tbnbfp4a8e35wx8fjwpv5c0v8arrj1ytazf22adksas8m352ewg80zrag8fwm1mmnthk5pan6bhq926zf4cn0c2vj5rfrf3c81ek67nwcjgmwpewhb3rp6c7c1rvsy48shfwf58r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%26client%3Dca-pub-3619045887187031%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=120&d=600&e=&g=9b6825c7ca73964cd29e1c1fb2016dc9%2F10983423156746747750&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvnkpww84ydn2sfw3bshn2svxyepm4cgp76wssck016nap1js3ht406rynss9nj3q17jk1gct8d37hw2gva5f1swvwa08jt13dcmncf4zf8mspbqea597hr8ka3w5wfppfap43wbbxnaak86es6x8g78wamycwrm2t25m3hyj203q8mxrp9zvsvn1p9k8q2b7eebz7m3j6nekst7dv041609qb4eq11kj1q4xvq8h2nr77meqwppnngqrx4g0q6gp1fvgnn7zskw7pmk5hwq2zs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMKK9wn5rZNXxN4mSrAT--6uADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDPIAQmpAnSeHjg1I7I-4AIAqAMBqgTgAk_QtAbzi3ylSWA7XR76vD6FzWWKPWdXPIGZC-wyfKhbWDcYHeN5Df_hM_Po8tF_USW8iMKoPKdyuPnDtmGGrZMR3jPq0yZ3nI0DGGD21NxR8KIoV5YLF_Ei1Fgk_p1UPSot-uzluREm0rcmEe3TEvui8VYa91lcPnvSXkTmJoMwb5pMd2vDvAVgaRTZ-n1FC7tsns0vIMw3_yyUKXtkWmxAO-0jAK51PNjWrxj-2VQfk7G3S7sqIo5OXfubJNbV1RBdYgO_6OgDn-4wD0QequQiXg447vBBQwhqiYa42h4xYHXs6TliBSktIFYaXmqzlOaADlANhSlRhH8MNfGsLbwbmr1AnLDw4a3ZPPzWIeyXPavM-MG8E3A6d7VX1qnmbhcK_um0pvqC3V80d8_u6V1ni7laXNRq9eCaMlLORZ9tW1Dy96irB3AQLg6iB75du-IU0D8EXRawrqNn--Bv1FLgBAGABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_05jzWIjBt49u4EfNtBNo65imB-sg%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C165225&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C41BtEf5fAj9ZHGH9HdtAt8wWUbSpT773f31Vw&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CrkDaQf9f3EPpfAH7HjtJCmYzSYS8TggAuek4P&c=300&d=250&e=&g=53c361b0f865164ce8b9d73096b8e681%2F17802217808286078745&i=29981%2C20774%2C20194&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684766404488&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h60p50jcjch97p035c5jtyjyqn0dk9847a7dtyd5wmtqz4fjagbmyqbe2n2cntzbv6bgrddy2dev0ac8j50vnqw2w8tevzv1w005h113pyd1gwfj6bafgg6kvjrprpkd5a8wtp7dj39gxdb74ac2mk8s9npx4yw6d8d0gps03vv2w5sgr8mvq0wmcchgs28yvs7xjngr81mmncz30cmhb1k94g3aas6qcc57fsf1jfc8e74p2tbmq5a2wc82wm4dx86vhwtfssrp4cpbtxtw72p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5LH8w35rZLs0l_zeA5DBoDCQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjE5MDQ1ODg3MTg3MDMxyAEJqQKZpD--OCayPuACAKgDAaoE1gJP0AI-U-px4m2G7i-QAVoOhQRX0Mh8_N80FwNLP4-uodoKCNqcxMUT4CG41MjfuJm1HUb5Ph7RTzpzH509lr_IIm0hAPvrkpnrPzYgUmrV9VDT1c_MwAE5AaI-t8eZHcpolgca_cHmagJg6jetL3KnNKNAhY29v47Q2lXXTge_4-jYiYBXhOgZcP6gPz3g6e8uFCGha1cYr1urHKA-cP4oqfW9_-Vp_k5GzuwM5K9ZzB0c6dUjtgCTmhLcgSgr7UxTNrjXDsoo8MD-d5XTrTHRp1fX4oXPdELiRslpboMXkVhqQ6RUMHkQQximZHZ7ijp1K_Vyvoi7tSAIgrYcvohBa_OJ7lskH7L-hk8hN61Pyk0oecMnHbFYhZHN2Oumwfhnsx7dYR6snS64rQghs54o_74rd6pPtS9vs7GFaiiaMlxn6gHv-_gyrQ8-vscgIeWRZeADYoXgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02MTE0MzgxNzQyMDc3MDU0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1kbhxzmYSPyzxFnUlo3CV01U2Tqw%2526client%253Dca-pub-3619045887187031%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.bandab.com.br/seguranca/mulher-trans-e-morta-a-facadas-dentro-de-casa-em-colombo/
Message:
Refused to execute script from 'https://tags.bluekai.com/site/31435?id=80484508839&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4b9e62c724e311b012e9b3edc21c85a0.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.sxp.smartclip.net
ad.turn.com
ad4m.at
ads.avct.cloud
ads.betweendigital.com
ads.stickyadstv.com
adservice.google.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
b.t.tailtarget.com
beacon.krxd.net
bidder.criteo.com
c1.adform.net
cc.adingo.jp
cdn.ampproject.org
cdn.navdmp.com
cdn.onesignal.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
contextual.media.net
cpm.denakop.com
creativecdn.com
cs.chocolateplatform.com
csync.smilewanted.com
d.tailtarget.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlp.eon.de
ib.adnxs.com
id.navegg.com
img.onesignal.com
m.exactag.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
prg.smartadserver.com
prod-rtb.ad4mat.net
px.ads.linkedin.com
region1.google-analytics.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.seedtag.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
shb.richaudience.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.cloudflareinsights.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.navdmp.com
sync.richaudience.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
sync2.navdmp.com
t.seedtag.com
t.tailtarget.com
tag.navdmp.com
tags.bluekai.com
tags.denakop.com
tags.premiumads.com.br
tags.t.tailtarget.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
tt-12765-5.seg.t.tailtarget.com
ups.analytics.yahoo.com
us.ck-ie.com
usr.navdmp.com
www.awin1.com
www.bandab.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
id.navegg.com
104.111.217.14
104.18.132.145
13.32.121.17
142.250.181.230
142.250.185.66
142.250.74.194
147.75.84.158
151.101.1.108
151.101.66.49
159.203.145.121
162.55.233.29
167.233.13.224
172.67.10.198
178.250.7.11
178.250.7.13
18.185.28.161
184.29.202.60
185.184.10.30
185.184.8.90
185.80.39.216
185.86.138.151
185.86.139.101
185.86.139.59
188.42.34.65
2.16.186.10
2.18.233.201
2.18.235.93
2001:4860:4802:32::36
2001:4860:4802:38::15
212.82.100.182
213.155.156.180
213.19.147.44
213.202.235.10
216.52.2.30
23.56.202.187
23.88.17.186
2600:1901:0:76b9::
2600:9000:223c:4c00:6:44e3:f8c0:93a1
2602:803:c003:200::41
2606:4700:20::681a:130
2606:4700:20::681a:30
2606:4700:20::681a:f79
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6810:3965
2606:4700::6810:df3
2606:4700::6812:160e
2606:4700::6812:18ad
2606:4700::6812:d73b
2620:112:f006:bbbb::12
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:801::2004
2a00:1450:4001:806::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:400c:c0c::9d
2a02:2638:3::7
2a02:2638:d::2
2a02:2638:d::d
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42::300
2a05:d018:d29:3602:d660:350f:5ea6:8858
3.33.220.150
3.69.2.24
3.70.58.251
3.71.149.231
31.220.27.135
34.102.185.99
34.107.148.139
34.149.50.64
34.249.208.98
34.96.105.8
35.186.193.173
35.186.194.101
35.201.123.184
35.227.252.103
37.157.2.229
37.157.6.243
37.252.171.149
37.252.171.53
51.89.9.251
52.16.122.133
52.194.134.93
52.211.237.29
52.215.85.23
52.46.155.104
54.76.7.236
64.158.223.140
67.220.226.238
