bemblogado.com.br Open in urlscan Pro
192.185.215.219 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bemblogado.com.br/
Effective URL:
https://bemblogado.com.br/site/
Submission: On August 30 via manual (August 30th 2023, 2:04:06 pm UTC) from BR — Scanned from DE

Summary HTTP 292 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 37 IPs in 10 countries across 33 domains to perform 292 HTTP transactions. The main IP is 192.185.215.219, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is bemblogado.com.br.
TLS certificate: Issued by R3 on August 16th 2023. Valid for: 3 months.

This is the only time bemblogado.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 100	192.185.215.219 192.185.215.219	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
9	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
6 21	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 47	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
12	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
5 18	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.193.211.202 18.193.211.202	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:cca0:8b97:e855:348c	16509 (AMAZON-02) (AMAZON-02)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
4	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
3	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2.20.213.154 2.20.213.154	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.9.22.61 3.9.22.61	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
2 2	52.28.44.182 52.28.44.182	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	18.170.168.253 18.170.168.253	16509 (AMAZON-02) (AMAZON-02)
292	37

100 192.185.215.219 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: vega-ip07.prodns.com.br

bemblogado.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.211.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-211-202.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:cca0:8b97:e855:348c (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 176.9.26.250 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.165 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.213.154 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-213-154.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.9.22.61 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-22-61.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.44.182 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-44-182.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.170.168.253 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-168-253.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
100	bemblogado.com.br 1 redirects bemblogado.com.br	18 MB
77	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	1 MB
42	doubleclick.net 12 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 87 cm.g.doubleclick.net — Cisco Umbrella Rank: 237 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 308098	319 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	311 KB
13	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1104 www.googleadservices.com — Cisco Umbrella Rank: 149	608 B
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	509 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	9 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37964 hal90005.redintelligence.net — Cisco Umbrella Rank: 207480	38 KB
7	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3238 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 105	1 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 239	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	3 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 30936 api.webgains.io — Cisco Umbrella Rank: 76621	18 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47866	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	213 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 591	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 854	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 348	529 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 805 s.tribalfusion.com — Cisco Umbrella Rank: 1949	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1326	450 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 736	676 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 596	725 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 342	291 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 791	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 834 r.turn.com — Cisco Umbrella Rank: 3871	869 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 92540	436 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 49150	2 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 18330	705 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 186211	931 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451	715 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1537	586 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 692	547 B
1	google.de www.google.de — Cisco Umbrella Rank: 6457	408 B
292	33

	Domain	Requested by
100	bemblogado.com.br	1 redirects bemblogado.com.br
47	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
30	pagead2.googlesyndication.com	bemblogado.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
21	googleads.g.doubleclick.net	6 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
18	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net bemblogado.com.br
12	www.googleadservices.com	bemblogado.com.br googleads.g.doubleclick.net
9	www.googletagservices.com	googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
9	fonts.googleapis.com	bemblogado.com.br googleads.g.doubleclick.net hal90005.redintelligence.net
7	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	hal90005.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90005.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90005.redintelligence.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	pv.medialead.de	hal90005.redintelligence.net
3	www.googletagmanager.com	www.google-analytics.com adv.office-partner.de www.googletagmanager.com
2	api.webgains.io	analytics.webgains.io
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	8019191.fls.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	match.adsrvr.org	googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	onetag-sys.com	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	x.bidswitch.net	googleads.g.doubleclick.net
2	um.simpli.fi	2 redirects
2	www.google-analytics.com	bemblogado.com.br www.google-analytics.com
1	adservice.google.com	8019191.fls.doubleclick.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	googleads.g.doubleclick.net
1	www.awin1.com	hal90005.redintelligence.net
1	adv.office-partner.de	hal90005.redintelligence.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	s.tribalfusion.com	bemblogado.com.br
1	a.tribalfusion.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	bemblogado.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
292	45

This site contains links to these domains. Also see Links.

Domain
www.baraodeitarare.org.br
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
bemblogado.com.br R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
pv.medialead.de R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
adv.office-partner.de R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://bemblogado.com.br/site/
Frame ID: 32DC5E3D9EFEB4B0AAC5F581C8CB2C6D
Requests: 118 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Frame ID: 9FE3DD7641BD046F0C2543989E122DCD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&adk=1812271804&adf=3025194257&lmt=1693397035&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235372&bpp=7&bdt=825&idt=319&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3677201854671&frm=20&pv=2&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=368
Frame ID: 2E9E998F78FD2DE8B55E38F2419DEC28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=1313107541&pi=t.ma~as.3741984719&w=728&lmt=1693397035&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235379&bpp=1&bdt=833&idt=367&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=371
Frame ID: F3348022C57856234DE98C44222FE968
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=250&slotname=2489941788&adk=4036205056&adf=3446456765&pi=t.ma~as.2489941788&w=300&lmt=1693397035&format=300x250&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235380&bpp=1&bdt=834&idt=383&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&dtd=398
Frame ID: 2825FD8AAB6E768103B0D58715558442
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=600&slotname=7167553397&adk=514359781&adf=2883579220&pi=t.ma~as.7167553397&w=300&lmt=1693397035&format=300x600&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=411&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=414
Frame ID: AA79454C156C2D7B4712911420D24614
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: 376EF15ED0614BE04C99AD9E77CE18FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 74D9BD510061374C9D42B7D3385D0C62
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=1352110373&pi=t.aa~a.1668263445~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236943&bpp=1&bdt=2397&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600&nras=2&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&dtd=83
Frame ID: E1DC3EE04E96E5069365ADAF2963E43D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: F09488517B7927917551500A0E15FB49
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: C8C3169602C0B03DDB212A3AEE1D4404
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: CE73ABA06FEBCB7823CB3591629238ED
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: 370ABB5318CAE7966B70709C8038740B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=3993863397&pi=t.ma~as.3741984719&w=728&lmt=1693397037&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=429&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124&nras=5&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=4622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&dtd=2160
Frame ID: 2E2F0A59D6C5F0211E0C46D2DAD465FD
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564
Frame ID: 7AAB96459A7A11A2AB49A2E75D076008
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: 9ED0C76E7C735B5F2942F26F4DB112F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A466F5A688ACB28E50F88B514AE81D8C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: DB8A90D1C104E7BBEC1ABA5EBF8B3C37
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: EBBB9CA4CE01432F7131D951C081BC99
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: 5772025D548303ADC681D163F6425E22
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 753F39A2762C56DDEB62C2FFB6190B2A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNU8xOqxrnpvzNkUWpohd5rAOU1ZsGwXkEu8r1mtdPdzh3DiVNFu7ZJuSkUktCBLI7i2HLvh5SpOlYE6ffAz-1SnXWKnPvXOZBsTx-cqI3tiR0owVlIQvKmX4ZlsTFN09gIZGYPW1yWHapp51McWYLf4hihm056exF-TWmYA3huHm6JuISU
Frame ID: 575DB7D896755469CDB4F77851BBA8AF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: EA90ACF8D8D72410AAD31D89A278FAB5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js
Frame ID: F7D5637EB11FFFFF436E149E1BA6F9E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 84C2F4D6741D70831B2C85BF32B969A3
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=78259100108146704444550012432005&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: A47502606619A37731B5E4E82124F169
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: B2BFD02EAD5E6AA23FD5CD96A9108679
Requests: 3 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJSyrbHGhIEDFUIMaAgdJpUBxQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3246743878721.903
Frame ID: 5D214BAC049CC6142725DBF963B35A63
Requests: 2 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=78259100108146704444550012432005&a=e284e4ed
Frame ID: 11626432C98D4C44540CCECA095AECDA
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 40BDF6A9E3A0B78B4FED7B0C1E16833B
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DC02C6FCEBE6042E321071CC8245FC87
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A88EE02B208545DD87EB89415F27058
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home – Bem Blogado

Page URL History Show full URLs

http://bemblogado.com.br/ HTTP 301
https://bemblogado.com.br/site/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets
<link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

292
Requests

91 %
HTTPS

44 %
IPv6

33
Domains

45
Subdomains

37
IPs

10
Countries

21132 kB
Transfer

26772 kB
Size

29
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.baraodeitarare.org.br/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bemblogado
Title: Icon-facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/bemblogado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bemblogado/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/bemblogado
Title: Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bemblogado.com.br/ HTTP 301
https://bemblogado.com.br/site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 106

https://googleads.g.doubleclick.net/pagead/adview?ai=CaSOSS0zvZM7xL4OOtwfAxp6YC82q28ZtybrswagMgvyTjc4EEAEgzfjeI2CVivuBlAegAbC6odcDyAEJqQL8am_kHjeyPqgDAcgDywSqBP0BT9BDiZz0xq3oNN5URQwg7UP8cIOfe948O12NSM-xpSVWG_A-4sXknqVkl2K_eByDcBP-QyBzf_QDV5cZnvF2BqhordmpKupgLEHILImLzwMfDvwrkYoSjiUEivXTtwAjJgItSM5qTN_8YLjLSdszvQScssBku7PfWwcy1oojpDhcjBsu25RnVQ6Lv95ADrHA22RHzDd-zGJFfDpNTBmA7ZfYVTm60oPlsINaxioG99wr_t8ev94ZYF4g1DoKxz8KBZ5xf9322shP-CZAGEpt8x0HhrDZeCYJQ9yJ2B4EyrX5S-iTIOF75qF6VTfxVAV5tKyXGiMVqM9M0z5VfcAEwd7iyo4DiAWzpNLoKJIFBAgEGAGSBQQIBRgEoAYugAe_2b1gqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEMzRDtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCT9odHRwczovL3d3dy5zd29vZG9vLmNvbS9zZW1pL2dkbnRleHQvZmxpZ2h0X2dlbmVyYWwvYW55L2RlLmh0bWyACgHICwHYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItODI4NzY5NDA1Mzk4NzY1NxgA&sigh=9-Jx1Mm4x4g&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWsj5aBkfQK1f3yBHG4B4tXt0tFW2ivBgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211355337080709305925%22,%22debug_reporting%22:true,%22destination%22:%22https://swoodoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212483267724753642289%22}&andc=true

Request Chain 130

https://googleads.g.doubleclick.net/pagead/adview?ai=CaHE7S0zvZOP2MZLwtgfx_qiIDr-B08BxoP26xsoR3NkeEAEgzfjeI2CVivuBlAegAZ26sqMDyAECqQJh1Afuaz-1PqgDAcgDyQSqBIICT9C8ArMHfBPDHs9OzjOZcdrErinrcQFxpL6JP29AEIaf1T329aC4n4FIFST9qc1VA7SooNhCDN1ZrXCg84ZjG1LBbEbRug1CpQ4J5GVBnpbWT_v0HF93BsrYzczl8bfbrJLpiQFuHAxm2vmKy0lftKYPxzjiwe2OA3ClPOXMWIMblcCBAP1r70QSO_gDFgnGQ8C1hot-SVgPkWwpDmr-DeaD1twP9PXQrigVpjWs_fOYytgy5aU102fIl9CdhPlPptrMw-FgVqruUTWcLf2aOJKkYhWWtDAebtP3MjYoPOpWfjaD1jTikejs0F_q78puibIznYlDevnHQeQk8N65jHfJwASchZvF0gSIBcX8jokikgUECAQYAZIFBAgFGASgBgKAB8mW7IYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQmM8p0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJhQNodHRwczovL3dlYi5oZWFyY2xlYXIuY29tL2Rpc2tyZXRlLWhvZXJnZXJhZXRlLWRlLz9jaWQ9NWI4N2E3YjIzOWJhMCZ1dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249OTE0NTkyNTE4OSZ1dG1fY29udGVudD0xNTk1OTU4MDczODgmdXRtX3Rlcm09JmNhbXBhaWduPTkxNDU5MjUxODkmYWRncm91cD0xNTk1OTU4MDczODgmdGFyZ2V0aWQ9JmtleXdvcmQ9Jm1hdGNodHlwZT0mYWQ9NjY5Mzg5MTcxNjU0Jm5ldHdvcms9ZCZkZXZpY2U9YyZkZXZpY2Vtb2RlbD0mdGFyZ2V0PSZwbGFjZW1lbnQ9YmVtYmxvZ2Fkby5jb20uYnImcG9zaXRpb249JmFjZWlkPSZpc21vYmlsZT0wJmlzc2VhcmNoPTAmZ2VvPTkwNDE5MjkmZ2VvaW50ZXJlc3Q9JmZlZWRpdGVtPYAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi04Mjg3Njk0MDUzOTg3NjU3GAA&sigh=GzMctJHc-Uk&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW7kpma8AHpJAdy2ajC49WnB-tdiXBoRgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226979215958902923646%22,%22debug_reporting%22:true,%22destination%22:%22https://hearclear.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22879533341%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226187905838019745169%22}&andc=true

Request Chain 134

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 159

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 160

https://googleads.g.doubleclick.net/pagead/adview?ai=CRPI4S0zvZK_lMtCEwuIP86ydmA-Ag4_Vcp3FlsHNEcCNtwEQASDN-N4jYJWK-4GUB6AB--TfmAPIAQmpAvxqb-QeN7I-qAMByAPLBKoE-wFP0LWQb98scz1Jx7eAPzfNYTKFMhKEncI1ARiXRxpITMsnMGhq0Si2rwFOl2ythp9O1gecs1KxmHwJLnMsZtnB0AWZ6dYaMVwO1pJFoei5xluJGSlFhVY5KXymLw_DtZtBB9FxXuRu1097Zyhhj5CyOs9XYqcLgDZqUG35S2dtR2jk0gDKHZE6y1qJDRUuNKAvDSOdeTG8ksSHpvt42hwuKZEnMLEFYVSwUlFuy9C9ERyk0SuUXb4snyrtqyH7MzOtxiAWFamixoN_w3WQThJVLJytBGmISQzBohmvL7v4fo-ywRR1L7cxuqwxA5UqFlRcheo6H5bWYlBZIcAEr9rCp6sEiAX2iOuvS5IFBAgEGAGSBQQIBRgEoAYugAftmqBnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQhbcU0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJ8gFodHRwczovL3d3dy5lbnBhbC5kZS9hcnRpa2VsMi9tZWhyLWFscy1kYXMtc29sbHRlbi1zb2xhcmFubGFnZW4taW4tMjAyMy1uaWNodC1rb3N0ZW4_dXRtX3NvdXJjZT1Hb29nbGUlMjBEaXNwbGF5JnV0bV9jYW1wYWlnbj0yMDIzMjk3OTU3NCZ1dG1fdGVybT0xNDkwNjQ1NTk5MTkmdXRtX2NvbnRlbnQ9NjY5OTMxMDA1MDAxJnV0bV9wbGFjZW1lbnQ9YmVtYmxvZ2Fkby5jb20uYnImdXRtX2RldmljZT1jJmRldmljZW1vZGVsPYAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04Mjg3Njk0MDUzOTg3NjU3GAA&sigh=x5coBVsf6pE&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWbpm3xHs0ZRIm_JynPDgpIY_2MPA2bBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217267521669852739969%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228410790050215015441%22}&andc=true

Request Chain 202

https://googleads.g.doubleclick.net/pagead/adview?ai=CPeJWS0zvZNvpMrGPxtYPsJuPwAmM-d_GbbCS3tGLDPK70dXBGxABIM343iNglYr7gZQHoAGwuqHXA8gBCakC_Gpv5B43sj6oAwHIA8sEqgT_AU_QCGx-lzGdHyNGJ95E9j3Rtb2FAfQgmAighHjlqeqPH_SKduUzXqBnNYya4MW_yKNSILwJDsGV7e2OKXVjNC3Pw-SbU_YEjCzEr5VhEkKjlJFcX50sakV7H63OAQ1vvN92rrU719gQ3Ejr_9UPc9J1WIKqHkaweJTrEzMenn7Y0b20W6XhUzrA4p_MiRXaNEE6VpGwwNyJAeFOzAvm316eQPClpCaMDGoviyBc7jac5ZvdsouPtV_vkQPmpb9OgRstKfX2D8KQLYerKuLUhDvPzAXlZ3JNv8oinT3UOWhzTgaUZaQCRp6LcEHV5bNfmmgq5wNFtdVW-5559sYdVMAExKS-nqwDiAWbus7TKZIFBAgEGAGSBQQIBRgEoAYugAe_2b1gqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJKvCtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCT9odHRwczovL3d3dy5zd29vZG9vLmNvbS9zZW1pL2dkbnRleHQvZmxpZ2h0X2dlbmVyYWwvYW55L2RlLmh0bWyACgHICwHYEwyIFAPQFQGAFwGyFxwKGggAEhRwdWItODI4NzY5NDA1Mzk4NzY1NxgA&sigh=wPeWZtIBJ9w&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWNX9Bwl7UFB_nR7nggVLkcfVQWfHAiRgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213102519437778528562%22,%22debug_reporting%22:true,%22destination%22:%22https://swoodoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215369378660404321089%22}&andc=true

Request Chain 220

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAYpInKZMNKiTul7JGUT96M&google_cver=1&google_push=AXcoOmTkwCaPcGlkwTbhAmgcpoQOMHv8EyODCmtZ29Ydsd5DKWWGaCH1bq05Zzs9Es89d9cHVCn9V1f_MaQ-9wyVcxpxIjYEq9iURN0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE5OTYyMTk5MzM4ODEwOTYxOQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAYpInKZMNKiTul7JGUT96M&google_cver=1

Request Chain 221

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELCmjxCNKJsmpxyXawW4kU0&google_cver=1&google_push=AXcoOmR12gqHt_EhD0hSH_F5FRqXOuTGzX9D4KDEyuXO0JAdfZEMg2HVVNOqYq4F151VSkZ3RB7J9v53pc-DpjclApPEyxLNRjtHxK0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELCmjxCNKJsmpxyXawW4kU0&google_push=AXcoOmR12gqHt_EhD0hSH_F5FRqXOuTGzX9D4KDEyuXO0JAdfZEMg2HVVNOqYq4F151VSkZ3RB7J9v53pc-DpjclApPEyxLNRjtHxK0

Request Chain 222

https://um.simpli.fi/gp_match?google_gid=CAESENwbMC-udab5z8Ja2HWxWrM&google_cver=1&google_push=AXcoOmSySM7BH_8LFeA46KsfAspXtctv1Kanu5wD_hgYc1Ey5xPmRG6uw2szbTl0-ppFlS287gHzYo7TGhMh_xZm6jgkUd_QkXl-akg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA1BC04BB7E24B41BAAAE0B322DD74F8&google_push=AXcoOmSySM7BH_8LFeA46KsfAspXtctv1Kanu5wD_hgYc1Ey5xPmRG6uw2szbTl0-ppFlS287gHzYo7TGhMh_xZm6jgkUd_QkXl-akg

Request Chain 225

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEKl9s19lG534mLXREUOo8w&google_cver=1&google_push=AXcoOmRrjp56fdpXcJt_k9yy2r3fHiNuNuHvGC8NCTktlMmgJJXKVkMsYFQaQixMZrbKXlEdBPRvcJ6Q_RZ7YtxV5dTeHPRzaYHeO_A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRrjp56fdpXcJt_k9yy2r3fHiNuNuHvGC8NCTktlMmgJJXKVkMsYFQaQixMZrbKXlEdBPRvcJ6Q_RZ7YtxV5dTeHPRzaYHeO_A

Request Chain 226

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBN539aiggJXrEwF70pwV4Y&google_cver=1&google_push=AXcoOmT0fdTYmrqYwvVvcTRKGs4Y0uxNrshPMXAxNsiZakYLbk9_7jez1W11W15fBtlGY6Q21CYFy82_22VZnnORqb2S4ePxO2FRTcUJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT0fdTYmrqYwvVvcTRKGs4Y0uxNrshPMXAxNsiZakYLbk9_7jez1W11W15fBtlGY6Q21CYFy82_22VZnnORqb2S4ePxO2FRTcUJ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 239

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHgsi8omKprP7dxbhs_jfdQ&google_cver=1&google_push=AXcoOmQwLQv89kXK8_jj3dICp3VOjPuRclO-jwXn-hwLDNeiUgtm656BpjmbD67Uv8x5qNEVNinOQ6pmSksaa5ThDcezVC0sBQe7ng&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQwLQv89kXK8_jj3dICp3VOjPuRclO-jwXn-hwLDNeiUgtm656BpjmbD67Uv8x5qNEVNinOQ6pmSksaa5ThDcezVC0sBQe7ng%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHgsi8omKprP7dxbhs_jfdQ&google_cver=1&google_push=AXcoOmQwLQv89kXK8_jj3dICp3VOjPuRclO-jwXn-hwLDNeiUgtm656BpjmbD67Uv8x5qNEVNinOQ6pmSksaa5ThDcezVC0sBQe7ng&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQwLQv89kXK8_jj3dICp3VOjPuRclO-jwXn-hwLDNeiUgtm656BpjmbD67Uv8x5qNEVNinOQ6pmSksaa5ThDcezVC0sBQe7ng%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 240

https://um.simpli.fi/gp_match?google_gid=CAESENwbMC-udab5z8Ja2HWxWrM&google_cver=1&google_push=AXcoOmTycTtottjxWCRPV7zrUABW0mtD53Hd40NYDPAWAIkmUsfOwoeEtCPbGwFn_WMR6kmWGCUK5nzJuDXUl9qlQ16fO4054pQy3Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA1BC04BB7E24B41BAAAE0B322DD74F8&google_push=AXcoOmTycTtottjxWCRPV7zrUABW0mtD53Hd40NYDPAWAIkmUsfOwoeEtCPbGwFn_WMR6kmWGCUK5nzJuDXUl9qlQ16fO4054pQy3Q

Request Chain 242

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFDhx-86VrWYmMrnMzpEOHw&google_cver=1&google_push=AXcoOmQDM0T83f9V0rMiVj8w_XzuhmyqgIk3mBPMwk0ufbG0x3pBUldSFBkg-GuU6O3ecsasWbN7uIFPbHmflSxGfPJLQ1B2VDRKNg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MzExNTgyMTEyNzYyODk1NA%3D%3D&google_push=AXcoOmQDM0T83f9V0rMiVj8w_XzuhmyqgIk3mBPMwk0ufbG0x3pBUldSFBkg-GuU6O3ecsasWbN7uIFPbHmflSxGfPJLQ1B2VDRKNg

Request Chain 244

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF56h8OfoTuBxiGZvkci0O0&google_cver=1&google_push=AXcoOmTLDjXrgMMT6QgZLWIMxLB6-byKb2_iXLU-Ra7jhxbgLUolLU8yX33DL7M70Hd1Wmy1Vr9_Nvfmdhi2gDxFDfhjzbG6AaA2LQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTLDjXrgMMT6QgZLWIMxLB6-byKb2_iXLU-Ra7jhxbgLUolLU8yX33DL7M70Hd1Wmy1Vr9_Nvfmdhi2gDxFDfhjzbG6AaA2LQ&google_hm=eS1EeGdZRHpaRTJwR1Nqd2tJZG1PSlgwYUVWbEFSUi5xUH5B

Request Chain 245

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEKl9s19lG534mLXREUOo8w&google_cver=1&google_push=AXcoOmTN8OP48HGyY_80wpaaOHAfdgbAHGMVu_4wBzGkW_GqhpH3IYkKLOmQnJArX_nTCYaPfYab3yj_CQ6Y4crJ3iWGVi8GpxrkmQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTN8OP48HGyY_80wpaaOHAfdgbAHGMVu_4wBzGkW_GqhpH3IYkKLOmQnJArX_nTCYaPfYab3yj_CQ6Y4crJ3iWGVi8GpxrkmQ

Request Chain 248

https://googleads.g.doubleclick.net/pagead/adview?ai=CV4IfTUzvZLLWA9Pitwe2uJaIAvuCxNZx-8vL1vAQjazA6p04EAEgzfjeI2CVivuBlAegAc_qu4wDyAEJqAMByAPLBKoE_QFP0MgF4OMRZmYPC0AvOiw345FkmgJOHkI9EBU2JAKPMnnjgvLU0aBuVnBPaO8IWHuuQg1ulMV6Pft1-vIk4Y2NmZ71xMVkCyBhaJfs1zVA2Xr3n8lo5mFkwxUBlUemm5I2yx4Q6aoB8XRi6mWGdJb8eyC6f0p2WDDUm3KKCj8_0yKPannLimiu_PMv_M9uhxL-093jp7bjW3TwEw5tnvnBMavUoWcnvRRz6DQgu26tFzqZXKFEIKi2HlptRUmmAjnVYn_cGGVVu8swtQx_KbfMzGC5scAVlGd7gqj4PuFtje95Hjk-74VquDmtpTVTkYnPFLRhNCaktob_V7FbwATSgIKHmQSIBa6C__dHkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-jjwN0CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnNkE0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJggFodHRwczovL2ZldmVydXAuY29tL2RlL3N0dXR0Z2FydC9jYW5kbGVsaWdodD91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWFkJnV0bV9jYW1wYWlnbj1jYW5kbGVsaWdodF9zdHImdXRtX2NvbnRlbnQ9NjQyMTA5NzgxNDUwgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTgyODc2OTQwNTM5ODc2NTcYAA&sigh=UcrSXf_Xd0U&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWylThyETw9uOyXGdG5ryRyOg925BCwnAPCkeYpF4rDu3aGsPfZoKAZlZ01-kcHbQQIJdhH2WjGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210843488507323351785%22,%22debug_reporting%22:true,%22destination%22:%22https://feverup.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22831452495%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228345784749490483921%22}&andc=true

Request Chain 251

https://googleads.g.doubleclick.net/pagead/adview?ai=C5WAlTUzvZIO_I5D_twe3tZ_gB_uCxNZx-8vL1vAQjazA6p04EAEgzfjeI2CVivuBlAegAc_qu4wDyAEJqAMByAPLBKoE_QFP0MEWCD9i7G45LksVTPJIGNKOtFhAlEt9yBIq52HjyRtbEHpnC6l8qENaVooIqTxiVSeObj13PQ964rbVJ_X7YeaSrzpwp2J0PITjEnqlY5YawMhUk0fu8jbUhcIpaK8nInB6R-40Z92CHj8WnoYTQP3DcCaOQWHqbH2DexVnK7IwndpGBcmD3OkUR1ppAZ0OL2_bzHeOCpUjz2fSVKHSJPyznKg-angJ1KV9oXCWPlLwaw5lB2hDgfENoYKQ8Q_ah5Pn8mL6pr4sVuyU_VWSVMCnKNAhgzLkpaFM3k6lazujCrtkGxtAGRc2YTR09EkxIRHkDp26wpobvvm9wATSgIKHmQSIBa6C__dHkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-jjwN0CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQyasC0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJggFodHRwczovL2ZldmVydXAuY29tL2RlL3N0dXR0Z2FydC9jYW5kbGVsaWdodD91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWFkJnV0bV9jYW1wYWlnbj1jYW5kbGVsaWdodF9zdHImdXRtX2NvbnRlbnQ9NjQyMTA5NzgxNDUwgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTgyODc2OTQwNTM5ODc2NTcYAA&sigh=KJUSoVGYnK0&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWqC5zIsrYMyWxJdRFvmdb8-UWqNK82dpE62O-LSuYO3dzQjJ8OQ9sIi5Bz9r7Vbe2lBQ-ZtsHGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227124732732420555346%22,%22debug_reporting%22:true,%22destination%22:%22https://feverup.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22831452495%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227857059937148264673%22}&andc=true

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCehDG3soMMEoR3qa3q8sc&google_cver=1

Request Chain 256

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO9MTpCI0UZB45-fu7xLawAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCehDG3soMMEoR3qa3q8sc&google_cver=1

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM-X8QpjsL22BYaifoG_1rI&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM-X8QpjsL22BYaifoG_1rI%26google_cver%3D1

Request Chain 258

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzQwMjE1MjYxNTcwNjE3OA%3D%3D

Request Chain 267

https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d1091d5742&subid=&uid=0ee574f4d86f3ba8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLriDTUzvZI23I-KKwuIPk9QtpuW9oGmFlZynyQ_wLhABIM343iNglYr7gZQHyAEJqQINqfRo2UWyPqgDAcgDmwSqBJMCT9DQF2ie_DWP9Mpaplw3XZNbwDQUKe1GoKCcNoeQaRcQAYzQixE_QA2BCZJsuqqPRz9S0PhohqRO1hQLO_jM7F13UC60eVoxbSUbx2uvfLxVDZDYqCKHuZryxRCyu0qVogjpr6qyBeLDU2Ame3xcfkbLqp6bJOpaOMHbDd8StJOx-POs9LFTW-qA7QzFlVDKA4DW-ONlRxsrCDnqR7-MbkpJB1f-_vX-CUTzzjKYdTFnUWzUg_zgHVJjSjob5X61MBKJdEKc9gP69YkcrNd1j85E_K0z-kUFW30akI2ssy9Eu590-n-M40R2YvM7E2b9QgaTpWRrTnwIYXjH62zIkdE7Clkor85jXNiNrdLE0_WX9hDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIzZGrsMaEgQMVYoVQBh0TagsAEAEYASAAEgI-LvD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJW4Tx1iw5N9ukFvxk3AGyftcCP1-RCcBREozmaJkiObI59HWreTRTBl7qg0Lv7XLI7ggNAvuvsGAE%26sig%3DAOD64_30RMoMq1e_OEbTukoZaS4zNo7Dog%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-Aa9FPOb0RA9CmWJwiIwg05YDnnyn6T1nmOF1aCmq4f2QEJl-YwIw0wfyIl8gIkwUY0I_gjXcTiBDsTVzAD78mDf5ZIUKhpa0u0ejmUbvLd_n8pAkieEoqOD__Zu88bIYQEPjd6ZAo_sokZxTCbo5an2EhTHs1SEv9RJBejasu937O7EN4%26cry%3D1%26dbm_d%3DAKAmf-D69QEghfLkEMWY7sQXwq5gEL54y5GRSXtAcMZvauxvqAzcGqjbVc_yyKTW_rk_dNC0L5Eoa7nkfU0Y61M5kBlE5crlCladQv9z1i36wxwIKOZcDVFK0lDZtkdPsfYGD-QAe6NezS9gXaBRw1egyG1SYLa7MGX-18V8alLL8PN5E2zAoRRyXN12XUgjkoBZcxXXSA7V0wB_hYVA6h5hg57kILoXhPE3xOBMd_8AYtmCAl5MlJ65soxDiGUQl5Jq8dubJ-_AdObsVFmn3SN33elw4oK4yxIn_XIUQv4jH5i4ELAYLclYGxlRSDqMC3_h3cT5NF0D9uaXMC7ft-zhkuI31Xgnb12VhZU3tHNWW4IxF2a90XHbCMl37P5dR7WGpxI2dNVM2I1n873D13UPcy2Dlr9ZSOjUwUpsa01D4AzmIH7U1Xroh7fwQQksID_oTmfcIL3zgBCOtOayy0XqR8dQJcVfDQA7OrL5h5059Hp6n5j1vhmx4ut_CXO7cqIWLHR1Wh9o%26adurl%3D&documentReferer=https%3A%2F%2Fbemblogado.com.br%2F&ancestorOrigins=https%3A%2F%2Fbemblogado.com.br&random=2096293073468&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d1091d5742&subid=&uid=0ee574f4d86f3ba8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLriDTUzvZI23I-KKwuIPk9QtpuW9oGmFlZynyQ_wLhABIM343iNglYr7gZQHyAEJqQINqfRo2UWyPqgDAcgDmwSqBJMCT9DQF2ie_DWP9Mpaplw3XZNbwDQUKe1GoKCcNoeQaRcQAYzQixE_QA2BCZJsuqqPRz9S0PhohqRO1hQLO_jM7F13UC60eVoxbSUbx2uvfLxVDZDYqCKHuZryxRCyu0qVogjpr6qyBeLDU2Ame3xcfkbLqp6bJOpaOMHbDd8StJOx-POs9LFTW-qA7QzFlVDKA4DW-ONlRxsrCDnqR7-MbkpJB1f-_vX-CUTzzjKYdTFnUWzUg_zgHVJjSjob5X61MBKJdEKc9gP69YkcrNd1j85E_K0z-kUFW30akI2ssy9Eu590-n-M40R2YvM7E2b9QgaTpWRrTnwIYXjH62zIkdE7Clkor85jXNiNrdLE0_WX9hDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIzZGrsMaEgQMVYoVQBh0TagsAEAEYASAAEgI-LvD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJW4Tx1iw5N9ukFvxk3AGyftcCP1-RCcBREozmaJkiObI59HWreTRTBl7qg0Lv7XLI7ggNAvuvsGAE%26sig%3DAOD64_30RMoMq1e_OEbTukoZaS4zNo7Dog%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-Aa9FPOb0RA9CmWJwiIwg05YDnnyn6T1nmOF1aCmq4f2QEJl-YwIw0wfyIl8gIkwUY0I_gjXcTiBDsTVzAD78mDf5ZIUKhpa0u0ejmUbvLd_n8pAkieEoqOD__Zu88bIYQEPjd6ZAo_sokZxTCbo5an2EhTHs1SEv9RJBejasu937O7EN4%26cry%3D1%26dbm_d%3DAKAmf-D69QEghfLkEMWY7sQXwq5gEL54y5GRSXtAcMZvauxvqAzcGqjbVc_yyKTW_rk_dNC0L5Eoa7nkfU0Y61M5kBlE5crlCladQv9z1i36wxwIKOZcDVFK0lDZtkdPsfYGD-QAe6NezS9gXaBRw1egyG1SYLa7MGX-18V8alLL8PN5E2zAoRRyXN12XUgjkoBZcxXXSA7V0wB_hYVA6h5hg57kILoXhPE3xOBMd_8AYtmCAl5MlJ65soxDiGUQl5Jq8dubJ-_AdObsVFmn3SN33elw4oK4yxIn_XIUQv4jH5i4ELAYLclYGxlRSDqMC3_h3cT5NF0D9uaXMC7ft-zhkuI31Xgnb12VhZU3tHNWW4IxF2a90XHbCMl37P5dR7WGpxI2dNVM2I1n873D13UPcy2Dlr9ZSOjUwUpsa01D4AzmIH7U1Xroh7fwQQksID_oTmfcIL3zgBCOtOayy0XqR8dQJcVfDQA7OrL5h5059Hp6n5j1vhmx4ut_CXO7cqIWLHR1Wh9o%26adurl%3D&documentReferer=https%3A%2F%2Fbemblogado.com.br%2F&ancestorOrigins=https%3A%2F%2Fbemblogado.com.br&random=2096293073468&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 278

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3246743878721.903 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJSyrbHGhIEDFUIMaAgdJpUBxQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3246743878721.903

Request Chain 282

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGq-iUe2k9cEqwjhW1h60tk&google_cver=1&google_push=AXcoOmThIuS-qbP5z108XiWFZGcqKlzTt5iDTrYj0Tjs41mSu-F0VEX-v83pR9jO26AzoKSEvIvlg66HKhRVQ9kZhFMVND5NBv4Ayqc HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGq-iUe2k9cEqwjhW1h60tk&google_cver=1&google_push=AXcoOmThIuS-qbP5z108XiWFZGcqKlzTt5iDTrYj0Tjs41mSu-F0VEX-v83pR9jO26AzoKSEvIvlg66HKhRVQ9kZhFMVND5NBv4Ayqc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RTZoVlZOcHoxUUJsTkI1&google_gid=CAESEGq-iUe2k9cEqwjhW1h60tk&google_cver=1&google_push=AXcoOmThIuS-qbP5z108XiWFZGcqKlzTt5iDTrYj0Tjs41mSu-F0VEX-v83pR9jO26AzoKSEvIvlg66HKhRVQ9kZhFMVND5NBv4Ayqc

Request Chain 285

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED2rlqibjzzuW6xMc3pABS4&google_cver=1&google_push=AXcoOmRPp9KCCWVXCBTPVNqh-A-LghCS8Bi7JRN1Pj_afbWcvVvYru92jODiTEdzSnfHhr9z1Mfkk0mnALkgwevVhTqcJT_npuga3Q HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESED2rlqibjzzuW6xMc3pABS4&google_cver=1&google_push=AXcoOmRPp9KCCWVXCBTPVNqh-A-LghCS8Bi7JRN1Pj_afbWcvVvYru92jODiTEdzSnfHhr9z1Mfkk0mnALkgwevVhTqcJT_npuga3Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTkyNTgwMzU5NjE3MzM4MjQ4Nw&google_push=AXcoOmRPp9KCCWVXCBTPVNqh-A-LghCS8Bi7JRN1Pj_afbWcvVvYru92jODiTEdzSnfHhr9z1Mfkk0mnALkgwevVhTqcJT_npuga3Q

292 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bemblogado.com.br/site/
Redirect Chain

http://bemblogado.com.br/
https://bemblogado.com.br/site/

184 KB
51 KB

2335ms
2051ms

Document
text/html

192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: db81762abc8ba52342ea14502070698fe831c0ca4ea9b5d50671181c2a3fb158

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 14:03:52 GMT
link: <https://bemblogado.com.br/site/wp-json/>; rel="https://api.w.org/", <https://bemblogado.com.br/site/wp-json/wp/v2/pages/89283>; rel="alternate"; type="application/json", <https://bemblogado.com.br/site/>; rel=shortlink
server: Apache
vary: Accept-Encoding
x-litespeed-tag: f75_HTTP.200

Redirect headers

Connection: Keep-Alive
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 30 Aug 2023 14:03:52 GMT
Keep-Alive: timeout=5, max=75
Location: https://bemblogado.com.br/site/
Server: Apache

GET
H2 200 style.min.css
bemblogado.com.br/site/wp-includes/css/dist/block-library/ 102 KB
19 KB 269ms
266ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/css/dist/block-library/style.min.css?ver=4cdb5f8c5168dfc1c6d29ad8754fcfc2
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Wed, 19 Jul 2023 11:13:55 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 frontend.css
bemblogado.com.br/site/wp-content/plugins/jet-engine/assets/css/ 71 KB
13 KB 289ms
286ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/jet-engine/assets/css/frontend.css?ver=3.2.3.1
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 51deddce2061e92e3f5354e9a1cfb6c44a34779ea37509e7fcd222a9af116ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:41 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12898

GET
H2 200 style.min.css
bemblogado.com.br/site/wp-content/themes/hello-elementor/ 6 KB
2 KB 150ms
147ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/themes/hello-elementor/style.min.css?ver=2.8.1
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 011426f6c5b5be4d1d609555cb477dc3f139a464526650c11e09dece069936ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 12:56:08 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2276

GET
H2 200 theme.min.css
bemblogado.com.br/site/wp-content/themes/hello-elementor/ 13 KB
3 KB 156ms
153ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/themes/hello-elementor/theme.min.css?ver=2.8.1
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: ab14e945bc72af34e28b188ff288f89d5fff8049ef298cdaeb189af9eaf164e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 12:56:08 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3351

GET
H2 200 frontend.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/css/ 153 KB
27 KB 159ms
156ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.14.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: f4fc30c4e9f080778ac2f49816e7650fb6b13f26b1decef6dcfb55209b002274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 post-89528.css
bemblogado.com.br/site/wp-content/uploads/elementor/css/ 338 B
253 B 148ms
145ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89528.css?ver=1691436195
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 98ffa42ce3f18359719610b0ba6da67b159897622e9b8ce39cc028454ae446a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:15 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 163

GET
H2 200 elementor-icons.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 152ms
149ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.20.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4042

GET
H2 200 swiper.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 154ms
151ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3188

GET
H2 200 post-89244.css
bemblogado.com.br/site/wp-content/uploads/elementor/css/ 15 KB
2 KB 157ms
155ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89244.css?ver=1691436184
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 6f458cc595c07157e118cfc1b0f09dd34aa02eb00fcab7688ca7eef7dababe27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2415

GET
H2 200 frontend.min.css
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/css/ 448 KB
69 KB 287ms
284ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.15.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 6373b977c2e74421978a4f4ec2ec6ea4259b5dcb5968b4b5cbe8df78c310e1a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:31 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 post-89283.css
bemblogado.com.br/site/wp-content/uploads/elementor/css/ 59 KB
10 KB 551ms
548ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89283.css?ver=1691436196
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 900c7bdac483b7fe96516c706e902bc1ca0c012526b42aeaf2b22927d6372060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:16 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 9793

GET
H2 200 post-89265.css
bemblogado.com.br/site/wp-content/uploads/elementor/css/ 7 KB
1 KB 550ms
548ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89265.css?ver=1691436184
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 820c6a4627f2731479fbc2133d5047d493f71058bf20a445fac83a6a660444bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1188

GET
H2 200 post-89261.css
bemblogado.com.br/site/wp-content/uploads/elementor/css/ 25 KB
4 KB 546ms
544ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89261.css?ver=1691436185
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: db55133a67a89d7afa8eec358261698e5f831c82cdb2107973b8fe404f5ddc7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:05 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4345

GET
H2 200 post-89590.css
bemblogado.com.br/site/wp-content/uploads/elementor/css/ 2 KB
622 B 402ms
400ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89590.css?ver=1691436196
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 16cb5bdf4fab9cae6686619fbf8ef1b240302bd7ee037e91ae036b35d2405a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:16 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 567

GET
H2 200 ekiticons.css
bemblogado.com.br/site/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ 122 KB
13 KB 544ms
541ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.9.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 49ebaf0bfad5aaf0c66de0bb84a2c7d1e32f33add8d6cb75897ae56cb07bcda9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 20:38:01 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12952

GET
H2 200 widget-styles.css
bemblogado.com.br/site/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 435 KB
78 KB 545ms
543ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.9.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: ebd4a78569ef1fab71b07e0f3e449819623ae220f0080fb6ec59fb66f2f65489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 20:38:02 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 responsive.css
bemblogado.com.br/site/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 30 KB
4 KB 542ms
540ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.9.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 12c3f7bc60c99d1b6b634d6cd16fbb0e26ae75ddda15d7a6e5106cd5dad83f14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 20:38:02 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4442

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 90ms
34ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind+Vadodara%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBarlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=4cdb5f8c5168dfc1c6d29ad8754fcfc2

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e173360f5af3286284d8543def13aa486b8fa8b99ca2ebcaeadc8c17593a9623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 14:03:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 14:03:54 GMT

GET
H2 200 fontawesome.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
12 KB 549ms
547ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12577

GET
H2 200 solid.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
341 B 548ms
546ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 309

GET
H2 200 brands.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 675 B
340 B 547ms
545ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 308

GET
H2 200 jquery.min.js Show response
bemblogado.com.br/site/wp-includes/js/jquery/ 85 KB
37 KB 551ms
549ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Fri, 26 May 2023 11:33:35 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
bemblogado.com.br/site/wp-includes/js/jquery/ 13 KB
5 KB 546ms
545ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
content-encoding: gzip
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5422