69.173.144.138
76.223.111.18
77.245.57.72
8.2.108.175
84.200.5.215
85.114.159.118
0120dd511e19f616aee3464634ce858f3dab79cb9b97760dacaf5592c50c3237
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
04a9cd57bf095ea82848ea375d59b1242ea13e5787b78bbc13439f4ee410512c
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfcc82105db0a3e46dfa9fdec69642930fd9907115ca32a50b006bc183a57c5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d91c6c6766737bf3b8047a08d6fb1a0c02aa7d2633092976ef611249cb65535
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01
1236e4b6a52db093388eefdc8850ab04e06ffce02efab9dac0dd1ae2cfff1428
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1287ac0e527f661673c9ba9c1e9b08a05e0fc50c057064c821d9c9d6eb16266f
128929fbf934d0cd27bb17d91f0fa056dd09741075c247da6af8b6bfbf48ad4f
139970b635a56e6264835457f28769f59ded5b3eaa14877e2d574e9b9f7893fe
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
1b6a598502c28ff51902f37ff3fb7b5674b385d5924d030acf7ff1c45cbff32e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f14a385ca45dbe05c51411e6f6a3f0440bb3f5e36196493db938f84e27cae08
205e9f18edd429e8891ed5e3518978e1c1859ad9f9a2a5627bd3478e546c577f
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
209b639c0457fe5a70b2cc36091b056a724d3ad4830880444d8280a5e82aea78
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
2256cb012b785aeeaa53b60b949e40fef200a1a27c6525092248b7046c849f7b
241aa2f0b5684a2efd870943e4d8ec87e869db57b93a77b8f5903cc37804a6af
2426990e1db6b657a3048643ea8b044f9d9338bb6b43e01bac849c4f1bff87b6
250673d598b00403e15cae45e6c6b5f3bde0251f032f5c074b7650f8317a5578
255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
25fe7da2f9f9fe8a06bf51e4ebf4da8f4255417298e1a681c7c5260a68f91a96
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f663ad5be25f6f005c302ce83111f0f113f58d65c8abc3e8d54b18a2bd83c90
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
35ea259050268dc8f2f96aa1ebaee347fce2f5188bc825a30d53e8369779707a
38c5fc7d7d618eb262c38d10cedd6c16e1d824fb74d6678061206339c18ea34a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e68c7fc0cf092142e2a86211badce6c9e1de3259f1cafd065108b8b4d0547a5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
42e9977f7a23277d41f437bba9827aa0f237254c54f7f9212f318621a32269b0
438401bbf1af7da20c1a878bae7269a1f7d0678e1a50141d9c79a4ceeab39437
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4504119aec6d40cd1a91a0359445442775e3bcf01281b6b1ee549b8b5fb70259
465040d118a831a548cd8106d00d9e61d203cb74b7de6d9ad41d09cf6319f084
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4739e1e66e9c36872a8994cf517343d9646e01bf44aabbf5b8fb2348d53d8344
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
4a03cfe72c2554d8ac41fb877d9a2540cd2c0946c8d96234e14a4751fe82f451
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea3075171e1c9cd8ef59a5cf72da62ad887d4f7780002171983a3c0bccc556a
4f8efed939a7362333bae64488897aa22cdc4b0a4070304a9d25494067b986dc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d2dfd21b4ec006d532802283171917a2004db9085c83bb1b88b00e6ce25fc7
50f6363225c1d9d7377ba5dd0810df323328398e97c5cf849c16d43623dd725e