GET
H2 200 logo-bem-blogado.png
bemblogado.com.br/site/wp-content/uploads/2021/07/ 33 KB
33 KB 285ms
282ms Image
image/png 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2021/07/logo-bem-blogado.png
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: bf9f2d5bcce79d7840892c9d7e662802236736b019105c61e2b8e05935852a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Sun, 17 Oct 2021 21:12:43 GMT
server: Apache
accept-ranges: bytes
content-length: 33890
content-type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 140ms
71ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8287694053987657

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

856b57a15825aac97cbf4d74f9a64a6b07f38d3715e0888b2e3ae4a79537c9d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51518
x-xss-protection: 0
server: cafe
etag: 3886201276123406405
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 14:03:55 GMT

GET
H2 200 Ricardo-Salles-tronco.jpg
bemblogado.com.br/site/wp-content/uploads/2021/05/ 469 KB
469 KB 402ms
401ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2021/05/Ricardo-Salles-tronco.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: c3a5c129a8eeeb7a4691be63260a36e4de189d1a3465767de7694a4e20d7e891

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:54 GMT
last-modified: Wed, 19 May 2021 15:09:11 GMT
server: Apache
accept-ranges: bytes
content-length: 480391
content-type: image/jpeg

GET
H2 200 dinheiro-teto-de-gasto-corte-economia.jpg
bemblogado.com.br/site/wp-content/uploads/2022/12/ 202 KB
202 KB 285ms
283ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2022/12/dinheiro-teto-de-gasto-corte-economia.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 2201fc3e9b5096b843187a77982f8203b6527a8c1b5d15379d84802b4de401c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Tue, 06 Dec 2022 21:46:59 GMT
server: Apache
accept-ranges: bytes
content-length: 206412
content-type: image/jpeg

GET
H2 200 Pinochet-3.jpg
bemblogado.com.br/site/wp-content/uploads/2018/11/ 126 KB
126 KB 285ms
283ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2018/11/Pinochet-3.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 37c936db1c8089eb69872a674a70f90171f3bd241c7c3834c9ddc555e249be19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Mon, 26 Nov 2018 12:07:23 GMT
server: Apache
accept-ranges: bytes
content-length: 128923
content-type: image/jpeg

GET
H2 200 IMG_20230715_134732.jpg
bemblogado.com.br/site/wp-content/uploads/2023/07/ 5 MB
5 MB 438ms
436ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/07/IMG_20230715_134732.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 86cda207bb9abf4e76744b003e3348daaee8577af83ea80b2f06e98d67a2f0e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Mon, 17 Jul 2023 19:20:14 GMT
server: Apache
accept-ranges: bytes
content-length: 5182140
content-type: image/jpeg

GET
H2 200 fontawesome-all.min.css
bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/ 54 KB
12 KB 151ms
151ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: a64b01d95264e4acae6862a8769b15613750d93c6435ade24925c8a069ea5b0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 19:48:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12140

GET
H2 200 fontawesome-v4-shims.css
bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/ 26 KB
4 KB 170ms
165ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 19:48:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4414

GET
H2 200 animations.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 158ms
154ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.14.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2997

GET
H2 200 frontend-script.js Show response
bemblogado.com.br/site/wp-content/plugins/elementskit-lite/libs/framework/assets/js/ 40 B
69 B 172ms
167ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.9.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Tue, 25 Jul 2023 20:38:01 GMT
server: Apache
accept-ranges: bytes
content-length: 40
content-type: application/javascript

GET
H2 200 widget-scripts.js Show response
bemblogado.com.br/site/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 134 KB
53 KB 161ms
156ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.9.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 03ca8c38633872b885f1e54e729c4597da2f1c52d06f9a5289ddda7ca3a9930c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 20:38:02 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery.smartmenus.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
9 KB 171ms
167ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 9638

GET
H2 200 imagesloaded.min.js Show response
bemblogado.com.br/site/wp-includes/js/ 5 KB
2 KB 165ms
160ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2103

GET
H2 200 jet-plugins.js Show response
bemblogado.com.br/site/wp-content/plugins/jet-engine/assets/lib/jet-plugins/ 6 KB
2 KB 163ms
159ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/jet-engine/assets/lib/jet-plugins/jet-plugins.js?ver=1.1.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: d98bdd8d9c4da34ca6f4639dbccbfd3d45154788793091ef016384411c97759f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:41 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2412

GET
H2 200 frontend.js Show response
bemblogado.com.br/site/wp-content/plugins/jet-engine/assets/js/ 55 KB
17 KB 168ms
164ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/jet-engine/assets/js/frontend.js?ver=3.2.3.1
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 76b097d6e0e8909b60f072b3ce1f49fe6e274494d45ae388d573019f29ebf573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:41 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 17548

GET
H2 200 webpack-pro.runtime.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 164ms
160ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.15.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: ff6a57fb71498826e9c37e64a6216349c3a637fc14a0ca1162ab548a453de078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:30 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2643

GET
H2 200 webpack.runtime.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 165ms
161ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.14.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 1349c213766a5f6da0fb2866ac869b3d0a931cbdae3ddcedb800c2f3e55f2ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2316

GET
H2 200 frontend-modules.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/ 52 KB
20 KB 565ms
561ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.14.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 55bf10a1645567d3b7ed40204525c8dc89a32c5851adecce569f5fd5ed97b88b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-polyfill-inert.min.js Show response
bemblogado.com.br/site/wp-includes/js/dist/vendor/ 8 KB
3 KB 438ms
434ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2977

GET
H2 200 regenerator-runtime.min.js Show response
bemblogado.com.br/site/wp-includes/js/dist/vendor/ 6 KB
3 KB 432ms
429ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 15:56:37 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2726

GET
H2 200 wp-polyfill.min.js Show response
bemblogado.com.br/site/wp-includes/js/dist/vendor/ 16 KB
7 KB 433ms
430ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6842

GET
H2 200 hooks.min.js Show response
bemblogado.com.br/site/wp-includes/js/dist/ 5 KB
2 KB 436ms
433ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1619

GET
H2 200 i18n.min.js Show response
bemblogado.com.br/site/wp-includes/js/dist/ 9 KB
4 KB 434ms
431ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Wed, 28 Jun 2023 20:08:46 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3951

GET
H2 200 frontend.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 24 KB
8 KB 572ms
569ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.15.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 8b282aff34d04a851b1396e4451d1ddb3d9b00a330f4c9907d4dbc8df632104e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:30 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 8611

GET
H2 200 waypoints.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 567ms
564ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3747

GET
H2 200 core.min.js Show response
bemblogado.com.br/site/wp-includes/js/jquery/ui/ 21 KB
8 KB 565ms
562ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 8343

GET
H2 200 frontend.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/ 40 KB
16 KB 572ms
569ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.14.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 7a3a19faa84ab238ac542e09efa9a6e3575b46805b9a43343b3cb445e08b1ecc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 16453

GET
H2 200 elements-handlers.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 35 KB
11 KB 457ms
454ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.15.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 4edefaae0530f8e4876f4002cef896bf8eaec505584d8060b2a427122cc12493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 11029

GET
H2 200 animate-circle.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 681 B
483 B 563ms
560ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.min.js?ver=2.9.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: a8642bcd147ba3528345f5bd17f788cd524931e093255b2c1c8344677a1ab505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 20:38:02 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 451

GET
H2 200 elementor.js Show response
bemblogado.com.br/site/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 18 KB
6 KB 565ms
562ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.9.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 2c34c72649547631a667da33a6f1a5198c7005c5af2cf5ed2631db33150d1a58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 20:38:02 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6304

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 70ms
19ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 13:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 852
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 30 Aug 2023 15:49:43 GMT

GET
H2 200 abstract.jpg
bemblogado.com.br/site/wp-content/uploads/2021/07/ 120 KB
120 KB 431ms
431ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2021/07/abstract.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89283.css?ver=1691436196
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 3f693849edf3db91546d7f6211a09e7b26af212848f7d20a2d5dd218ccf24c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89283.css?ver=1691436196
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Thu, 01 Jul 2021 20:59:30 GMT
server: Apache
accept-ranges: bytes
content-length: 123032
content-type: image/jpeg

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 73ms
21ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind+Vadodara%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBarlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=4cdb5f8c5168dfc1c6d29ad8754fcfc2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:34:12 GMT
x-content-type-options: nosniff
age: 73783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 17:34:12 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 98ms
47ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 05:31:58 GMT
x-content-type-options: nosniff
age: 376317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 05:31:58 GMT

GET
H2 200 fa-solid-900.woff2
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
76 KB 423ms
422ms Font
font/woff2 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
accept-ranges: bytes
content-length: 78196
content-type: font/woff2

GET
H2 200 neIQzCKvrIcn5pbuuuriV9tTSGH2uXQ-oA.woff2
fonts.gstatic.com/s/hindvadodara/v13/ 14 KB
15 KB 111ms
60ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hindvadodara/v13/neIQzCKvrIcn5pbuuuriV9tTSGH2uXQ-oA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7228a077f0c25993ee7599dd9788316135be1755cb02490dc6c880d03205676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:53:30 GMT
x-content-type-options: nosniff
age: 583825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14796
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 19:53:30 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 87ms
36ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 02:31:14 GMT
x-content-type-options: nosniff
age: 41561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2024 02:31:14 GMT

GET
H2 200 neIQzCKvrIcn5pbuuuriV9tTSE3xuXQ-oA.woff2
fonts.gstatic.com/s/hindvadodara/v13/ 14 KB
14 KB 107ms
56ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hindvadodara/v13/neIQzCKvrIcn5pbuuuriV9tTSE3xuXQ-oA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57b9ed46db9f0404ccd138ab81ac7cb24d5a084103cfdc53b776792f1d487465

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 08:05:07 GMT
x-content-type-options: nosniff
age: 367128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14672
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 08:05:07 GMT

GET
H2 200 Bolsonaro-bandeira-americaba-USA-EUA.jpeg
bemblogado.com.br/site/wp-content/uploads/2023/01/ 63 KB
63 KB 383ms
381ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/01/Bolsonaro-bandeira-americaba-USA-EUA.jpeg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 113563e05072c4e53abdec78496fa358c7090aa9bef7954d1b782d58099fe39e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Wed, 11 Jan 2023 20:44:31 GMT
server: Apache
accept-ranges: bytes
content-length: 64608
content-type: image/jpeg

GET
H2 200 Quinho-chargista-crise-da-meia-idade.jpg
bemblogado.com.br/site/wp-content/uploads/2023/08/ 75 KB
75 KB 395ms
392ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/08/Quinho-chargista-crise-da-meia-idade.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: eb54cf6050a1ec0bee79457f8962e2d8195c510fc927fa30ab8d26192d4c014e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Tue, 29 Aug 2023 15:28:49 GMT
server: Apache
accept-ranges: bytes
content-length: 76602
content-type: image/jpeg

GET
H2 200 Ex-exilados-brasileiros-no-Chile.jpg
bemblogado.com.br/site/wp-content/uploads/2023/08/ 854 KB
855 KB 395ms
393ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/08/Ex-exilados-brasileiros-no-Chile.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 1642f2b4a67037010b80ea9f5f310bd36f51102f9c5e9861a3f4890358b2619d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Tue, 29 Aug 2023 18:36:27 GMT
server: Apache
accept-ranges: bytes
content-length: 874929
content-type: image/jpeg

GET
H2 200 Pablo-Picasso-and-Francoise-Gilot.png
bemblogado.com.br/site/wp-content/uploads/2023/08/ 261 KB
261 KB 405ms
403ms Image
image/png 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/08/Pablo-Picasso-and-Francoise-Gilot.png
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: f32d3285eaf3023b465f2446c955f9cbc61b3416ecfa779d247cb5daa3cb1089

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Tue, 29 Aug 2023 15:39:04 GMT
server: Apache
accept-ranges: bytes
content-length: 267213
content-type: image/png

GET
H2 200 WhatsApp-Image-2023-05-19-at-13.40.09-1-1.jpeg
bemblogado.com.br/site/wp-content/uploads/2023/05/ 275 KB
276 KB 403ms
401ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/05/WhatsApp-Image-2023-05-19-at-13.40.09-1-1.jpeg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: e1eac998f8f98a950ef8d3c087cea35d3698ea3fa8c43f85c48ff761241581f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Fri, 19 May 2023 17:34:53 GMT
server: Apache
accept-ranges: bytes
content-length: 282109
content-type: image/jpeg

GET
H2 200 IMG_3939-2048x1536.jpg
bemblogado.com.br/site/wp-content/uploads/2023/04/ 388 KB
389 KB 413ms
412ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/04/IMG_3939-2048x1536.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 1c3409ece9059559d362395149fe2316a2df03316e2c6a937452ce3a8a79625e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Tue, 04 Apr 2023 15:46:49 GMT
server: Apache
accept-ranges: bytes
content-length: 397707
content-type: image/jpeg

GET
H2 200 IMG_3221-2-scaled.jpg
bemblogado.com.br/site/wp-content/uploads/2023/02/ 551 KB
552 KB 403ms
401ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/02/IMG_3221-2-scaled.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: d8ce474bf0f5af6a1ce77f0710b2fc4a60b0d2c3276c5c666fff1571fa27a6bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Tue, 07 Feb 2023 13:03:24 GMT
server: Apache
accept-ranges: bytes
content-length: 564545
content-type: image/jpeg

GET
H2 200 IMG_2439-2-2048x1235.jpg
bemblogado.com.br/site/wp-content/uploads/2023/01/ 228 KB
228 KB 522ms
521ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/01/IMG_2439-2-2048x1235.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 77a8906be61f62bd50c983b56b128f0e3226cda5ef0f805b8b2f0699f90af184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Mon, 30 Jan 2023 15:24:03 GMT
server: Apache
accept-ranges: bytes
content-length: 233371
content-type: image/jpeg

GET
H2 200 IMG_3023-2-scaled.jpg
bemblogado.com.br/site/wp-content/uploads/2023/01/ 594 KB
594 KB 403ms
402ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/01/IMG_3023-2-scaled.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 385b2fc8ba9710ed54dbbe25d2d8d04a8d396f0c147ad88420bae9c260f8e71e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Sun, 22 Jan 2023 17:44:49 GMT
server: Apache
accept-ranges: bytes
content-length: 607944
content-type: image/jpeg

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
222 B 27ms
27ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=632161467&t=pageview&_s=1&dl=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ul=en-us&de=UTF-8&dt=Home%20%E2%80%93%20Bem%20Blogado&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1015901578&gjid=691457888&cid=786774982.1693404235&tid=UA-47830520-8&_gid=1453981451.1693404235&_r=1&_slc=1&z=195353969

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

4c3ca291235f8e06df80f338ead76fcdf7d1375ced7d20ab90d6d18adc788783

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bemblogado.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bemblogado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 87ms
36ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YNST7LZLF9&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5717914f6f7f40cdab0cb482dae99f9592102b1be240c4bdeb5426fa184ea480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80829
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 14:03:55 GMT

GET
H2 200 fa-solid-900.woff2
bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/ 74 KB
74 KB 414ms
414ms Font
font/woff2 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-solid-900.woff2
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer: https://bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Mon, 05 Jul 2021 19:48:22 GMT
server: Apache
accept-ranges: bytes
content-length: 75440
content-type: font/woff2

GET
H2 200 elementskit.woff
bemblogado.com.br/site/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/ 448 KB
449 KB 1051ms
1050ms Font
font/woff 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.9.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: c1a14078be47bd4e4cf5ba42f7ebc1000a6ae1bfc084f1c7e6132f49823ed038

Request headers

Referer: https://bemblogado.com.br/site/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.9.0
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Tue, 25 Jul 2023 20:38:02 GMT
server: Apache
accept-ranges: bytes
content-length: 459244
content-type: font/woff

GET
H2 200 fa-brands-400.woff2
bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/ 73 KB
73 KB 1051ms
1051ms Font
font/woff2 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-brands-400.woff2
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Request headers

Referer: https://bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
last-modified: Mon, 05 Jul 2021 19:48:22 GMT
server: Apache
accept-ranges: bytes
content-length: 74508
content-type: font/woff2

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/ 384 KB
130 KB 139ms
95ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8287694053987657&plah=bemblogado.com.br&bust=31077452

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8287694053987657

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57bc92bcea74505f09f62432bfd540ecd444adb619d0a77dd7096e4966893bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133273
x-xss-protection: 0
server: cafe
etag: 13909608318076124987
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 14:03:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/ Frame 9FE3 10 KB
5 KB 68ms
19ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8287694053987657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 17:31:08 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 17:31:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 77ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YNST7LZLF9&gtm=45je38s0&_p=632161467&_gaz=1&ul=en-us&sr=1600x1200&cid=786774982.1693404235&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&dt=Home%20%E2%80%93%20Bem%20Blogado&sid=1693404235&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNST7LZLF9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bemblogado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 84ms
28ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YNST7LZLF9&cid=786774982.1693404235&gtm=45je38s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNST7LZLF9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bemblogado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 107ms
58ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YNST7LZLF9&cid=786774982.1693404235&gtm=45je38s0&aip=1&z=514201873

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
608 B 84ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bemblogado.com.br&callback=_gfp_s_&client=ca-pub-8287694053987657

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8287694053987657&plah=bemblogado.com.br&bust=31077452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5650637bb661b14d1bc3b6fa99383a374bb254026f1a95add4d6f468c467202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2E9E 500 KB
76 KB 1011ms
1010ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&adk=1812271804&adf=3025194257&lmt=1693397035&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235372&bpp=7&bdt=825&idt=319&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3677201854671&frm=20&pv=2&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=368

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10584e906d8e60b49110307f45c191e6c3c09380309f3bb78da5608ed58684b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 77471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 14:03:56 GMT
expires: Wed, 30 Aug 2023 14:03:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F334 117 KB
38 KB 384ms
383ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=1313107541&pi=t.ma~as.3741984719&w=728&lmt=1693397035&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235379&bpp=1&bdt=833&idt=367&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=371

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc8df70123fd2c3752d9e3d07647700f9f0ed85c033a8e5d6553ce49bb1b4f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38601
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 14:03:56 GMT
expires: Wed, 30 Aug 2023 14:03:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2825 96 KB
37 KB 980ms
979ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=250&slotname=2489941788&adk=4036205056&adf=3446456765&pi=t.ma~as.2489941788&w=300&lmt=1693397035&format=300x250&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235380&bpp=1&bdt=834&idt=383&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&dtd=398

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d70cf48a26f2f086c468d1d2ea393414732104a89b02f55e01aadec7a56da52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37498
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 14:03:56 GMT
expires: Wed, 30 Aug 2023 14:03:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA79 120 KB
40 KB 902ms
901ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=600&slotname=7167553397&adk=514359781&adf=2883579220&pi=t.ma~as.7167553397&w=300&lmt=1693397035&format=300x600&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=411&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=414

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b7646ab10a6d458f86cde5a321dcb0895d6f320d43ab10ed398806d42b337fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40744
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 14:03:56 GMT
expires: Wed, 30 Aug 2023 14:03:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dialog.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 1368ms
1368ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.14.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4258

GET
H2 200 lightbox.3489c2bc8f62c7ee72ed.bundle.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/ 29 KB
11 KB 1374ms
1374ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/lightbox.3489c2bc8f62c7ee72ed.bundle.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.14.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 3c64c244ff740b42a62b4c041be721224db62770ed7effd48954990593ded6cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 11742

GET
H2 200 share-link.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 1367ms
1366ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.14.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.14.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1187

GET
H2 200 nav-menu.3347cc64f9b3d71f7f0c.bundle.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 1365ms
1365ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/nav-menu.3347cc64f9b3d71f7f0c.bundle.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.15.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: d0751c0f8c9afc5945b9005fad0a30391084c66d5375bcac011009202d8e933d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1885

GET
H2 200 search-form.6eb419c467197ca411a7.bundle.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 2 KB
897 B 1357ms
1356ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/search-form.6eb419c467197ca411a7.bundle.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.15.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 775cbce49923f2cae3409769a61f094eb3ccc5069cdacd46af20695fba981e4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:30 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 842

GET
H2 200 load-more.064e7e640e7ef9c3fc30.bundle.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 1358ms
1358ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/load-more.064e7e640e7ef9c3fc30.bundle.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.15.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: ba856c95ad83a1bd0b52407f7133fc982dcb73c0701d4e251ac6e6cb0fcf28f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1902

GET
H2 200 posts.e33113a212454e383747.bundle.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 3 KB
1 KB 1353ms
1353ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/posts.e33113a212454e383747.bundle.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.15.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 164b1fab27fe0015d42e7d587173f250bd1f1a82b114df0a6ccfafb9b304eeef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1359

GET
H2 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/ 1 KB
705 B 1337ms
1336ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.14.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 192811b11cab8b2d4254be60c82edeb3054b8c0a5aa7092b5a934adbd9e3320f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 673

GET
H2 200 form.72b77b99d67b130634d2.bundle.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 19 KB
6 KB 1327ms
1324ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/form.72b77b99d67b130634d2.bundle.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.15.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 73dcf18fb3a519e95880a1f8444b7096160c2ffb1d6ab9201cfc8eaa95e1f907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6552

GET
H2 200 popup.483b906ddaa1af17ff14.bundle.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 759 B
483 B 1333ms
1330ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/popup.483b906ddaa1af17ff14.bundle.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.15.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 03764450cebf44f072c4dca8e4dbbdb46bca61eb7882584bd58d0d1f5e5f000c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 451

GET
H2 200 css
fonts.googleapis.com/ Frame F334 4 KB
751 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 12:25:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 14:03:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame F334 2 KB
945 B 88ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
DATA 200
OK truncated
/ Frame F334 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame F334
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
108 KB

22ms
22ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 21:23:51 GMT
x-content-type-options: nosniff
age: 319205
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 21:23:51 GMT

Redirect headers

date: Wed, 30 Aug 2023 08:03:05 GMT
x-content-type-options: nosniff
server: cafe
age: 21651
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 29 Sep 2023 08:03:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame F334 23 KB
9 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame F334 3 KB
1 KB 81ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 08:51:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame F334 20 KB
8 KB 77ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F334 181 KB
57 KB 137ms
78ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 14:03:56 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame F334 36 KB
15 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
DATA 200
OK truncated
/ Frame F334 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52a9debfb11e5fef64072dd58c0c8c7653377fe6c016dc11d049ae35c1dbdda5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F334 16 KB
16 KB 21ms
19ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 74262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 17:26:14 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F334
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CaSOSS0zvZM7xL4OOtwfAxp6YC82q28ZtybrswagMgvyTjc4EEAEgzfjeI2CVivuBlAegAbC6odcDyAEJqQL8am_kHjeyPqgDAcgDywSqBP0BT9BDiZz0xq3oNN5URQwg7UP8cIOfe948O12...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211355337080709305925%22,%22debug_reporting%22:true,%22destination%22:%22https://swoodoo.com%22,%22event_report_window%22:%...

0
0

168ms
120ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211355337080709305925%22,%22debug_reporting%22:true,%22destination%22:%22https://swoodoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212483267724753642289%22}&andc=true

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11355337080709305925","debug_reporting":true,"destination":"https://swoodoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"12483267724753642289"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 14:03:56 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 14:03:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11355337080709305925","debug_reporting":true,"destination":"https://swoodoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"12483267724753642289"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 376E 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Aug 2024 13:43:49 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 191ms
123ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 14:03:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame AA79 14 KB
1 KB 52ms
52ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=600&slotname=7167553397&adk=514359781&adf=2883579220&pi=t.ma~as.7167553397&w=300&lmt=1693397035&format=300x600&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=411&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=414

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 12:29:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 14:03:56 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame AA79 2 KB
892 B 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame AA79 23 KB
9 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame AA79 3 KB
1 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 08:51:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame AA79 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA79 181 KB
57 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 14:03:56 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame AA79 36 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
H3 200 3290418883898309587
tpc.googlesyndication.com/simgad/ Frame 2825 52 KB
52 KB 25ms
24ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3290418883898309587?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk4h98TP32qsacJrdLKYDD0J3pJRw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=250&slotname=2489941788&adk=4036205056&adf=3446456765&pi=t.ma~as.2489941788&w=300&lmt=1693397035&format=300x250&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235380&bpp=1&bdt=834&idt=383&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&dtd=398

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0142ba30d0b7ae4c850070c3f547ee535342963bbbc4e3173d76a1e8f0384cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 23:43:21 GMT
x-content-type-options: nosniff
age: 51635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52973
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 10:29:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Aug 2024 23:43:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 2825 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 2825 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 08:51:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 2825 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2825 181 KB
56 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 14:03:56 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 2825 35 KB
14 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1cda6441d6032222b35f93ae5f3bddff8eab851e5e8622049ef96f0b53bb01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14423
x-xss-protection: 0
server: cafe
etag: 4855010618112703997
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 14:46:30 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13076542624260118597/ Frame AA79 189 KB
189 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13076542624260118597/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

482c112b0048b8d19f2d30ab6b8f140ae01848b62b375bfd74d3f5f7365fe0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 07:36:35 GMT
x-content-type-options: nosniff
age: 368841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 193712
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 11:59:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 07:36:35 GMT

GET
DATA 200
OK truncated
/ Frame AA79 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AA79 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 74D9 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=250&slotname=2489941788&adk=4036205056&adf=3446456765&pi=t.ma~as.2489941788&w=300&lmt=1693397035&format=300x250&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235380&bpp=1&bdt=834&idt=383&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&dtd=398
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 13:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/ 154 KB
52 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/reactive_library_fy2021.js?bust=31077452

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bb7a3e2dd732c62832944233c630e7738da90051257cf7f5d1b76cd41907a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53638
x-xss-protection: 0
server: cafe
etag: 11628520545883357354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 14:03:56 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E1DC 122 KB
42 KB 537ms
537ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=1352110373&pi=t.aa~a.1668263445~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236943&bpp=1&bdt=2397&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600&nras=2&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&dtd=83

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89a704664f801d9ff1f8d5e3f92003c8cdaa96661fa030a444f085cc80470768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42578
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 14:03:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AA79 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fe16285450ca6ed378d7a7180a82ab212afa46aac33790ef66fd9637ab778ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2825 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d5bee8dc7c6bdac4bdb83ee07757921bb514da8918b6267af23d4a4c5591fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2825
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CaHE7S0zvZOP2MZLwtgfx_qiIDr-B08BxoP26xsoR3NkeEAEgzfjeI2CVivuBlAegAZ26sqMDyAECqQJh1Afuaz-1PqgDAcgDyQSqBIICT9C8ArMHfBPDHs9OzjOZcdrErinrcQFxpL6JP29...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226979215958902923646%22,%22debug_reporting%22:true,%22destination%22:%22https://hearclear.com%22,%22event_report_window%22:...

0
0

124ms
124ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226979215958902923646%22,%22debug_reporting%22:true,%22destination%22:%22https://hearclear.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22879533341%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226187905838019745169%22}&andc=true

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6979215958902923646","debug_reporting":true,"destination":"https://hearclear.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["879533341"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"6187905838019745169"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 14:03:57 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 14:03:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6979215958902923646","debug_reporting":true,"destination":"https://hearclear.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["879533341"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"6187905838019745169"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame F094 10 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 18:01:18 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 18:01:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame C8C3 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 18:01:18 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 18:01:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame CE73 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 18:01:18 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 18:01:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 74D9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
33ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 14:03:57 GMT
expires: Wed, 30 Aug 2023 14:03:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 14:03:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame AA79 33 KB
33 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 31769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2024 05:14:28 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 124ms
122ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 14:03:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame F094 14 KB
1 KB 35ms
34ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 14:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 12:25:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 14:03:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame F094 2 KB
892 B 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame F094 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame F094 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 08:51:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame F094 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F094 181 KB
56 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 14:03:57 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame F094 36 KB
15 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C8C3 14 KB
1 KB 31ms
30ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 14:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 12:16:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 14:03:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame C8C3 2 KB
892 B 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame C8C3 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame C8C3 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 08:51:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame C8C3 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8C3 181 KB
56 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 14:03:57 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame C8C3 36 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CE73 4 KB
655 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 14:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 12:24:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 14:03:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame CE73 2 KB
892 B 26ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame CE73 23 KB
9 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame CE73 3 KB
1 KB 27ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 08:51:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame CE73 20 KB
8 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE73 181 KB
56 KB 91ms
87ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 14:03:57 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame CE73 36 KB
15 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
DATA 200
OK truncated
/ Frame CE73 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame CE73
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

23ms
22ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 21:23:51 GMT
x-content-type-options: nosniff
age: 319206
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 21:23:51 GMT

Redirect headers

date: Wed, 30 Aug 2023 08:03:05 GMT
x-content-type-options: nosniff
server: cafe
age: 21652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 29 Sep 2023 08:03:05 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame AA79
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CRPI4S0zvZK_lMtCEwuIP86ydmA-Ag4_Vcp3FlsHNEcCNtwEQASDN-N4jYJWK-4GUB6AB--TfmAPIAQmpAvxqb-QeN7I-qAMByAPLBKoE-wFP0LWQb98scz1Jx7eAPzfNYTKFMhKEncI1ARi...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217267521669852739969%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%222...

0
0

124ms
124ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217267521669852739969%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228410790050215015441%22}&andc=true

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17267521669852739969","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"8410790050215015441"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 14:03:57 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 14:03:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17267521669852739969","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"8410790050215015441"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 eicons.woff2
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 92 KB
92 KB 452ms
452ms Font
font/woff2 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.20.0
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: e90e0d9376b600c05481203d9e81c73aea72d73d160892edd3ec6f52a1cd8a31

Request headers

Referer: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.20.0
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
accept-ranges: bytes
content-length: 94248
content-type: font/woff2

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 370A 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Aug 2024 13:43:49 GMT

GET
H2 200 IMG_3939-scaled.jpg
bemblogado.com.br/site/wp-content/uploads/2023/04/ 554 KB
555 KB 706ms
705ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/04/IMG_3939-scaled.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 6fac165dbd30adee78af2ad7da67bae5ad46ac63ed6ed483134ec35459c75f8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Tue, 04 Apr 2023 15:46:28 GMT
server: Apache
accept-ranges: bytes
content-length: 567719
content-type: image/jpeg

GET
H2 200 IMG_2439-2-scaled.jpg
bemblogado.com.br/site/wp-content/uploads/2023/01/ 338 KB
339 KB 851ms
851ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/01/IMG_2439-2-scaled.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 9fffbb005e41c0039515c83d8c548af523ecf7bcecfe748a59cc4fd7c94983fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Mon, 30 Jan 2023 15:23:40 GMT
server: Apache
accept-ranges: bytes
content-length: 346455
content-type: image/jpeg

GET
H2 200 IMG_2480-scaled.jpg
bemblogado.com.br/site/wp-content/uploads/2023/01/ 473 KB
473 KB 438ms
437ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/01/IMG_2480-scaled.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 8c0fb8b0ad3ef980d41b04107b821bd20880ac3c1cb8e7cbbd59fca89a01aa82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Fri, 13 Jan 2023 15:57:34 GMT
server: Apache
accept-ranges: bytes
content-length: 484321
content-type: image/jpeg

GET
H2 200 IMG_1745-1-scaled.jpg
bemblogado.com.br/site/wp-content/uploads/2022/12/ 692 KB
692 KB 832ms
832ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2022/12/IMG_1745-1-scaled.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 39ab1d55928c4d4d4e2a94697f0287c47174bbb17bd46d3315d959397b4f1471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Wed, 14 Dec 2022 14:15:35 GMT
server: Apache
accept-ranges: bytes
content-length: 708237
content-type: image/jpeg

GET
H2 200 IMG_1690-scaled.jpg
bemblogado.com.br/site/wp-content/uploads/2022/12/ 453 KB
453 KB 832ms
831ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2022/12/IMG_1690-scaled.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 5518a5b78d133e548dcf9300456714d7489f769629ef07d245af24940ff380d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Tue, 13 Dec 2022 20:07:50 GMT
server: Apache
accept-ranges: bytes
content-length: 463377
content-type: image/jpeg

GET
H2 200 IMG_2530-scaled.jpg
bemblogado.com.br/site/wp-content/uploads/2023/01/ 649 KB
649 KB 831ms
830ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/01/IMG_2530-scaled.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: b17546f7d80227a765f3c00e25a2fe71bf1219d0df08b58dfd4833fd51b53d33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Sun, 15 Jan 2023 18:18:05 GMT
server: Apache
accept-ranges: bytes
content-length: 664520
content-type: image/jpeg

GET
H2 200 IMG_2504-scaled.jpg
bemblogado.com.br/site/wp-content/uploads/2023/01/ 470 KB
470 KB 832ms
831ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/01/IMG_2504-scaled.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: e5b06664cc498b43eba024fa0c055c01c109f02df0cf825a2f8824465df270a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Sun, 15 Jan 2023 01:47:53 GMT
server: Apache
accept-ranges: bytes
content-length: 481388
content-type: image/jpeg

GET
H2 200 IMG_1444-scaled.jpg
bemblogado.com.br/site/wp-content/uploads/2022/11/ 489 KB
489 KB 831ms
830ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2022/11/IMG_1444-scaled.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 90d4b4366f20b30c159f35b0dfc2796e64aceb9eb248f7731cac068ede8bc4c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Sun, 20 Nov 2022 20:09:43 GMT
server: Apache
accept-ranges: bytes
content-length: 500471
content-type: image/jpeg

GET
H2 200 Belorizontinos-dao-boas-vindas-a-Jair-Bolsonaro.jpg
bemblogado.com.br/site/wp-content/uploads/2023/08/ 283 KB
284 KB 1236ms
1233ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/08/Belorizontinos-dao-boas-vindas-a-Jair-Bolsonaro.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 4e973232b36706fd9741b51130b68c9b44f021ae5fdb2ba348185a3167d4e775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Mon, 28 Aug 2023 14:36:02 GMT
server: Apache
accept-ranges: bytes
content-length: 290290
content-type: image/jpeg

GET
H2 200 trabalho-desemprego-carteira.jpg
bemblogado.com.br/site/wp-content/uploads/2017/03/ 201 KB
201 KB 1690ms
1684ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2017/03/trabalho-desemprego-carteira.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 9b26f3907619129f01c8d8057788579e8c1ac5eb0667826a41980072a48ceb2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Fri, 24 Mar 2017 18:38:40 GMT
server: Apache
accept-ranges: bytes
content-length: 205564
content-type: image/jpeg

GET
H2 200 desova.jpg
bemblogado.com.br/site/wp-content/uploads/2023/08/ 674 KB
674 KB 1688ms
1682ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/08/desova.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 6f68b3035837dc82e682f6e5fe5971ab572228c6c0fb12522d89193c96a97ba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Mon, 28 Aug 2023 14:25:11 GMT
server: Apache
accept-ranges: bytes
content-length: 689716
content-type: image/jpeg

GET
H2 200 clima-polui%C3%A7%C3%A3o.jpg
bemblogado.com.br/site/wp-content/uploads/2019/08/ 87 KB
87 KB 1690ms
1685ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2019/08/clima-polui%C3%A7%C3%A3o.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 2853c4347bad33b961a3c3b9cebd11c3b6fde1844b270e510c8471c4c8109483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Tue, 20 Aug 2019 14:34:35 GMT
server: Apache
accept-ranges: bytes
content-length: 89118
content-type: image/jpeg

GET
H2 200 tenente-brigadeiro-Francisco-Joseli-Camelo-e-Duda-Salabert.png
bemblogado.com.br/site/wp-content/uploads/2023/08/ 645 KB
645 KB 1691ms
1685ms Image
image/png 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/08/tenente-brigadeiro-Francisco-Joseli-Camelo-e-Duda-Salabert.png
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 2c033b052d10110dbc158af95d97b416ca296db88d9a41b01c70f25d468ef539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Mon, 28 Aug 2023 15:07:55 GMT
server: Apache
accept-ranges: bytes
content-length: 660103
content-type: image/png

GET
H2 200 Fausto-Silva-Perdidos-na-Noite.jpg
bemblogado.com.br/site/wp-content/uploads/2023/08/ 341 KB
341 KB 1690ms
1684ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/08/Fausto-Silva-Perdidos-na-Noite.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 589e90add70353ede27451e99490466f6b4f78a36a4144d07c017d2cb6e91b26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Mon, 28 Aug 2023 14:16:13 GMT
server: Apache
accept-ranges: bytes
content-length: 349015
content-type: image/jpeg

GET
H2 200 lula-plano-safra-credito-rural.jpg
bemblogado.com.br/site/wp-content/uploads/2023/08/ 477 KB
477 KB 1689ms
1683ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/08/lula-plano-safra-credito-rural.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 8f49d0771ebfd74579d3e279beaba8cee49210cbd54e1a9636059ea0d9dd2f53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Mon, 28 Aug 2023 14:06:54 GMT
server: Apache
accept-ranges: bytes
content-length: 488092
content-type: image/jpeg

GET
H2 200 ameaca-padre-Julio-Lancellotti-bilhete.jpg
bemblogado.com.br/site/wp-content/uploads/2023/08/ 117 KB
118 KB 1688ms
1683ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/08/ameaca-padre-Julio-Lancellotti-bilhete.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 1ed04b57db325a6b0b65f70946443fdca03d2167f401118f3a74a0dfda0ea532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Mon, 28 Aug 2023 14:02:22 GMT
server: Apache
accept-ranges: bytes
content-length: 120253
content-type: image/jpeg

GET
H2 200 idoso-coronavirus.jpg
bemblogado.com.br/site/wp-content/uploads/2021/08/ 99 KB
99 KB 1690ms
1685ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2021/08/idoso-coronavirus.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 7ce1ed4b2294bbfed5444a906f04c5850f89b709740e2d2305bf0d6bd90377a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Sat, 16 Oct 2021 20:03:23 GMT
server: Apache
accept-ranges: bytes
content-length: 101278
content-type: image/jpeg

GET
H2 200 agenda-99.jpeg
bemblogado.com.br/site/wp-content/uploads/2022/09/ 267 KB
267 KB 1687ms
1683ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2022/09/agenda-99.jpeg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 78c687b56f5d4e4ffd0ba468c04468a42a5acb97260a311d250a2f33c3d0c950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
last-modified: Thu, 08 Sep 2022 18:06:29 GMT
server: Apache
accept-ranges: bytes
content-length: 273608
content-type: image/jpeg

GET
H2 200 agenda-98.jpeg
bemblogado.com.br/site/wp-content/uploads/2022/07/ 286 KB
287 KB 2194ms
2190ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2022/07/agenda-98.jpeg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 2de41667b0b7fb1b162dd288fb0c464ae09d37af4fd01fff768354fef9c3159e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:58 GMT
last-modified: Wed, 06 Jul 2022 18:47:12 GMT
server: Apache
accept-ranges: bytes
content-length: 293175
content-type: image/jpeg

GET
H2 200 agenda-96.jpeg
bemblogado.com.br/site/wp-content/uploads/2022/05/ 219 KB
219 KB 2194ms
2190ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2022/05/agenda-96.jpeg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: a5fe441b1f2f24379beb960b9fa252592b90fc01be7f2104588f1c65176423f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:58 GMT
last-modified: Thu, 12 May 2022 14:03:06 GMT
server: Apache
accept-ranges: bytes
content-length: 223947
content-type: image/jpeg

GET
H2 200 Quinho-chargista-crise-da-meia-idade-300x168.jpg
bemblogado.com.br/site/wp-content/uploads/2023/08/ 14 KB
14 KB 2192ms
2190ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/08/Quinho-chargista-crise-da-meia-idade-300x168.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: a02e9387b384e39654eee5bd75566bc5335799ea2339f2d4fea0821dacb58cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:58 GMT
last-modified: Tue, 29 Aug 2023 15:28:52 GMT
server: Apache
accept-ranges: bytes
content-length: 14067
content-type: image/jpeg

GET
H2 200 Ricardo-Salles-tronco-300x137.jpg
bemblogado.com.br/site/wp-content/uploads/2021/05/ 15 KB
15 KB 2192ms
2191ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2021/05/Ricardo-Salles-tronco-300x137.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: ab23df16e6bd97faec2100a832bfecf8ee5db9761fe87272854778e8fafb5184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:58 GMT
last-modified: Wed, 19 May 2021 15:09:13 GMT
server: Apache
accept-ranges: bytes
content-length: 14859
content-type: image/jpeg

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F334 42 B
174 B 126ms
124ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4xxKT-HyVL2xcy8tX4DxtWltgkY5wnIV6Hv4nDCup1ArtRarjGNdyWBq7-Za0JFFshcrzVh_oNzu9-eBKwG6l7-5j04LtQFfXwLT8awijY4AEL6AU80vgh_Bz6XIySoLTvq50fdLhjUqK&sai=AMfl-YTIGzdhrpqxIFhTZioopKi7E7PIRP2G6p1uH8ceEjZpyi2nFQS0pU2CoUj_FjGkpufdlynh5vzR6Ouc&sig=Cg0ArKJSzFBW3V7dl73oEAE&cid=CAQSGwBpAlJWsj5aBkfQK1f3yBHG4B4tXt0tFW2ivBgB&id=lidar2&mcvt=1040&p=0,0,90,728&mtos=1040,1040,1040,1040,1040&tos=1040,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2899895673&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693404235751&rpt=682&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2E2F 26 KB
12 KB 431ms
431ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=3993863397&pi=t.ma~as.3741984719&w=728&lmt=1693397037&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=429&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124&nras=5&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=4622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&dtd=2160

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5fe6f9d75522b1dee524bc628d2b0bef11c3e62d0017aa1686a147842a91eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12038
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 14:03:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7AAB 122 KB
41 KB 232ms
232ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d539a4e23ca0300e00a0cbac943f2b1ccd07149f59899a5858b67cb38002ba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42353
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 14:03:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 9ED0 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Aug 2024 13:43:49 GMT

GET
DATA 200
OK truncated
/ Frame CE73 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab5b3f4a39c764019f9eb7722ae293313626d9974a4217e589b6be59b3d8028b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 123ms
123ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 14:03:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame E1DC 14 KB
1 KB 31ms
30ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=1352110373&pi=t.aa~a.1668263445~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236943&bpp=1&bdt=2397&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600&nras=2&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&dtd=83

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 14:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 14:01:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 14:03:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame E1DC 2 KB
892 B 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame E1DC 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame E1DC 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 08:51:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame E1DC 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E1DC 0
0 30ms
29ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkC-GeHhAx8H75rxJhjjAEsquyT32-mY2WQ2ajwobbrbR5IoM6dDH4iHcupZjGnXtVtk9NETsdH08GsLs5Wiy3TeL8oA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=1352110373&pi=t.aa~a.1668263445~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236943&bpp=1&bdt=2397&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600&nras=2&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&dtd=83
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E1DC 181 KB
56 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 14:03:57 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame E1DC 36 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5476090040009086154/ Frame E1DC 45 KB
45 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5476090040009086154/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58dcea6b065f9657b98ae033d2c0a8056d4ec71f845ecc5c142b7974cc5e0696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 07:12:24 GMT
x-content-type-options: nosniff
age: 456693
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45837
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 15:23:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Aug 2024 07:12:24 GMT

GET
DATA 200
OK truncated
/ Frame E1DC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E1DC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CE73
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CPeJWS0zvZNvpMrGPxtYPsJuPwAmM-d_GbbCS3tGLDPK70dXBGxABIM343iNglYr7gZQHoAGwuqHXA8gBCakC_Gpv5B43sj6oAwHIA8sEqgT_AU_QCGx-lzGdHyNGJ95E9j3Rtb2FAfQgmAi...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213102519437778528562%22,%22debug_reporting%22:true,%22destination%22:%22https://swoodoo.com%22,%22event_report_window%22:%...