5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723
516632fc5937c8b8d801f099c5ecc41503281ad24ba53768403cc36f466087a4
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53df339b8135ffd9a1a440bdae4fb51bbaab7a1dc220fde6b9ae0f90c86cd5ff
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c
560bcb51ce6dc23b896ad41c74087121eef0ce078fc89ea611a01ca2b3132e0d
57c9e9d86b33ce5d032d4c764b1100d6ded1d7a0333ccf31521047e3d1891e68
5a7a16a4941425410ded5fb23fef1c6bd132561d07b23f9a1f4fe63d9e0e9fa4
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e4dc0684c8ca2a166a86fae1f8c29bcd537b18233f2c378bf2e3dae166cb123
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
600111cdd819fcc01669c425745c2725073214e21a5e838a12ea0e2e09ed86ab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e29c8ff88cbfcd85161e1087ce04c3ca92ba9ee5c031fae9b986d4fc57a446
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69a3098b4f2ea14abc65f3eadc5d75c02cdcbcfbbd3b5382a5388ceac514fadb
6a5c48420053e71e4ed9701b57afc1a35a658e4f5fdee325d4e5e5ce6763292b
6e5d2fee3f71fad3b1ac7c100001c25b43f61e44827217138e9f935b8af8e894
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
727daf7b18a31addf0ee4cc1791946735537b00bbbc19b46a8d4cfb3539b5bb1
731c982fe2f526eb1cfc47130b9d84b74c1a1038a4a518bcaf70f83ddac162a7
734edc8d08462e2ca9b09f1d9bfd85f68450030d556a8d613410aa22a2dc170d
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
7472c4fe215fe94d6729adfd84a636a4626c0b279711db12dba51905dceb2b34
758eb936ab3edde7c230ae6e05e8819e4d8e8e97151983c83a64141dcf87cbfd
78ef8b1bdcfa609810428c5919f9e2b93b1814e72cef4bfde24203c216c5b6d5
7c8a1ab36c4c60c0d7e0f47cc89a03b324f9419398190b09b1a8401d3cd4b93f
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
818eef554e5ff296db4a7e4c63631e6fc2c59dbc8c704392fe226d4eabba8879
82a1fa6858fd9a84b39638acc8c7211c82c9652c7809c4dd1ba01b4df5c90a61
83bc3d65d6d0f786000aacd0a546df882c135fcdcc5721833150bd385bc681fd
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84bbdcfbd7f11f5aa5d19fad48e7be67333e2c0b147091a5a9513614b94646cc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e18a77509ff9b312abfbccfcc853303729739ae896a32fb4205fa92f6cd3eb
874261e524d8109fdcbd2456c8ef722842956254e9d9cdbae2d9e73a28c7f251
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8ee349aadb2e190fb96ee8840d56c6c4902cd1267300525e6a1a0735d6a04f33
8f517fb84e0461bf59d148d2cf42b9bdfd8cbee080020b56fc208f581ba556fb
90001592ce84626f9571fde45e9e52b9d413d3dad787049a6fe759ef2e55a8fe
9134f8247d3c06e5ec29e29dd5df62faa67679dee801253f96a9cc40f81ff71b
92e1e3ba7f941fa9c857f8b454f44e94f7fa5aacc2a7218d31475b1601a22dfa
93203a5c3da7236a1272adf227ace4cd0927132f608a4507967b080d173125fb
9335e023ccff38aa988f6302c5b2d06188cead60e2439f5b224d056f5a0687f1
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
974132eaf5911226932a23788fda26253aea5c2ef13abc16e41f016a2c3f0752
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dc37c7bc8375064defb49b1b7dab942097a1819c50c3c5e7dc1d8a38520c1bd
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a483b14f8537b64b4852456f7729f23509e470dd04df5f02cb8cdf69192fff4c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214
a96a508dc58111f791dbcbf33b98995b1a222d9a59370dbf7998c8217f1c8468