0
0

125ms
125ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213102519437778528562%22,%22debug_reporting%22:true,%22destination%22:%22https://swoodoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215369378660404321089%22}&andc=true

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13102519437778528562","debug_reporting":true,"destination":"https://swoodoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"15369378660404321089"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 14:03:58 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 14:03:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13102519437778528562","debug_reporting":true,"destination":"https://swoodoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"15369378660404321089"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A466 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 09:30:03 GMT
etag: 48472445140208031
expires: Thu, 31 Aug 2023 09:30:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame DB8A 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Aug 2024 13:43:49 GMT

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame EBBB 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Aug 2024 13:43:49 GMT

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 5772 37 KB
14 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Aug 2024 13:43:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7AAB 14 KB
1 KB 32ms
32ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 14:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 13:56:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 14:03:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 7AAB 2 KB
892 B 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 7AAB 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 7AAB 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 08:51:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 7AAB 20 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7AAB 0
0 33ms
32ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaStWbRpEE9ZwfKHUSTzgBWoZAwisr-Eqa5uWQSRR8uEe660OZEH9il4pD3B0fOvM6LpwQixZNMDCwiA1vlTaSBpO3mwug
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7AAB 181 KB
56 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 14:03:57 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 7AAB 36 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 753F 1 KB
643 B 28ms
22ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 09:30:03 GMT
etag: 48472445140208031
expires: Thu, 31 Aug 2023 09:30:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E1DC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 241969badcc1987bd3a8c5b3de7a81a51e9f497d040c4c35c640c7155eec43ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5476090040009086154/ Frame 7AAB 45 KB
45 KB 25ms
21ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5476090040009086154/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58dcea6b065f9657b98ae033d2c0a8056d4ec71f845ecc5c142b7974cc5e0696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 07:12:24 GMT
x-content-type-options: nosniff
age: 456693
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45837
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 15:23:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Aug 2024 07:12:24 GMT

GET
DATA 200
OK truncated
/ Frame 7AAB 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7AAB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A466
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAYpInKZMNKiTul7JGUT96M&google_cver=1&google_push=AXcoOmTkwCaPcGlkwTbhAmgcpoQOMHv8EyODCmtZ29Ydsd5DKWWGaCH1bq05Zzs9Es89d9cHVCn9V1f_MaQ-9wyVcxpxIjYEq9iURN0
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE5OTYyMTk5MzM4ODEwOTYxOQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAYpInKZMNKiTul7JGUT96M&google_cver=1

43 B
398 B

79ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAYpInKZMNKiTul7JGUT96M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=1352110373&pi=t.aa~a.1668263445~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236943&bpp=1&bdt=2397&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600&nras=2&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&dtd=83
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAYpInKZMNKiTul7JGUT96M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A466
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELCmjxCNKJsmpxyXawW4kU0&google_push=AXcoOmR12gqHt_EhD0hSH_F5FRqXOuTGzX9D4KDEyuXO0JAdfZEMg2HVVN...

170 B
232 B

32ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELCmjxCNKJsmpxyXawW4kU0&google_push=AXcoOmR12gqHt_EhD0hSH_F5FRqXOuTGzX9D4KDEyuXO0JAdfZEMg2HVVNOqYq4F151VSkZ3RB7J9v53pc-DpjclApPEyxLNRjtHxK0

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230074-FRA
pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1693404238.988812,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELCmjxCNKJsmpxyXawW4kU0&google_push=AXcoOmR12gqHt_EhD0hSH_F5FRqXOuTGzX9D4KDEyuXO0JAdfZEMg2HVVNOqYq4F151VSkZ3RB7J9v53pc-DpjclApPEyxLNRjtHxK0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A466
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENwbMC-udab5z8Ja2HWxWrM&google_cver=1&google_push=AXcoOmSySM7BH_8LFeA46KsfAspXtctv1Kanu5wD_hgYc1Ey5xPmRG6uw2szbTl0-ppFlS287gHzYo7TGhMh_xZm6jgkUd_QkXl-akg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA1BC04BB7E24B41BAAAE0B322DD74F8&google_push=AXcoOmSySM7BH_8LFeA46KsfAspXtctv1Kanu5wD_hgYc1Ey5xPmRG6uw2szbTl0-ppFlS287gHzYo7TGhMh_xZ...

170 B
232 B

41ms
31ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA1BC04BB7E24B41BAAAE0B322DD74F8&google_push=AXcoOmSySM7BH_8LFeA46KsfAspXtctv1Kanu5wD_hgYc1Ey5xPmRG6uw2szbTl0-ppFlS287gHzYo7TGhMh_xZm6jgkUd_QkXl-akg

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 30 Aug 2023 14:03:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA1BC04BB7E24B41BAAAE0B322DD74F8&google_push=AXcoOmSySM7BH_8LFeA46KsfAspXtctv1Kanu5wD_hgYc1Ey5xPmRG6uw2szbTl0-ppFlS287gHzYo7TGhMh_xZm6jgkUd_QkXl-akg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 29 Aug 2023 14:03:58 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame A466 43 B
146 B 84ms
23ms Image
image/gif 18.193.211.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELoBaXA2ZdSEru_R1rzVNkk&google_cver=1&google_push=AXcoOmRuhhe0fKr9UcwCSWpztsQS5LjVvBg5Ioa-sWdoG6kvHTpptmucZBuQCBVEVIcaoAeW1YcpwT67ag7oNbJ19H2QMxW1znXBbKI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=1352110373&pi=t.aa~a.1668263445~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236943&bpp=1&bdt=2397&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600&nras=2&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&dtd=83
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.211.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-211-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame A466 43 B
363 B 94ms
29ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS34CoDCfmB03BDH4lr9mb_lZZ6WIAdk5nY_w_ghctMbWQ3kOfe-YNZpy9QJEOXWInQBoKJ4mpNuhZug75wD2oTkkNupMbJayE&google_gid=CAESED4oIJQz0WnLABwt_tJ-BIk&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:57 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 169027
expires: Wed, 30 Aug 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A466
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEKl9s19lG534mLXREUOo8w&google_cver=1&google_push=AXcoOmRrjp56fdpXcJt_k9yy2r3fHiNuNuHvGC8NCTktlMmgJJXKVkMsYFQaQixMZrbKXlEdBPRvcJ6Q_RZ7...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRrjp56fdpXcJt_k9yy2r3fHiNuNuHvGC8NCTktlMmgJJXKVkMsYFQaQixMZrbKXlEdBPRvcJ6Q_RZ7YtxV5dTeHPRzaYHeO_A

170 B
329 B

39ms
29ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRrjp56fdpXcJt_k9yy2r3fHiNuNuHvGC8NCTktlMmgJJXKVkMsYFQaQixMZrbKXlEdBPRvcJ6Q_RZ7YtxV5dTeHPRzaYHeO_A

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRrjp56fdpXcJt_k9yy2r3fHiNuNuHvGC8NCTktlMmgJJXKVkMsYFQaQixMZrbKXlEdBPRvcJ6Q_RZ7YtxV5dTeHPRzaYHeO_A
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame A466
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBN539aiggJX...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT0fdTYmrqYwvVvcTRKGs4Y0uxNrshPMXAxNsiZakYLbk9_7jez1W11W15fBtlGY6Q21CYFy82_22VZnnORqb2S4ePxO2FRTcUJ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

61ms
57ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=1352110373&pi=t.aa~a.1668263445~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236943&bpp=1&bdt=2397&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600&nras=2&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&dtd=83
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 30 Aug 2023 14:03:58 GMT
pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A466 0
130 B 95ms
30ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgTmnNyQX7miUWqsGLnVU6PEX7GbJrO79sWFqbV98bgRa7N5R93MLT_eHRBv2mV9nQCNLSmg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 122ms
122ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 14:03:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E2F 42 B
63 B 133ms
120ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BeNa_rs-CoScxQhl2u9UJJelpUNslyhuzij1PY7Frx7cCKy6yf-fE8v7pFSSkpcIbY9UgqE1hJm82IHIaVkKzPfIzP5OUSKrgJZpWxP670rQsWZh0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=3993863397&pi=t.ma~as.3741984719&w=728&lmt=1693397037&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=429&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124&nras=5&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=4622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&dtd=2160

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E2F 0
20 B 134ms
120ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12878253216552147723&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2E2F 86 KB
29 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 14:03:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 2E2F 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 08:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 08:51:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 2E2F 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 13:56:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2E2F 0
0 30ms
29ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRGKsgKy7oy0CoVQ07aTINAX9Z8NixS0iEfF5QdfHopFqLH_EuMtU_VybHfTr5np7_aulOMUg7qQw2vWPyMt5v1JaCbQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=3993863397&pi=t.ma~as.3741984719&w=728&lmt=1693397037&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=429&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124&nras=5&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=4622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&dtd=2160
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E2F 181 KB
56 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 14:03:58 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 575D 624 B
245 B 97ms
96ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNU8xOqxrnpvzNkUWpohd5rAOU1ZsGwXkEu8r1mtdPdzh3DiVNFu7ZJuSkUktCBLI7i2HLvh5SpOlYE6ffAz-1SnXWKnPvXOZBsTx-cqI3tiR0owVlIQvKmX4ZlsTFN09gIZGYPW1yWHapp51McWYLf4hihm056exF-TWmYA3huHm6JuISU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=3993863397&pi=t.ma~as.3741984719&w=728&lmt=1693397037&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=429&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124&nras=5&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=4622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&dtd=2160
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 14:03:58 GMT
expires: Wed, 30 Aug 2023 14:03:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E1DC 33 KB
33 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 31770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2024 05:14:28 GMT

GET
DATA 200
OK truncated
/ Frame 7AAB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ef4f8257228435fa204e03cb2d8008d0dc7bf939152e22cbadae4cef79f8f08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 753F
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHgsi8omKprP7dxbhs_jfdQ&google_cver=1&google_push=AXcoOmQwLQv89kXK8_jj3dICp3VOjPuRclO-jwXn-hwLDNeiUgtm656BpjmbD67Uv8x5qNEVNinOQ6pmSksaa5ThDcezVC0sBQe7n...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHgsi8omKprP7dxbhs_jfdQ&google_cver=1&google_push=AXcoOmQwLQv89kXK8_jj3dICp3VOjPuRclO-jwXn-hwLDNeiUgtm656BpjmbD67Uv8x5qNEVNinOQ6pmSksaa5ThDcezVC0sBQe...

43 B
421 B

210ms
189ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHgsi8omKprP7dxbhs_jfdQ&google_cver=1&google_push=AXcoOmQwLQv89kXK8_jj3dICp3VOjPuRclO-jwXn-hwLDNeiUgtm656BpjmbD67Uv8x5qNEVNinOQ6pmSksaa5ThDcezVC0sBQe7ng&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQwLQv89kXK8_jj3dICp3VOjPuRclO-jwXn-hwLDNeiUgtm656BpjmbD67Uv8x5qNEVNinOQ6pmSksaa5ThDcezVC0sBQe7ng%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fed948ab8a81953-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 59
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHgsi8omKprP7dxbhs_jfdQ&google_cver=1&google_push=AXcoOmQwLQv89kXK8_jj3dICp3VOjPuRclO-jwXn-hwLDNeiUgtm656BpjmbD67Uv8x5qNEVNinOQ6pmSksaa5ThDcezVC0sBQe7ng&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQwLQv89kXK8_jj3dICp3VOjPuRclO-jwXn-hwLDNeiUgtm656BpjmbD67Uv8x5qNEVNinOQ6pmSksaa5ThDcezVC0sBQe7ng%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fed94895ec51953-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 753F
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENwbMC-udab5z8Ja2HWxWrM&google_cver=1&google_push=AXcoOmTycTtottjxWCRPV7zrUABW0mtD53Hd40NYDPAWAIkmUsfOwoeEtCPbGwFn_WMR6kmWGCUK5nzJuDXUl9qlQ16fO4054pQy3Q
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA1BC04BB7E24B41BAAAE0B322DD74F8&google_push=AXcoOmTycTtottjxWCRPV7zrUABW0mtD53Hd40NYDPAWAIkmUsfOwoeEtCPbGwFn_WMR6kmWGCUK5nzJuDXUl9q...

170 B
188 B

38ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA1BC04BB7E24B41BAAAE0B322DD74F8&google_push=AXcoOmTycTtottjxWCRPV7zrUABW0mtD53Hd40NYDPAWAIkmUsfOwoeEtCPbGwFn_WMR6kmWGCUK5nzJuDXUl9qlQ16fO4054pQy3Q

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 30 Aug 2023 14:03:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA1BC04BB7E24B41BAAAE0B322DD74F8&google_push=AXcoOmTycTtottjxWCRPV7zrUABW0mtD53Hd40NYDPAWAIkmUsfOwoeEtCPbGwFn_WMR6kmWGCUK5nzJuDXUl9qlQ16fO4054pQy3Q
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 29 Aug 2023 14:03:58 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 753F 70 B
265 B 147ms
43ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKOVkJldAA0wAE_dWbdo4f0&google_cver=1&google_push=AXcoOmQ9v2CT70XHVLU1hF1zHbBhanQUZNvOAvz_TQ2qt1wX6r8Zw4hEvQ7M21n2-9GbxPTqXEyNG2eMO1D2JNmws1TI3BZrTMUkJA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 753F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFDhx-86VrWYmMrnMzpEOHw&google_cver=1&google_push=AXcoOmQDM0T83f9V0rMiVj8w_XzuhmyqgIk3mBPMwk0ufbG0x3pBUldSFBkg-GuU6O3ecsasWbN7uIFPbHmflS...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MzExNTgyMTEyNzYyODk1NA%3D%3D&google_push=AXcoOmQDM0T83f9V0rMiVj8w_XzuhmyqgIk3mBPMwk0ufbG0x3pBUldSFBkg-GuU6O3ecsasWbN7uIFPbHmflSxGfP...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MzExNTgyMTEyNzYyODk1NA%3D%3D&google_push=AXcoOmQDM0T83f9V0rMiVj8w_XzuhmyqgIk3mBPMwk0ufbG0x3pBUldSFBkg-GuU6O3ecsasWbN7uIFPbHmflSxGfPJLQ1B2VDRKNg

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MzExNTgyMTEyNzYyODk1NA%3D%3D&google_push=AXcoOmQDM0T83f9V0rMiVj8w_XzuhmyqgIk3mBPMwk0ufbG0x3pBUldSFBkg-GuU6O3ecsasWbN7uIFPbHmflSxGfPJLQ1B2VDRKNg
Date: Wed, 30 Aug 2023 14:03:58 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame 753F 43 B
145 B 28ms
25ms Image
image/gif 18.193.211.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELoBaXA2ZdSEru_R1rzVNkk&google_cver=1&google_push=AXcoOmSXeDg8a9cOj2x7LMwloiQTNT_niFgAz86GmAvo2GQxUKiDyTHXazTRYvpE_h_8mySWSn1sqMDDaMgvmctPRn-oj0nnTnmxww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.211.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-211-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 753F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF56h8OfoTuBxiGZvkci0O0&google_cver=1&google_push=AXcoOmTLDjXrgMMT6QgZLWIMxLB6-byKb2_iXLU-Ra7jhxbgLUolLU8yX33DL7M70Hd1Wmy1Vr9_Nvfmdhi2gDxFDfhjzbG...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTLDjXrgMMT6QgZLWIMxLB6-byKb2_iXLU-Ra7jhxbgLUolLU8yX33DL7M70Hd1Wmy1Vr9_Nvfmdhi2gDxFDfhjzbG6AaA2LQ&google_hm=eS1EeGdZRHpaRTJwR1Nq...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTLDjXrgMMT6QgZLWIMxLB6-byKb2_iXLU-Ra7jhxbgLUolLU8yX33DL7M70Hd1Wmy1Vr9_Nvfmdhi2gDxFDfhjzbG6AaA2LQ&google_hm=eS1EeGdZRHpaRTJwR1Nqd2tJZG1PSlgwYUVWbEFSUi5xUH5B

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 30 Aug 2023 14:03:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTLDjXrgMMT6QgZLWIMxLB6-byKb2_iXLU-Ra7jhxbgLUolLU8yX33DL7M70Hd1Wmy1Vr9_Nvfmdhi2gDxFDfhjzbG6AaA2LQ&google_hm=eS1EeGdZRHpaRTJwR1Nqd2tJZG1PSlgwYUVWbEFSUi5xUH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 753F
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEKl9s19lG534mLXREUOo8w&google_cver=1&google_push=AXcoOmTN8OP48HGyY_80wpaaOHAfdgbAHGMVu_4wBzGkW_GqhpH3IYkKLOmQnJArX_nTCYaPfYab3yj_CQ6Y...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTN8OP48HGyY_80wpaaOHAfdgbAHGMVu_4wBzGkW_GqhpH3IYkKLOmQnJArX_nTCYaPfYab3yj_CQ6Y4crJ3iWGVi8GpxrkmQ

170 B
188 B

35ms
34ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTN8OP48HGyY_80wpaaOHAfdgbAHGMVu_4wBzGkW_GqhpH3IYkKLOmQnJArX_nTCYaPfYab3yj_CQ6Y4crJ3iWGVi8GpxrkmQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTN8OP48HGyY_80wpaaOHAfdgbAHGMVu_4wBzGkW_GqhpH3IYkKLOmQnJArX_nTCYaPfYab3yj_CQ6Y4crJ3iWGVi8GpxrkmQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 753F 0
12 B 32ms
29ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1BP6syrJTHf8S1xdkCXBlHiSO6CRDDE11q7aflVDDXzHnzbrU30wHQV0XSd8vSbGPZig5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7AAB 33 KB
33 KB 25ms
22ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 31770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2024 05:14:28 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E1DC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CV4IfTUzvZLLWA9Pitwe2uJaIAvuCxNZx-8vL1vAQjazA6p04EAEgzfjeI2CVivuBlAegAc_qu4wDyAEJqAMByAPLBKoE_QFP0MgF4OMRZmYPC0AvOiw345FkmgJOHkI9EBU2JAKPMnnjgvL...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210843488507323351785%22,%22debug_reporting%22:true,%22destination%22:%22https://feverup.com%22,%22event_report_window%22:%...

0
0

126ms
125ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210843488507323351785%22,%22debug_reporting%22:true,%22destination%22:%22https://feverup.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22831452495%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228345784749490483921%22}&andc=true

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10843488507323351785","debug_reporting":true,"destination":"https://feverup.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["831452495"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"8345784749490483921"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 14:03:58 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 14:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10843488507323351785","debug_reporting":true,"destination":"https://feverup.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["831452495"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"8345784749490483921"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2825 42 B
64 B 126ms
126ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhf5XLkgEQyABTa-LVjDUHP08NgcI4fWBUlg81CHvsxCx52X0039ybte0aUWT1DTT8pFlkwLk9mqx3dz6H0foRXT8qqVK8EwYhh5CUefU5jeFzdEDo9HZYX6NGta7xL6jDycwNrTmlLRrd&sai=AMfl-YTbdVQljLuvm8XMQ3Ndc-uau62y1amzsyaEnLvWBXjJXa-gnJNSXD0DNh5eBNYqr6VykWjgrgEvqJ6K&sig=Cg0ArKJSzKeg1qPsmw7gEAE&cid=CAQSGwBpAlJW7kpma8AHpJAdy2ajC49WnB-tdiXBoRgB&id=lidar2&mcvt=1041&p=0,0,250,300&mtos=1041,1041,1041,1041,1041&tos=1041,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=4036205056&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693404235779&rpt=1369&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame EA90 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Aug 2024 13:43:49 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7AAB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5WAlTUzvZIO_I5D_twe3tZ_gB_uCxNZx-8vL1vAQjazA6p04EAEgzfjeI2CVivuBlAegAc_qu4wDyAEJqAMByAPLBKoE_QFP0MEWCD9i7G45LksVTPJIGNKOtFhAlEt9yBIq52HjyRtbEHp...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227124732732420555346%22,%22debug_reporting%22:true,%22destination%22:%22https://feverup.com%22,%22event_report_window%22:%2...

0
0

125ms
124ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227124732732420555346%22,%22debug_reporting%22:true,%22destination%22:%22https://feverup.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22831452495%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227857059937148264673%22}&andc=true

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7124732732420555346","debug_reporting":true,"destination":"https://feverup.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["831452495"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"7857059937148264673"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Aug 2023 14:03:58 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 14:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7124732732420555346","debug_reporting":true,"destination":"https://feverup.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["831452495"],"4":["08-30"],"6":["true"]},"priority":"500","source_event_id":"7857059937148264673"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E2F 0
20 B 120ms
119ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4994804264047&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E2F 0
20 B 121ms
120ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4994804264047&version=m202307240101&ct=77&x=1&cor=12878253216552147000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2E2F 16 KB
12 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKa87To4gzkSdUiSOORu_zoJ9ura7gpJr0Ez3NMuBExwFG7ypu0gZ9Uc7GEtML01Xfc5FsVfHbh7tkgDbE_iXKKFciRYsCZFpNom8x_pnFEgWZmc9mFf3OzYv1cBiPUK0ZWZgPmrdzfYGG8sQQDtN_j2xp0eh7_L1ZDwf1g1GPALM96E8&cry=1&dbm_d=AKAmf-AZQlvH4PIW9qy_O_6GrhqpTikpFuq9E-6gjfTSmswsgCiPTFkLO0znQKFFYmebWtskx0-iB0ysh8KJWQfbziVN7NJ_8CDD600ohIyyrR1Oaizwap1KUiPARC9iiwJdFfsSYw3r0HsJfVwV4A0TDNm6mVjZjGxApc-NCIPmQdWsrMQ-CjbztjYZtVPfaR8zhM4iG093TvPJDxi9-43mXXx-VgSwtBEL8Qzzuu8wuGaOn4af17r32ylOttD1aFC5YCzR6_je8PCISbU8xb0HDurRtftCXjPsa94NRHsNlq4NJNkqmzD1QaLcgr9H-qBlY4Mz469VChxWXQmYS6oJNWHKSmLDKtrr7dGbruKcO-7xRJX5xtXAe9a6W5eNl5poVmOLE1cad_UN0GWWq76EoS6XpR1nXahFesWZJS3aWuiTakjIYyrzANvMZseM-TqNMNigEGO3r9M75l9d1rZRwS8Q7Aa-RHPINhZgdQAm3PyU-cNuKGHlEW2vSxllDl_gsTxk5BgL3ajNH32ElO0urRplLKcp69W7fe2qthDXBaMrEArSk-MNjQRBZb1YIUXUejHydMFTIlfsoOmvpjIei6Q8hc6jp2zU_xFeMLocNeH9gLJ4LqgzWqnw7pJJyH4TFgcrT14Pdiwtmm_Jihdo43tcw_Wiq5OWMnTJu9WBXzp31sqj_ze4AgltBBTDszqfVO2iTLgHppcm0maLEGMMPoxaS2CaHP2HJsq1iyNwjtuw_IzpIYZeZaFk-Dv3ZJPrZVtlSH1UnI1dG8-JRakZeWmv-m7HahU2sRX0wZ_Ai98rrti2S8jAa39xGT-o-EoItOFL0thEG7bEIBfhE04I10NxJbX2ORp24IenMkYSubhwGmAtATvNk4Q5ErCoa_RFa9eeHhbAXOQUW3uhX_Bh31Dwp-Gn-FRMSZTiAkN2i_VhSBSmD0wDXWTNjO2jq7FGVPz-zHih-0C40I51ohAk6DsvjpEQuiLvpfHPc3-P_jW1fwoaYG2BAfo4Eu8CVdeT2q04MvGFk3NOmwUhoo3vgKprl19MeIlv3mrMh8Cl4ONNCzGiz7M3rt3FIxLaBm02Z8cedpx7FBoj36M9N91G5rgowGTiox3xEG01fKPdcFQP35V7u69xoYjj64Jj07PO670O7cGxxWEsUd1K7LrH1HETl86sDWQ0lvJTGYvl9RngYhK6rAZAbYEMyGLUbj4qM9-CZw_7sCrbL35m8me_XpNb1aMgHDYVJzTXq4trwGgZ3GLNacELsby1nPx1TUHSliI_67EskU33Pactuy0NbaI87KgwaPIYT84YRynf9q-M1LYQeJmtqiLrYEGZNz77Y7XOVtCQLHi_BbQ91CBN2g6gjvX6plqdXpstuNxy-5ncVUjM3BcaIuptb_ETqZE8C2_0OWM_0DfYNjZWTG7OvuRATNW1E5_qFXzQrDMPT-0lVvwJvSpJWVM6s6nn3g-TKhN-LuZeofdZRLaiuEo_V6ZI-mQNEaLVm6N0JuJHQsfHaPVbioaFf3tTx8t73k_oYQ50o4mnuPuh2YW2JYkw0TewmAVxbq7yX35uXWAizdX0bKnTCzzBq8h-Yh1PZwKX8oDjK9uGQCJUXg8fDgfGN3NeVOwnDd-M47ppWWf9BYKYhDii1KiABNwQ64hrOrslwgfarOixLCd294btD5ADtVeHncfYESKKYeBn5Sj8pxIK80ZZGfLMji4leEIL8cQZXj3OuF_QSNrxas1UDNkBv-8jGS86tsDmbPtafluxORM8IHwPVmfnK338KPYFp0uZjvm5BIQqJsaTIdfpw3sac4Ihriv40xdQ-u-QyYcYgT1_TRUjeQm8TXUoDFo35x1kF8wNhBilXuThErrqAd3AsjV2LiEcSRxLbyUqOH5UGZicn9N83rr45Bq9rsKTcB4L6fJIM3DsQ8zCjBorL2VQlDGJqX922TceUKHl76pHwJ0TuJvYLuzl5fikjoq1Y_7uoBF7HyzPuonEF_zBR5_4iHbzgiqny3hRd-5NWgvHeJ_PJjQfgqhn2hHOsKC_dmLohIU9IrF6QXWBbVmrqadt9H1Wk-Sbo4QIpUOOdCv_FKzV-iCbstn0Q6t1cB97fVZ696ewyU57hRG8h2BFvLWylx4P3w1u8tYCtZWar2bWMemox3bEau1jwU2yzbkYmGyGn4XXgCiA_mRQyY2EbIZTX76I4BJF1YRk8Y5YEObq2dHh0dvQXcjtt1fkaE1J74L8cf7tj2iLrWO0FqNAZgzhtWpIXW-Rgf9q7sVUUDGRlLCSnqDyxva-q0e0bhhL6ChNvWR6dSKfIcokPaDZnX-Sti-ZH9JsjTam2I_TgXw5Egx3X8ZwujkycfYhN5GQmDrtOU9iEmLdaXKO1v3GVLnAo5OEl4ilkotjNyXx5FR4q7RZF3gd9eo5c77yehjKOb-41ZWXXRtVn-ZiaOtN-S8ztBm60IjQvwQhcMDEd7Y-UgvJF1-rQoMa0ojU5CQOavItIitckgpvXNCqe95LZUqfEO4c85YXNmgEo7XFrSaxHQDIvklydEqBheAzBDBq8Z2un27Tj6iHdqsBbRQh52yOaqR48Kevts2bHKemIOMofk3M5V1zrQ0UbQOUCzA5VBu18qL9YUUxNbSDs-TTcn0D1IeOHrjTmboO6IgUGeseGYd1r7tnJtkeB6uCfZVsgf390rtiRzJTGi465dS6hi0aC5Ik3Yz1XQD8h7PwXJs38hdU9654_OnwOh7V1s4pKs7xy7QQ5Q-wQUBwX_73A87PeLnzNavuO5u7qFIvLws-sRUtGrl1EqSoj2aFsldZYybA6k-2EuIBUTFSm3P1hWLitp8YYk0mbDhETF5SVKn0_OMcGGz37pMHS8pzs3vxBjaKzTrl1yCq719N_ldsnsuetYJu4MN56_CUe9qVi2ZEDzS7yTM3SXBa4KGijiOyMq55gfc6WhfmIoOSfT0M6Ybi72_iF6zj5Be6GSB5NRkzGrhm0p2bqvUXmdvXpH2vpiSN1zDia-stqVkcyiA87W0la1yIIqGyMKVt0V1JuGOMu4VSUyv58Y3TsR8jPWKL_xr-CQbsmHVNPACdQtkHhLrtgR5Ag9tWPvmZv9vAZWviPSelkE4yLVHeLassUbuYMpcDD55c9l6Irk8CYbvWa6avLqWRhs5ur2wsglsRpQ58ZDCzbCK4MpaJjuvMU3g09vCuoOgBZ8MsY6OtzOLOdnqovLTcnCQebaaGEfrPAxmxpk-uLx7yXmJ61Q3s2Gzg0tPMSCbyIfqgVYX4AN0yfVLWbgeNgld_LZiqEInVYsBDjWn0zKajtjLx0Fd5Zg2UMIpZ8yNFtiq88ntLQrQeQoLJiYaaXsySJyAX_NmE4iAfyxA6q7B6J4lwCOufSKgfDPzt1cTESqlcHuexPTtq23-gOR-fWzcStcgI8u3BzjkNnFplHXb9KSMd1Snn3eQvZPTVPBVl17amFCu2jzBJXH8-HTOU1C6s1MKkmhWYv5gNsvDvhONbHzRqunyFiUURKT4rSr1ACJco0BbyTFsy36wLDxFTls2ZQ9RKfjes7z2wl0e9VWxXFcTwtwTBKgsl7QTBEttUc0gB5oD76wUl7Gq0FRIa6n6tQeHFqrt3Ueb43qNhEk3Bq-Wm5oJSF98GaRURKI5qfubKenvEM-AOr6WOhEhEvjRp7C0ZfKetgMROoA-6X7UNvddWsKG46Apjl7BrN5RfXPERRxXwSswX7eflv09ptvDXoPrHu9v89O3i3EyowWSfB6mBIunxHEAkjnwuWWmUKVlYm1Pdyg1lC6fb0ZhQoJdqpoGsUIRDs67T-JuwhoKS9MxTsJ01ksYJC9dSQu3E0vRJWGmGEDrVvJZSOZLqkHp_DY1oq35CW2e-r-IsaoL26-6BK6EdFaGBOEW1ozc7-2ec&cid=CAQSOwBpAlJW4Tx1iw5N9ukFvxk3AGyftcCP1-RCcBREozmaJkiObI59HWreTRTBl7qg0Lv7XLI7ggNAvuvsGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fbemblogado.com.br%2F&ds=l&xdt=1&iif=1&cor=12878253216552147000&adk=3944675600&idt=119&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3e0baa3df3f10fd3233f52ae33e18b84a1aa606dd6113594c22162a9b261fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=3993863397&pi=t.ma~as.3741984719&w=728&lmt=1693397037&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=429&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124&nras=5&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=4622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&dtd=2160
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11808
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 575D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCehDG3soMMEoR3qa3q8sc&google_cver=1

43 B
766 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCehDG3soMMEoR3qa3q8sc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNU8xOqxrnpvzNkUWpohd5rAOU1ZsGwXkEu8r1mtdPdzh3DiVNFu7ZJuSkUktCBLI7i2HLvh5SpOlYE6ffAz-1SnXWKnPvXOZBsTx-cqI3tiR0owVlIQvKmX4ZlsTFN09gIZGYPW1yWHapp51McWYLf4hihm056exF-TWmYA3huHm6JuISU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 14:03:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCehDG3soMMEoR3qa3q8sc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 575D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO9MTpCI0UZB45-fu7xLawAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCehDG3soMMEoR3qa3q8sc&google_cver=1

43 B
766 B

20ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCehDG3soMMEoR3qa3q8sc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNU8xOqxrnpvzNkUWpohd5rAOU1ZsGwXkEu8r1mtdPdzh3DiVNFu7ZJuSkUktCBLI7i2HLvh5SpOlYE6ffAz-1SnXWKnPvXOZBsTx-cqI3tiR0owVlIQvKmX4ZlsTFN09gIZGYPW1yWHapp51McWYLf4hihm056exF-TWmYA3huHm6JuISU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 14:03:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCehDG3soMMEoR3qa3q8sc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 575D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM-X8QpjsL22BYaifoG_1rI&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM-X8QpjsL22BYaifoG_1rI%26google_cver%3D1

43 B
887 B

27ms
27ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM-X8QpjsL22BYaifoG_1rI%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNU8xOqxrnpvzNkUWpohd5rAOU1ZsGwXkEu8r1mtdPdzh3DiVNFu7ZJuSkUktCBLI7i2HLvh5SpOlYE6ffAz-1SnXWKnPvXOZBsTx-cqI3tiR0owVlIQvKmX4ZlsTFN09gIZGYPW1yWHapp51McWYLf4hihm056exF-TWmYA3huHm6JuISU

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
an-x-request-uuid: bda81021-ae8b-4d28-bf20-9090391d527f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
an-x-request-uuid: 90bd8976-8fd6-4071-888a-c5d3ea13de45
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM-X8QpjsL22BYaifoG_1rI%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 575D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzQwMjE1MjYxNTcwNjE3OA%3D%3D

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzQwMjE1MjYxNTcwNjE3OA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
an-x-request-uuid: 5b4e5b08-8e9f-4ca4-957b-e08441880de9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5MzQwMjE1MjYxNTcwNjE3OA%3D%3D
x-proxy-origin: 84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame F7D5 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=3316161728&pi=t.aa~a.2892122509~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1693397037&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404236982&bpp=1&bdt=2435&idt=1&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124%2C728x90&nras=6&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=564

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Aug 2024 13:43:49 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 123ms
123ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 14:03:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2E2F 41 KB
13 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKa87To4gzkSdUiSOORu_zoJ9ura7gpJr0Ez3NMuBExwFG7ypu0gZ9Uc7GEtML01Xfc5FsVfHbh7tkgDbE_iXKKFciRYsCZFpNom8x_pnFEgWZmc9mFf3OzYv1cBiPUK0ZWZgPmrdzfYGG8sQQDtN_j2xp0eh7_L1ZDwf1g1GPALM96E8&cry=1&dbm_d=AKAmf-AZQlvH4PIW9qy_O_6GrhqpTikpFuq9E-6gjfTSmswsgCiPTFkLO0znQKFFYmebWtskx0-iB0ysh8KJWQfbziVN7NJ_8CDD600ohIyyrR1Oaizwap1KUiPARC9iiwJdFfsSYw3r0HsJfVwV4A0TDNm6mVjZjGxApc-NCIPmQdWsrMQ-CjbztjYZtVPfaR8zhM4iG093TvPJDxi9-43mXXx-VgSwtBEL8Qzzuu8wuGaOn4af17r32ylOttD1aFC5YCzR6_je8PCISbU8xb0HDurRtftCXjPsa94NRHsNlq4NJNkqmzD1QaLcgr9H-qBlY4Mz469VChxWXQmYS6oJNWHKSmLDKtrr7dGbruKcO-7xRJX5xtXAe9a6W5eNl5poVmOLE1cad_UN0GWWq76EoS6XpR1nXahFesWZJS3aWuiTakjIYyrzANvMZseM-TqNMNigEGO3r9M75l9d1rZRwS8Q7Aa-RHPINhZgdQAm3PyU-cNuKGHlEW2vSxllDl_gsTxk5BgL3ajNH32ElO0urRplLKcp69W7fe2qthDXBaMrEArSk-MNjQRBZb1YIUXUejHydMFTIlfsoOmvpjIei6Q8hc6jp2zU_xFeMLocNeH9gLJ4LqgzWqnw7pJJyH4TFgcrT14Pdiwtmm_Jihdo43tcw_Wiq5OWMnTJu9WBXzp31sqj_ze4AgltBBTDszqfVO2iTLgHppcm0maLEGMMPoxaS2CaHP2HJsq1iyNwjtuw_IzpIYZeZaFk-Dv3ZJPrZVtlSH1UnI1dG8-JRakZeWmv-m7HahU2sRX0wZ_Ai98rrti2S8jAa39xGT-o-EoItOFL0thEG7bEIBfhE04I10NxJbX2ORp24IenMkYSubhwGmAtATvNk4Q5ErCoa_RFa9eeHhbAXOQUW3uhX_Bh31Dwp-Gn-FRMSZTiAkN2i_VhSBSmD0wDXWTNjO2jq7FGVPz-zHih-0C40I51ohAk6DsvjpEQuiLvpfHPc3-P_jW1fwoaYG2BAfo4Eu8CVdeT2q04MvGFk3NOmwUhoo3vgKprl19MeIlv3mrMh8Cl4ONNCzGiz7M3rt3FIxLaBm02Z8cedpx7FBoj36M9N91G5rgowGTiox3xEG01fKPdcFQP35V7u69xoYjj64Jj07PO670O7cGxxWEsUd1K7LrH1HETl86sDWQ0lvJTGYvl9RngYhK6rAZAbYEMyGLUbj4qM9-CZw_7sCrbL35m8me_XpNb1aMgHDYVJzTXq4trwGgZ3GLNacELsby1nPx1TUHSliI_67EskU33Pactuy0NbaI87KgwaPIYT84YRynf9q-M1LYQeJmtqiLrYEGZNz77Y7XOVtCQLHi_BbQ91CBN2g6gjvX6plqdXpstuNxy-5ncVUjM3BcaIuptb_ETqZE8C2_0OWM_0DfYNjZWTG7OvuRATNW1E5_qFXzQrDMPT-0lVvwJvSpJWVM6s6nn3g-TKhN-LuZeofdZRLaiuEo_V6ZI-mQNEaLVm6N0JuJHQsfHaPVbioaFf3tTx8t73k_oYQ50o4mnuPuh2YW2JYkw0TewmAVxbq7yX35uXWAizdX0bKnTCzzBq8h-Yh1PZwKX8oDjK9uGQCJUXg8fDgfGN3NeVOwnDd-M47ppWWf9BYKYhDii1KiABNwQ64hrOrslwgfarOixLCd294btD5ADtVeHncfYESKKYeBn5Sj8pxIK80ZZGfLMji4leEIL8cQZXj3OuF_QSNrxas1UDNkBv-8jGS86tsDmbPtafluxORM8IHwPVmfnK338KPYFp0uZjvm5BIQqJsaTIdfpw3sac4Ihriv40xdQ-u-QyYcYgT1_TRUjeQm8TXUoDFo35x1kF8wNhBilXuThErrqAd3AsjV2LiEcSRxLbyUqOH5UGZicn9N83rr45Bq9rsKTcB4L6fJIM3DsQ8zCjBorL2VQlDGJqX922TceUKHl76pHwJ0TuJvYLuzl5fikjoq1Y_7uoBF7HyzPuonEF_zBR5_4iHbzgiqny3hRd-5NWgvHeJ_PJjQfgqhn2hHOsKC_dmLohIU9IrF6QXWBbVmrqadt9H1Wk-Sbo4QIpUOOdCv_FKzV-iCbstn0Q6t1cB97fVZ696ewyU57hRG8h2BFvLWylx4P3w1u8tYCtZWar2bWMemox3bEau1jwU2yzbkYmGyGn4XXgCiA_mRQyY2EbIZTX76I4BJF1YRk8Y5YEObq2dHh0dvQXcjtt1fkaE1J74L8cf7tj2iLrWO0FqNAZgzhtWpIXW-Rgf9q7sVUUDGRlLCSnqDyxva-q0e0bhhL6ChNvWR6dSKfIcokPaDZnX-Sti-ZH9JsjTam2I_TgXw5Egx3X8ZwujkycfYhN5GQmDrtOU9iEmLdaXKO1v3GVLnAo5OEl4ilkotjNyXx5FR4q7RZF3gd9eo5c77yehjKOb-41ZWXXRtVn-ZiaOtN-S8ztBm60IjQvwQhcMDEd7Y-UgvJF1-rQoMa0ojU5CQOavItIitckgpvXNCqe95LZUqfEO4c85YXNmgEo7XFrSaxHQDIvklydEqBheAzBDBq8Z2un27Tj6iHdqsBbRQh52yOaqR48Kevts2bHKemIOMofk3M5V1zrQ0UbQOUCzA5VBu18qL9YUUxNbSDs-TTcn0D1IeOHrjTmboO6IgUGeseGYd1r7tnJtkeB6uCfZVsgf390rtiRzJTGi465dS6hi0aC5Ik3Yz1XQD8h7PwXJs38hdU9654_OnwOh7V1s4pKs7xy7QQ5Q-wQUBwX_73A87PeLnzNavuO5u7qFIvLws-sRUtGrl1EqSoj2aFsldZYybA6k-2EuIBUTFSm3P1hWLitp8YYk0mbDhETF5SVKn0_OMcGGz37pMHS8pzs3vxBjaKzTrl1yCq719N_ldsnsuetYJu4MN56_CUe9qVi2ZEDzS7yTM3SXBa4KGijiOyMq55gfc6WhfmIoOSfT0M6Ybi72_iF6zj5Be6GSB5NRkzGrhm0p2bqvUXmdvXpH2vpiSN1zDia-stqVkcyiA87W0la1yIIqGyMKVt0V1JuGOMu4VSUyv58Y3TsR8jPWKL_xr-CQbsmHVNPACdQtkHhLrtgR5Ag9tWPvmZv9vAZWviPSelkE4yLVHeLassUbuYMpcDD55c9l6Irk8CYbvWa6avLqWRhs5ur2wsglsRpQ58ZDCzbCK4MpaJjuvMU3g09vCuoOgBZ8MsY6OtzOLOdnqovLTcnCQebaaGEfrPAxmxpk-uLx7yXmJ61Q3s2Gzg0tPMSCbyIfqgVYX4AN0yfVLWbgeNgld_LZiqEInVYsBDjWn0zKajtjLx0Fd5Zg2UMIpZ8yNFtiq88ntLQrQeQoLJiYaaXsySJyAX_NmE4iAfyxA6q7B6J4lwCOufSKgfDPzt1cTESqlcHuexPTtq23-gOR-fWzcStcgI8u3BzjkNnFplHXb9KSMd1Snn3eQvZPTVPBVl17amFCu2jzBJXH8-HTOU1C6s1MKkmhWYv5gNsvDvhONbHzRqunyFiUURKT4rSr1ACJco0BbyTFsy36wLDxFTls2ZQ9RKfjes7z2wl0e9VWxXFcTwtwTBKgsl7QTBEttUc0gB5oD76wUl7Gq0FRIa6n6tQeHFqrt3Ueb43qNhEk3Bq-Wm5oJSF98GaRURKI5qfubKenvEM-AOr6WOhEhEvjRp7C0ZfKetgMROoA-6X7UNvddWsKG46Apjl7BrN5RfXPERRxXwSswX7eflv09ptvDXoPrHu9v89O3i3EyowWSfB6mBIunxHEAkjnwuWWmUKVlYm1Pdyg1lC6fb0ZhQoJdqpoGsUIRDs67T-JuwhoKS9MxTsJ01ksYJC9dSQu3E0vRJWGmGEDrVvJZSOZLqkHp_DY1oq35CW2e-r-IsaoL26-6BK6EdFaGBOEW1ozc7-2ec&cid=CAQSOwBpAlJW4Tx1iw5N9ukFvxk3AGyftcCP1-RCcBREozmaJkiObI59HWreTRTBl7qg0Lv7XLI7ggNAvuvsGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fbemblogado.com.br%2F&ds=l&xdt=1&iif=1&cor=12878253216552147000&adk=3944675600&idt=119&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 382963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 03:41:15 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 124ms
123ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 14:03:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AA79 42 B
64 B 126ms
126ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvG6f2KAtfha1VIxzzIw35z1YjviuD9pGiptVcKckdeIPzsYOv579sqiHgot4JQCaIkSYwVTbLC8VtVLLPAym1UfLTRbm5QdKUOpCB2DSqEwLSMq4phtAS_FDupWnG2nqNbzNVOfCQDd4kW&sai=AMfl-YQTiDelOyO2xe1L56QHMPjyYnShM8W_6CaWmi5zW63YILE9GJBPRHfervxCrizdg2RDerVSoX4bCvA-&sig=Cg0ArKJSzEYD3BY2Xa28EAE&cid=CAQSGwBpAlJWbpm3xHs0ZRIm_JynPDgpIY_2MPA2bBgB&id=lidar2&mcvt=1041&p=0,0,600,300&mtos=0,1041,1041,1041,1041&tos=0,1041,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&vu=1&app=0&itpl=22&adk=514359781&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693404235799&rpt=1609&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 2E2F 11 KB
4 KB 85ms
26ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1693404237580493&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLriDTUzvZI23I-KKwuIPk9QtpuW9oGmFlZynyQ_wLhABIM343iNglYr7gZQHyAEJqQINqfRo2UWyPqgDAcgDmwSqBJMCT9DQF2ie_DWP9Mpaplw3XZNbwDQUKe1GoKCcNoeQaRcQAYzQixE_QA2BCZJsuqqPRz9S0PhohqRO1hQLO_jM7F13UC60eVoxbSUbx2uvfLxVDZDYqCKHuZryxRCyu0qVogjpr6qyBeLDU2Ame3xcfkbLqp6bJOpaOMHbDd8StJOx-POs9LFTW-qA7QzFlVDKA4DW-ONlRxsrCDnqR7-MbkpJB1f-_vX-CUTzzjKYdTFnUWzUg_zgHVJjSjob5X61MBKJdEKc9gP69YkcrNd1j85E_K0z-kUFW30akI2ssy9Eu590-n-M40R2YvM7E2b9QgaTpWRrTnwIYXjH62zIkdE7Clkor85jXNiNrdLE0_WX9hDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIzZGrsMaEgQMVYoVQBh0TagsAEAEYASAAEgI-LvD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJW4Tx1iw5N9ukFvxk3AGyftcCP1-RCcBREozmaJkiObI59HWreTRTBl7qg0Lv7XLI7ggNAvuvsGAE%26sig%3DAOD64_30RMoMq1e_OEbTukoZaS4zNo7Dog%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-Aa9FPOb0RA9CmWJwiIwg05YDnnyn6T1nmOF1aCmq4f2QEJl-YwIw0wfyIl8gIkwUY0I_gjXcTiBDsTVzAD78mDf5ZIUKhpa0u0ejmUbvLd_n8pAkieEoqOD__Zu88bIYQEPjd6ZAo_sokZxTCbo5an2EhTHs1SEv9RJBejasu937O7EN4%26cry%3D1%26dbm_d%3DAKAmf-D69QEghfLkEMWY7sQXwq5gEL54y5GRSXtAcMZvauxvqAzcGqjbVc_yyKTW_rk_dNC0L5Eoa7nkfU0Y61M5kBlE5crlCladQv9z1i36wxwIKOZcDVFK0lDZtkdPsfYGD-QAe6NezS9gXaBRw1egyG1SYLa7MGX-18V8alLL8PN5E2zAoRRyXN12XUgjkoBZcxXXSA7V0wB_hYVA6h5hg57kILoXhPE3xOBMd_8AYtmCAl5MlJ65soxDiGUQl5Jq8dubJ-_AdObsVFmn3SN33elw4oK4yxIn_XIUQv4jH5i4ELAYLclYGxlRSDqMC3_h3cT5NF0D9uaXMC7ft-zhkuI31Xgnb12VhZU3tHNWW4IxF2a90XHbCMl37P5dR7WGpxI2dNVM2I1n873D13UPcy2Dlr9ZSOjUwUpsa01D4AzmIH7U1Xroh7fwQQksID_oTmfcIL3zgBCOtOayy0XqR8dQJcVfDQA7OrL5h5059Hp6n5j1vhmx4ut_CXO7cqIWLHR1Wh9o%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=3993863397&pi=t.ma~as.3741984719&w=728&lmt=1693397037&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=429&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124&nras=5&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=4622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&dtd=2160
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: c77b3d6f3f352d01613fd1e5f0818eaabd659d90b6b7f03ef4abac2d8be8b073