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
accdd64f7c9861dd84466451f51453ad9acc5ae1036e84db35156a58e41fbf99
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1456b3dee81a1bd4ffcdd8f323b1b41321ee23e8ae85a19fe26e1ecad69f4ee
b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170
b2510e20fc9f85b1557c7bdd5174e1282f4b2a6a5a1992785c6539b77434b56b
b3544979c27131c907a7b5e1ba656ca3a6f054485972b3413c632d9bef60c1a0
b56d3e632dc3daacc20d561f55ad0245a6757b6461e609eed8ec093e7052e7d1
b6318ac32978fb62e78ba3d8214aa2834cfb84a51c6e052494313097de049b75
b7c9d306bb08ff848ecf8ecf5a043a8d566be5b87d0fc07503917db9ad38bcbc
ba68e6e9397514a0687ba69b6010eae9325189158aed28f5cd581580c819730e
ba95f409ad54accaee12cac80e52227d6428cf1e651563be4148e152de882dd9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc618b2479edb489ee1b590537cc2b7e96a160b2574feb8e26e9fde1b7d3492f
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434
c1c24e23f9488b0db74a8817980466e81c70b3bad1a4f3cd4d013f6f3673a146
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c950ef52766cd59b6ff3d815c79dc1adfb6aa51dfb5eb4fcc06344a37a6750
c2ea5202259a2e4df17bacdd1192cea241274f70679e414bb0c5511c211e8d77
c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
c92ddf76ef68a1fe7e972a99179d310974816ea03cc845236479a03a6e76076c
cc00d168da6ac0014a614485193cdb5fac712689cafc0378ba3a48697d252cbe
cd5018f378ba22eea43f83b45f332617b60d0119a98d8935250d7532f77f7f12
ceb052f605d12555bea80bd885b725c126c50ef4a82035c4bee838d2f5d2e88d
cf0e9d537c1febb7194eaf0ad07069d02b546474cdb169729b9787083ab82cc7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8
d280e96cac799ad05e2cd457ebb738497d56f5a708798326b64ea4e85e0d69a1
d64d83e1aa0d4ffe11ab7c221a6270ffd50d8b0c91f78fda13435b2875635d2a
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2d5455d739afd9437073050fe072ae865ad9b6e32d3707f4f0939c441d02b2f
e32fd566347f77bec0a409a8c3e52df8e5d1f6e393ea20f7c7c5eb331673433b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dbcc888c4fd1f9437c817782240fb515e619813ee617513244a81e3326d2b4
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e42869601ae87a83476b74dbfb615c3acde329931afc04beea4bd387f3703c7e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e6997f451bbf8012dea5fb3b9f2e974a2f86861364126915097d81096392c800
e74639e37bb8ca0e6ba3a05c3f0c0e0efecd7988e867f79434b955ac5190b5c7
e78cf489f5de1111c5e3913430da26c8f502f729272e906ed4e6185ffd32a0cc
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8b1756a3cf17e337c77c2a0786fa23c662bea5ebaef5f55a389ee7022044a7f
e9dcb874a819c0e00d358431229ea84f704a98b01db9eba00962d0de70994f92
ea1b0f6faa91df6b0dd1a848645639500cdfdddf674f16f55d2b35543f0ddbeb
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4
ee888bc3e7a166fe422eb4ba38421559ac0d86114235822d5ee02d8c5bdd7d63
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9fc1f4b699a481c648e110c7cc1c134ba7d30b87552e4265a594f8c8787680
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4
f4e4df64aea8be9642e5974862177d6fac3ec66a540aa6b1f1e6d9aeacccce91
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737
fef22e8988f6b72c99b05397a4b16c9dbf269e990c976b5f38d59c1384e78ebe