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 14:03:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4182
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 84C2 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 286333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 06:31:45 GMT
expires: Mon, 26 Aug 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 84C2 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Aug 2024 13:43:49 GMT

GET
H/1.1

200
OK

request.php Show response
hal90005.redintelligence.net/ Frame 2E2F
Redirect Chain

https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d1091d5742&subid=&uid=0ee574f4d86f3ba8&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d1091d5742&subid=&uid=0ee574f4d86f3ba8&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

182ms
134ms

Script
application/x-javascript

138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d1091d5742&subid=&uid=0ee574f4d86f3ba8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLriDTUzvZI23I-KKwuIPk9QtpuW9oGmFlZynyQ_wLhABIM343iNglYr7gZQHyAEJqQINqfRo2UWyPqgDAcgDmwSqBJMCT9DQF2ie_DWP9Mpaplw3XZNbwDQUKe1GoKCcNoeQaRcQAYzQixE_QA2BCZJsuqqPRz9S0PhohqRO1hQLO_jM7F13UC60eVoxbSUbx2uvfLxVDZDYqCKHuZryxRCyu0qVogjpr6qyBeLDU2Ame3xcfkbLqp6bJOpaOMHbDd8StJOx-POs9LFTW-qA7QzFlVDKA4DW-ONlRxsrCDnqR7-MbkpJB1f-_vX-CUTzzjKYdTFnUWzUg_zgHVJjSjob5X61MBKJdEKc9gP69YkcrNd1j85E_K0z-kUFW30akI2ssy9Eu590-n-M40R2YvM7E2b9QgaTpWRrTnwIYXjH62zIkdE7Clkor85jXNiNrdLE0_WX9hDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIzZGrsMaEgQMVYoVQBh0TagsAEAEYASAAEgI-LvD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJW4Tx1iw5N9ukFvxk3AGyftcCP1-RCcBREozmaJkiObI59HWreTRTBl7qg0Lv7XLI7ggNAvuvsGAE%26sig%3DAOD64_30RMoMq1e_OEbTukoZaS4zNo7Dog%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-Aa9FPOb0RA9CmWJwiIwg05YDnnyn6T1nmOF1aCmq4f2QEJl-YwIw0wfyIl8gIkwUY0I_gjXcTiBDsTVzAD78mDf5ZIUKhpa0u0ejmUbvLd_n8pAkieEoqOD__Zu88bIYQEPjd6ZAo_sokZxTCbo5an2EhTHs1SEv9RJBejasu937O7EN4%26cry%3D1%26dbm_d%3DAKAmf-D69QEghfLkEMWY7sQXwq5gEL54y5GRSXtAcMZvauxvqAzcGqjbVc_yyKTW_rk_dNC0L5Eoa7nkfU0Y61M5kBlE5crlCladQv9z1i36wxwIKOZcDVFK0lDZtkdPsfYGD-QAe6NezS9gXaBRw1egyG1SYLa7MGX-18V8alLL8PN5E2zAoRRyXN12XUgjkoBZcxXXSA7V0wB_hYVA6h5hg57kILoXhPE3xOBMd_8AYtmCAl5MlJ65soxDiGUQl5Jq8dubJ-_AdObsVFmn3SN33elw4oK4yxIn_XIUQv4jH5i4ELAYLclYGxlRSDqMC3_h3cT5NF0D9uaXMC7ft-zhkuI31Xgnb12VhZU3tHNWW4IxF2a90XHbCMl37P5dR7WGpxI2dNVM2I1n873D13UPcy2Dlr9ZSOjUwUpsa01D4AzmIH7U1Xroh7fwQQksID_oTmfcIL3zgBCOtOayy0XqR8dQJcVfDQA7OrL5h5059Hp6n5j1vhmx4ut_CXO7cqIWLHR1Wh9o%26adurl%3D&documentReferer=https%3A%2F%2Fbemblogado.com.br%2F&ancestorOrigins=https%3A%2F%2Fbemblogado.com.br&random=2096293073468&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=3993863397&pi=t.ma~as.3741984719&w=728&lmt=1693397037&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=429&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124&nras=5&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=4622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&dtd=2160
Protocol: HTTP/1.1
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8ee2d90035d4db2bfcea6b1bd82952d4e6702491a9c7fed6f43492036895f57d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 14:03:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 78259100108146704444550012432005
Connection: close
Content-Length: 1351
Expires: Wed, 30 Aug 2023 15:03:58 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 14:03:58 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d1091d5742&subid=&uid=0ee574f4d86f3ba8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLriDTUzvZI23I-KKwuIPk9QtpuW9oGmFlZynyQ_wLhABIM343iNglYr7gZQHyAEJqQINqfRo2UWyPqgDAcgDmwSqBJMCT9DQF2ie_DWP9Mpaplw3XZNbwDQUKe1GoKCcNoeQaRcQAYzQixE_QA2BCZJsuqqPRz9S0PhohqRO1hQLO_jM7F13UC60eVoxbSUbx2uvfLxVDZDYqCKHuZryxRCyu0qVogjpr6qyBeLDU2Ame3xcfkbLqp6bJOpaOMHbDd8StJOx-POs9LFTW-qA7QzFlVDKA4DW-ONlRxsrCDnqR7-MbkpJB1f-_vX-CUTzzjKYdTFnUWzUg_zgHVJjSjob5X61MBKJdEKc9gP69YkcrNd1j85E_K0z-kUFW30akI2ssy9Eu590-n-M40R2YvM7E2b9QgaTpWRrTnwIYXjH62zIkdE7Clkor85jXNiNrdLE0_WX9hDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIzZGrsMaEgQMVYoVQBh0TagsAEAEYASAAEgI-LvD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJW4Tx1iw5N9ukFvxk3AGyftcCP1-RCcBREozmaJkiObI59HWreTRTBl7qg0Lv7XLI7ggNAvuvsGAE%26sig%3DAOD64_30RMoMq1e_OEbTukoZaS4zNo7Dog%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-Aa9FPOb0RA9CmWJwiIwg05YDnnyn6T1nmOF1aCmq4f2QEJl-YwIw0wfyIl8gIkwUY0I_gjXcTiBDsTVzAD78mDf5ZIUKhpa0u0ejmUbvLd_n8pAkieEoqOD__Zu88bIYQEPjd6ZAo_sokZxTCbo5an2EhTHs1SEv9RJBejasu937O7EN4%26cry%3D1%26dbm_d%3DAKAmf-D69QEghfLkEMWY7sQXwq5gEL54y5GRSXtAcMZvauxvqAzcGqjbVc_yyKTW_rk_dNC0L5Eoa7nkfU0Y61M5kBlE5crlCladQv9z1i36wxwIKOZcDVFK0lDZtkdPsfYGD-QAe6NezS9gXaBRw1egyG1SYLa7MGX-18V8alLL8PN5E2zAoRRyXN12XUgjkoBZcxXXSA7V0wB_hYVA6h5hg57kILoXhPE3xOBMd_8AYtmCAl5MlJ65soxDiGUQl5Jq8dubJ-_AdObsVFmn3SN33elw4oK4yxIn_XIUQv4jH5i4ELAYLclYGxlRSDqMC3_h3cT5NF0D9uaXMC7ft-zhkuI31Xgnb12VhZU3tHNWW4IxF2a90XHbCMl37P5dR7WGpxI2dNVM2I1n873D13UPcy2Dlr9ZSOjUwUpsa01D4AzmIH7U1Xroh7fwQQksID_oTmfcIL3zgBCOtOayy0XqR8dQJcVfDQA7OrL5h5059Hp6n5j1vhmx4ut_CXO7cqIWLHR1Wh9o%26adurl%3D&documentReferer=https%3A%2F%2Fbemblogado.com.br%2F&ancestorOrigins=https%3A%2F%2Fbemblogado.com.br&random=2096293073468&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 30 Aug 2023 15:03:58 +0200

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CE73 42 B
64 B 125ms
125ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfnMRpPSJ3ileW0JITq8pQPzhQBSyBfED5v1ThEh_pivRDcp5EBX88-KNiXxh9UVoZ_8tMO_3f9OJ_rspZOB8mSUG3WWlzmfKEJNyys12cx7ZykcFqAwdmzjfqpv3oulPQAX6cKjbtJRSD&sai=AMfl-YRFRi7GMV-2Y2eq1pUqnN88VBHtubjDqf8e7qP9y5YxPC3i3NHk5X5m3hC-20FaVt-2EfB0d31FkB3S&sig=Cg0ArKJSzEJSiBtsjUGDEAE&cid=CAQSGwBpAlJWNX9Bwl7UFB_nR7nggVLkcfVQWfHAiRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=264,881,1000,1000,1000&tos=264,617,119,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693404237174&rpt=576&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 84C2 0
20 B 125ms
125ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdsFZTkzvZJTNFoSn3gOy8LXoAQAAAAA4AeAEAg&bg=!xMelx4jNAAYkVgHwBFY7ADQBe5WfOPTXC5SDhic6guTzMBXB4wSUeUHo1f1pdRz2a0XWE464RzC-HQrvfYfdOz4As4f9AgAAAGBSAAAABmgBBwoARutBG7M3PZFnph-q-YOOid8yhPZTLPHmShQL4Ub5E7IeCHTiMQ6Gl0eGipvjT5Z6OBy5DIZ-8rfGOi_dox8loGxlMvCm9fSZAt-B6Fr9mb4IbtIhFUhwMD2lf5QPdkGIV6ugyTo4VcIoY1ptZIxZzaadttBj9ulPywyEgdVB7lEoX5tJoonDShI8y4YLarORnlAqDpMzy84pxgVIWm3E13YQ-Fed7PrFTHCLPIgNxL5wJxtjlt6Gt8g7wQqoBCZHerSPy9yPVb4NXHXQw1_muEC9ryk99cVE_W-Cg1Mn4Uc58ZVYbVsPNqvIRkGm3hSYVkPwW4CMmZYIWLi8V0jJBuY3MeKlULjY0FFVMjCbQGt4oExErirb_TYVce0_z87pJXgSN7UHns9LeWfoZ_d2P_2Re-Q5mSk-3kaq4SkcLJdEeOzZOC7vkCQhz0NGMe8DlLwSj0Z2sks4j4MyVeZgp6xWwPVIo547NYUG1bUFuFYs-qUf_CA31S2bPci6IJVacN1mZIFPWX6VpplraL8fKzhe5xHOLuXA9p9Gny2dYxqh9UWD52N4xOquMzRLFtJQtRR-A2sw2btH4RwtKhRjZl9vVT9COz4IBQp_CgBwzHprzWeQO8oJSCeK9oh3nx1Cc2IIkHPfM0xNb0Lekqa8XnXyJv_XJ_RFWmd3UyYqc6qdapYWJ1hZfXcp84eHUjO2S02oLRP3eOcU4XxEuu7Og1ItG0M9TYCkZ5jvKksuMpzKDzD4jV-CARdAbwQrZ0xpxE7GR9_klBY1pkWc5eBZB33OBKk19kT8TFIOcjzKKzsxHvrocDPZZ9mt6inHXMhk4pZPVwYlhv5QvODHwPL2riIWryBRT85wK6sbR1rZRXMcv7ojoXD_Y0AOYgOwlrKPYXOiAeIpaK3y1MniLvILrvRPxSKRllR-w2fMwFhaEqfSw4SHhhDu1UWPH2syKj95aSMZHuCQVk_HEovWQkMFLWbRH5870CnSrhKhOxqneKZ43UTas8OXIYd18w18SrW8vPZnMSjdR0cfAJQXzQZsVfDyyH3hdaVDmxHhLDAn5SiNzgBXBM1b6Do

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame A475 0
465 B 390ms
305ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=78259100108146704444550012432005&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d1091d5742&subid=&uid=0ee574f4d86f3ba8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLriDTUzvZI23I-KKwuIPk9QtpuW9oGmFlZynyQ_wLhABIM343iNglYr7gZQHyAEJqQINqfRo2UWyPqgDAcgDmwSqBJMCT9DQF2ie_DWP9Mpaplw3XZNbwDQUKe1GoKCcNoeQaRcQAYzQixE_QA2BCZJsuqqPRz9S0PhohqRO1hQLO_jM7F13UC60eVoxbSUbx2uvfLxVDZDYqCKHuZryxRCyu0qVogjpr6qyBeLDU2Ame3xcfkbLqp6bJOpaOMHbDd8StJOx-POs9LFTW-qA7QzFlVDKA4DW-ONlRxsrCDnqR7-MbkpJB1f-_vX-CUTzzjKYdTFnUWzUg_zgHVJjSjob5X61MBKJdEKc9gP69YkcrNd1j85E_K0z-kUFW30akI2ssy9Eu590-n-M40R2YvM7E2b9QgaTpWRrTnwIYXjH62zIkdE7Clkor85jXNiNrdLE0_WX9hDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIzZGrsMaEgQMVYoVQBh0TagsAEAEYASAAEgI-LvD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJW4Tx1iw5N9ukFvxk3AGyftcCP1-RCcBREozmaJkiObI59HWreTRTBl7qg0Lv7XLI7ggNAvuvsGAE%26sig%3DAOD64_30RMoMq1e_OEbTukoZaS4zNo7Dog%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-Aa9FPOb0RA9CmWJwiIwg05YDnnyn6T1nmOF1aCmq4f2QEJl-YwIw0wfyIl8gIkwUY0I_gjXcTiBDsTVzAD78mDf5ZIUKhpa0u0ejmUbvLd_n8pAkieEoqOD__Zu88bIYQEPjd6ZAo_sokZxTCbo5an2EhTHs1SEv9RJBejasu937O7EN4%26cry%3D1%26dbm_d%3DAKAmf-D69QEghfLkEMWY7sQXwq5gEL54y5GRSXtAcMZvauxvqAzcGqjbVc_yyKTW_rk_dNC0L5Eoa7nkfU0Y61M5kBlE5crlCladQv9z1i36wxwIKOZcDVFK0lDZtkdPsfYGD-QAe6NezS9gXaBRw1egyG1SYLa7MGX-18V8alLL8PN5E2zAoRRyXN12XUgjkoBZcxXXSA7V0wB_hYVA6h5hg57kILoXhPE3xOBMd_8AYtmCAl5MlJ65soxDiGUQl5Jq8dubJ-_AdObsVFmn3SN33elw4oK4yxIn_XIUQv4jH5i4ELAYLclYGxlRSDqMC3_h3cT5NF0D9uaXMC7ft-zhkuI31Xgnb12VhZU3tHNWW4IxF2a90XHbCMl37P5dR7WGpxI2dNVM2I1n873D13UPcy2Dlr9ZSOjUwUpsa01D4AzmIH7U1Xroh7fwQQksID_oTmfcIL3zgBCOtOayy0XqR8dQJcVfDQA7OrL5h5059Hp6n5j1vhmx4ut_CXO7cqIWLHR1Wh9o%26adurl%3D&documentReferer=https%3A%2F%2Fbemblogado.com.br%2F&ancestorOrigins=https%3A%2F%2Fbemblogado.com.br&random=2096293073468&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Wed, 30 Aug 2023 14:03:59 GMT
Host: pv.medialead.de
Proxy-Host: pv.medialead.de
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 5413AFB8:B36A_91EFC182:01BB_64EF4C4F_975CA73:B82D

GET
H2 200 / Show response
adv.office-partner.de/ Frame B2BF 930 B
931 B 98ms
26ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d1091d5742&subid=&uid=0ee574f4d86f3ba8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLriDTUzvZI23I-KKwuIPk9QtpuW9oGmFlZynyQ_wLhABIM343iNglYr7gZQHyAEJqQINqfRo2UWyPqgDAcgDmwSqBJMCT9DQF2ie_DWP9Mpaplw3XZNbwDQUKe1GoKCcNoeQaRcQAYzQixE_QA2BCZJsuqqPRz9S0PhohqRO1hQLO_jM7F13UC60eVoxbSUbx2uvfLxVDZDYqCKHuZryxRCyu0qVogjpr6qyBeLDU2Ame3xcfkbLqp6bJOpaOMHbDd8StJOx-POs9LFTW-qA7QzFlVDKA4DW-ONlRxsrCDnqR7-MbkpJB1f-_vX-CUTzzjKYdTFnUWzUg_zgHVJjSjob5X61MBKJdEKc9gP69YkcrNd1j85E_K0z-kUFW30akI2ssy9Eu590-n-M40R2YvM7E2b9QgaTpWRrTnwIYXjH62zIkdE7Clkor85jXNiNrdLE0_WX9hDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIzZGrsMaEgQMVYoVQBh0TagsAEAEYASAAEgI-LvD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJW4Tx1iw5N9ukFvxk3AGyftcCP1-RCcBREozmaJkiObI59HWreTRTBl7qg0Lv7XLI7ggNAvuvsGAE%26sig%3DAOD64_30RMoMq1e_OEbTukoZaS4zNo7Dog%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-Aa9FPOb0RA9CmWJwiIwg05YDnnyn6T1nmOF1aCmq4f2QEJl-YwIw0wfyIl8gIkwUY0I_gjXcTiBDsTVzAD78mDf5ZIUKhpa0u0ejmUbvLd_n8pAkieEoqOD__Zu88bIYQEPjd6ZAo_sokZxTCbo5an2EhTHs1SEv9RJBejasu937O7EN4%26cry%3D1%26dbm_d%3DAKAmf-D69QEghfLkEMWY7sQXwq5gEL54y5GRSXtAcMZvauxvqAzcGqjbVc_yyKTW_rk_dNC0L5Eoa7nkfU0Y61M5kBlE5crlCladQv9z1i36wxwIKOZcDVFK0lDZtkdPsfYGD-QAe6NezS9gXaBRw1egyG1SYLa7MGX-18V8alLL8PN5E2zAoRRyXN12XUgjkoBZcxXXSA7V0wB_hYVA6h5hg57kILoXhPE3xOBMd_8AYtmCAl5MlJ65soxDiGUQl5Jq8dubJ-_AdObsVFmn3SN33elw4oK4yxIn_XIUQv4jH5i4ELAYLclYGxlRSDqMC3_h3cT5NF0D9uaXMC7ft-zhkuI31Xgnb12VhZU3tHNWW4IxF2a90XHbCMl37P5dR7WGpxI2dNVM2I1n873D13UPcy2Dlr9ZSOjUwUpsa01D4AzmIH7U1Xroh7fwQQksID_oTmfcIL3zgBCOtOayy0XqR8dQJcVfDQA7OrL5h5059Hp6n5j1vhmx4ut_CXO7cqIWLHR1Wh9o%26adurl%3D&documentReferer=https%3A%2F%2Fbemblogado.com.br%2F&ancestorOrigins=https%3A%2F%2Fbemblogado.com.br&random=2096293073468&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 30 Aug 2023 14:03:59 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 06 Sep 2023 14:03:59 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 2E2F 0
466 B 529ms
441ms Script
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=78259100108146704444550012432005&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 14:03:59 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFB8:B368_91EFC182:01BB_64EF4C4F_969D75D:22024
X-IPLB-Instance: 40027
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 2E2F 43 B
482 B 519ms
426ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=78259100108146704444550012432005&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 14:03:59 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFB8:B366_91EFC182:01BB_64EF4C4F_969E7E5:22022
X-IPLB-Instance: 40027
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 43
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2E2F 43 B
705 B 356ms
292ms Image
image/gif 2.20.213.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=78259100108146704444550012432005&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.20.213.154 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-213-154.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 14:03:59 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame B2BF 119 KB
45 KB 31ms
28ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4495611d44f774078042240d72cfbe7fe69e3fed3cca1ada8815e44df13f8bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46249
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Aug 2023 14:03:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame B2BF 266 KB
88 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ac71d91d40020b2ec8105c3877e90dbdac976122b1539716d7959c6b2f41ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90572
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 14:03:59 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 2E2F 2 KB
2 KB 196ms
98ms Script
text/html 3.9.22.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=78259100108146704444550012432005&nw=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=3993863397&pi=t.ma~as.3741984719&w=728&lmt=1693397037&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=429&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124&nras=5&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=4622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&dtd=2160
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.22.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-22-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 652e00989d91f553eed9e1f559eeadfaa528f91683ce3fa9bda0da2e5304c7c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:59 GMT
last-modified: Wed, 30 Aug 2023 14:03:59 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 30 Aug 2023 14:04:59 GMT

GET
H2

200

activityi;dc_pre=CJSyrbHGhIEDFUIMaAgdJpUBxQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3246743878721.903 Show response
8019191.fls.doubleclick.net/ Frame 5D21
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3246743878721.903?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJSyrbHGhIEDFUIMaAgdJpUBxQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3246743878721.903?

391 B
326 B

136ms
135ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CJSyrbHGhIEDFUIMaAgdJpUBxQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3246743878721.903?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

7c4ef03b2b0454099e6d2e427a1443e586b788b93faee318ac93c7fb722d34aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 14:03:59 GMT
expires: Wed, 30 Aug 2023 14:03:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 14:03:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJSyrbHGhIEDFUIMaAgdJpUBxQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3246743878721.903?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90005.redintelligence.net/ Frame 1162 7 KB
2 KB 73ms
25ms Document
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request_content.php?s=78259100108146704444550012432005&a=e284e4ed
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=3993863397&pi=t.ma~as.3741984719&w=728&lmt=1693397037&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=429&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124&nras=5&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=4622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&dtd=2160
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c5f0c019057159429eb97f14c854156b2b38eab91800dc9c916ef3164443d843

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2079
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Aug 2023 14:03:59 GMT
Expires: Wed, 30 Aug 2023 15:03:59 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 40BD 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 09:30:03 GMT
etag: 48472445140208031
expires: Thu, 31 Aug 2023 09:30:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2E2F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7936c4b8e76f03f37864954baeec5caf74a79c5e35fbf38f96f87a785c2c271a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40BD
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGq-iUe2k9cEqwjhW1h60tk&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGq-iUe2k9cEqwjhW1h60tk&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RTZoVlZOcHoxUUJsTkI1&google_gid=CAESEGq-iUe2k9cEqwjhW1h60tk&google_cver=1&google_push=AXcoOmThIuS-qbP5z108XiWFZGcqKlzTt5iDTrYj0Tjs41m...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RTZoVlZOcHoxUUJsTkI1&google_gid=CAESEGq-iUe2k9cEqwjhW1h60tk&google_cver=1&google_push=AXcoOmThIuS-qbP5z108XiWFZGcqKlzTt5iDTrYj0Tjs41mSu-F0VEX-v83pR9jO26AzoKSEvIvlg66HKhRVQ9kZhFMVND5NBv4Ayqc

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 14:03:58 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RTZoVlZOcHoxUUJsTkI1&google_gid=CAESEGq-iUe2k9cEqwjhW1h60tk&google_cver=1&google_push=AXcoOmThIuS-qbP5z108XiWFZGcqKlzTt5iDTrYj0Tjs41mSu-F0VEX-v83pR9jO26AzoKSEvIvlg66HKhRVQ9kZhFMVND5NBv4Ayqc
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 40BD 70 B
264 B 44ms
43ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKOVkJldAA0wAE_dWbdo4f0&google_cver=1&google_push=AXcoOmRbvk08mkZV4kUpBwpNy4EkJm7KYDPBUFlMtIHiXitOBLP0ugnHjMq9IfG2JgDuTtyrP-peMhj1SqCxTSlO4_7T2sYdGr-Ud1I
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=3993863397&pi=t.ma~as.3741984719&w=728&lmt=1693397037&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=429&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124&nras=5&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=4622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&dtd=2160
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Aug 2023 14:03:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 40BD 43 B
362 B 30ms
29ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTPYUIMP5F71zdh9l676nqBKWZeOdhdGoscfYyVNIN_dhXwcxxuMTcj3-TU_tfPH9_sYqXgOg-B26_qyqSaKEO1VbQ8KZ71-5s&google_gid=CAESED4oIJQz0WnLABwt_tJ-BIk&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:59 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 215125
expires: Wed, 30 Aug 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40BD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED2rlqibjzzuW6xMc3pABS4&google_cver=1&google_push=AXcoOmRPp9KCCWVXCBTPVNqh-A-LghCS8Bi7JRN1Pj_afbWcvVvYru92jODiTEdzSnfHhr9z1Mfkk0mn...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESED2rlqibjzzuW6xMc3pABS4&google_cver=1&google_push=AXcoOmRPp9KCCWVXCBTPVNqh-A-LghCS8Bi7JRN1Pj_afbWcvVvYru92jODiTEdzSnfHhr9z1Mf...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTkyNTgwMzU5NjE3MzM4MjQ4Nw&google_push=AXcoOmRPp9KCCWVXCBTPVNqh-A-LghCS8Bi7JRN1Pj_afbWcvVvYru92jODiTEdzSnfHhr9z1Mfkk0...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTkyNTgwMzU5NjE3MzM4MjQ4Nw&google_push=AXcoOmRPp9KCCWVXCBTPVNqh-A-LghCS8Bi7JRN1Pj_afbWcvVvYru92jODiTEdzSnfHhr9z1Mfkk0mnALkgwevVhTqcJT_npuga3Q

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:03:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTkyNTgwMzU5NjE3MzM4MjQ4Nw&google_push=AXcoOmRPp9KCCWVXCBTPVNqh-A-LghCS8Bi7JRN1Pj_afbWcvVvYru92jODiTEdzSnfHhr9z1Mfkk0mnALkgwevVhTqcJT_npuga3Q
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 40BD 0
12 B 30ms
29ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbXiGITxsdV1hoAgwrE5AY9ssnLAAzpzoL9PB45bKNtWWdPxLh

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:03:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame 1162 2 KB
434 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=78259100108146704444550012432005&a=e284e4ed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 14:03:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 13:27:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 14:03:59 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1162 10 KB
10 KB 74ms
25ms Image
image/png 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-627x627.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=78259100108146704444550012432005&a=e284e4ed
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 7b20912745e6d992b37a820435a8a24ca66b475d1658c8aa02271e5468ecee4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 14:03:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9891
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1162 9 KB
9 KB 77ms
27ms Image
image/png 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=78259100108146704444550012432005&a=e284e4ed
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 644f4de72ce5990828950602bf2c43043c45a410eb61c1b4321ecf6e12b8949f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 14:03:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9249
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1162 7 KB
7 KB 77ms
26ms Image
image/png 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native4.png
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=78259100108146704444550012432005&a=e284e4ed
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3dfe34621f98e7cae324815381ac65a845987435fc9c5427eee09d068e4bc74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 14:03:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7114
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal90005.redintelligence.net/ Frame 1162 0
150 B 76ms
26ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/viewability?s=78259100108146704444550012432005&a=7e4bd278&vb=m
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=78259100108146704444550012432005&a=e284e4ed
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/request_content.php?s=78259100108146704444550012432005&a=e284e4ed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 14:03:59 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2E2F 51 KB
18 KB 82ms
25ms Script
text/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=78259100108146704444550012432005&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:40:54 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 14:11:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 76986
etag: W/"cb7accb6a6fc086cd831549a78a2fe42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: ahEHzzqVhLeXkXSG90vPec6clZy8t_5X5k9Lrk6mLpdf1Ct8P4RKdw==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 2E2F 85 B
436 B 78ms
21ms Image
image/gif 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1693404539&Signature=SQspV-VmhZdAuTa8UfUfwfSIFErUV1Xj-6fTxX9cvRyZi6bZYnJHBVNbSqnw294Ob-okcYDCj2ojL3tlLuThvxY2xwprJ2fD0XjRl0WZd1DHFmyDb1quoOTZub~BUnlYOXJ2nALTIKN60R80XYhLQxoJ3-i7D6eaGspSrOWa70Xioav8W-5KKhh4DDQ61SOCUBc3mT4aYoIgdBup6ariICVGAdlJzrVbcn93QFxSS~JstezZO~Mc~101~TVxP4urFrGx9~TwcfO5mnCziWSlKF-2lBsO7RF02gFI0TI8zc68vOy31UjYbFvRW~gN0HdfmW3S~ifnIkWEyk0oGHPT9w__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=3993863397&pi=t.ma~as.3741984719&w=728&lmt=1693397037&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693404235381&bpp=1&bdt=835&idt=429&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3942be31964a43b4-22c339795fde00d8%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ&gpic=UID%3D00000c6b812e272e%3AT%3D1693404235%3ART%3D1693404235%3AS%3DALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA&prev_fmts=0x0%2C728x90%2C300x250%2C300x600%2C1200x280%2C200x600%2C200x600%2C1005x124&nras=5&correlator=3677201854671&frm=20&pv=1&ga_vid=786774982.1693404235&ga_sid=1693404236&ga_hid=632161467&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=4622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077318%2C42531706%2C42532335%2C31077452%2C42532360&oid=2&psts=AOrYGsnnLbIzmIOT-SC9j2IWk7p4iqowv7zU34E2hbeqqO5ki1r0NGyjRwa1fgQiTYfi1VSoB5KXYJhz4vLtEtfgR-fL2A%2CAOrYGskggh7SHiU7xDbgw6Bg8jk76ONvdWO8nB0kzlGxdSFdi2szSJ6jmSFu53907_mjzdklBgt4CBlpX0ts-RndQc9mBw%2CAOrYGsmRnnW2fEMutyQ7RLyKX3IcT6Mcx3wXqQT5ZFVCaEu6Vrm10674dBZ0Om81JHxY2jNo0NiD57-K8WVJ8YS5NnYrIbnw&pvsid=1575205465478706&tmod=1337695524&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&dtd=2160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 30 Aug 2023 02:23:07 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 42053
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: tVtWlde51TFN9h5vczM3PgHjVpf4c5YTm32QaCeOBIw5g3TTARtCdg==

GET
H2 200 dc_pre=CJSyrbHGhIEDFUIMaAgdJpUBxQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3246743878721.903
adservice.google.com/ddm/fls/z/ Frame 5D21 42 B
401 B 178ms
127ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJSyrbHGhIEDFUIMaAgdJpUBxQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3246743878721.903

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJSyrbHGhIEDFUIMaAgdJpUBxQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3246743878721.903?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:04:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 170ms
34ms Preflight 18.170.168.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.168.253 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-168-253.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 30 Aug 2023 14:04:00 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2E2F 16 B
209 B 85ms
85ms Fetch
application/json 18.170.168.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.170.168.253 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-170-168-253.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 30 Aug 2023 14:04:00 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 90ms
84ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ce39a5734a975b27525d4e354be96df56b8a31664463955c11c27e0d21baa47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12347
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 14:04:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC02 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 12:45:52 GMT
expires: Thu, 29 Aug 2024 12:45:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5A88 829 B
559 B 45ms
45ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ad3c0040d1e298c85c03f87c602ae81cbcc7542ae34be056833713c77086adb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MShMHY5TRnG2spXsA4AXzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-MShMHY5TRnG2spXsA4AXzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 14:04:00 GMT
expires: Wed, 30 Aug 2023 14:04:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame DC02 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Aug 2024 13:43:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5A88 0
0 120ms
119ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=1575205465478706&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DC02 0
12 B 20ms
19ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Z2hOxA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:04:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E2F 0
20 B 121ms
121ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4994804264047&version=m202307240101&ct=77&x=1&cor=12878253216552147000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 14:04:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 126ms
125ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=1575205465478706&bg=!KyilKGfNAAYkVgHwBFY7ADQBe5WfOGbVbE_zJZDxq9Hb6DiCj62KM8kn7hqBAc4cPI2H8-ee1QIkfZgAR486CM7SLmBfAgAAAEpSAAAAB2gBBwoAh53o76tPC3s4qapQqfgH5OuIq2wtgoejwMjkb18lFPJnPc5gabWQBokP11kkNBcUUrxk6aSoEibOciB6S2Tai4Y4FKqarOK7MGaZXZGzEVpzZJR5pbA1IRlz_VsFtYiB2Vm1X_T59tle-A7Jo4lWGwC_kGKSSVoVCAG-cg_KQlaqsXtNvut0OZkCxCBkWoAsP3EHdOeJaRTZwY4AyMr2iAyIbW0HNebpkmzpPJj9O1M_-khIMaw497vtO2HdAz5RuARMbhBSr8sWpyesPSqEtoOQBBcIJqk_yTuLDwfdxAcZ5GW854U1loNgtpJpnVC57yTvHWp4BJgOw6RFiaL6ADAXcF0tIGElkhdMSAZH-9yht_7JQtj7n-hmuohomH8y1xr7G6iV4Jw8d6FhSoYxYbJ7_Q31g0T7QodUReI4WFxqrFDmxsJj5eEPHn6VFb9aBFuebND8CuaVMfx3ldEs6dRnA5KPZgMupIaOkJq8zdtONF637-ceuMKusRadxlgXoL6Yv9VfEAU7P_cGd_Rh28ZOoKtAPSYCpmCXnKy1Z6bjiFnIdTkSrqm073MFkHP8gMHwY1ES-Sm1GuUPLblZoI87n4ThWk0ccsTXkRsis1U_ped7jG2-sUwpptFSOGy3_HxXBRdLTFCp7Y0SEAeHtUYHVHnEF7l3qgTnjtBPEAgWevAXv5ZlFRZgP3dsBjcoFl9Ag_iK6n9tytXhHoyVt89TzpXweRxbP8yoBRmnjjsYRG17KoFfR2MyEY3BamnaOWAdlT9CtUQJRxbAFH6vgcqgcJA2da9DnQvwG3IaF83u-GFrPpY4iks5yUSj7gSdCuyV-cQbW5HGCv4BJl56yG8aXvqKjth0DlTLgL4Y3mVUJPYgym1uxv0hmsVU8zoADgqDtsvNacuB5U5dmtNVo_2Fz7v6UtWa3RFMSzBSLlb2d_OIuy2vX9P4Ib-YfAW6li2rSVBC2tqsX9zetzHLPmLtZttYX_Pp4QlgVQDJQXlSMnQCQL4N0EyVA00ul1kkSOUZs9RnpjhEqrCey1FCSMkEqzK_jLLgupJikin-z2wf50WYaef32ToJUCJ8NfxC-vvDBTK6Zt8KbfIohPIZR_c2q0MI-mCYA5XIvhrRXQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bemblogado.com.br/	1970-01-20 23:59:24	Name: _ga Value: GA1.3.786774982.1693404235
.bemblogado.com.br/	1970-01-20 14:24:50	Name: _gid Value: GA1.3.1453981451.1693404235
.bemblogado.com.br/	1970-01-20 14:23:24	Name: _gat Value: 1
.bemblogado.com.br/	1970-01-20 23:59:24	Name: _ga_YNST7LZLF9 Value: GS1.3.1693404235.1.0.1693404235.60.0.0
.bemblogado.com.br/	1970-01-20 23:45:00	Name: __gads Value: ID=3942be31964a43b4-22c339795fde00d8:T=1693404235:RT=1693404235:S=ALNI_Ma0MB8OsJqC5BfcsPMdaAhSI6p8VQ
.bemblogado.com.br/	1970-01-20 23:45:00	Name: __gpi Value: UID=00000c6b812e272e:T=1693404235:RT=1693404235:S=ALNI_MYoUPCdHZlJKTU55_guVlcftPM9yA
.doubleclick.net/	1970-01-20 23:45:00	Name: IDE Value: AHWqTUmMDGWKeZWQY8tS5KB0vT1U7ugeT31CsgwNbmdp9f8eIrNTkP3OwncCMzssFCE
.googleadservices.com/	1970-01-20 16:33:00	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 14:23:27	Name: DSID Value: NO_DATA
.turn.com/	1970-01-20 18:42:36	Name: uid Value: 3199621993388109619
.simpli.fi/	1970-01-20 23:10:26	Name: suid Value: EA1BC04BB7E24B41BAAAE0B322DD74F8
.everesttech.net/	1970-01-20 23:09:00	Name: everest_g_v2 Value: g_surferid~ZO9MTgAJS199QwBV
.adfarm1.adition.com/	1970-01-20 16:33:00	Name: UserID1 Value: 7273115821127628954
.yahoo.com/	1970-01-20 23:09:21	Name: A3 Value: d=AQABBE5M72QCEOh6B573SiBKkxEP0Lt0GJsFEgEBAQGd8GT5ZAAAAAAA_eMAAA&S=AQAAAr6SJ5PFovz8_BLDCVpXvzg
.doubleclick.net/	1970-01-20 18:42:36	Name: APC Value: AfxxVi6uL1XCvJMcVXGWslyOA4XcjV5XeSnTwH6Q2DC1GsNJ9i859g
.casalemedia.com/	1970-01-20 23:09:00	Name: CMID Value: ZO9MTpCI0UZB45-fu7xLawAA
.casalemedia.com/	1970-01-20 16:33:00	Name: CMPS Value: 2231
.casalemedia.com/	1970-01-20 16:33:00	Name: CMPRO Value: 2231
.adnxs.com/	1970-01-20 16:33:00	Name: uuid2 Value: 1193402152615706178
.adnxs.com/	1970-01-20 16:33:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Mo3-Qi!]tbPl1M>e)ZlrFUfJ+tGXxpGHQ4Ki8zy:SSheVUDZ2k]Lg@iPZskmaLcH)43If)y3KL9D3I?+EcdWl1
.tribalfusion.com/	1970-01-20 16:33:00	Name: ANON_ID Value: aentmIu4YUdmqcn62woCV2An1liNfBam7OsqjZaP9MeqWjmbtqlXaFLwHWuWrmsZbca9AWxl0HZaISv4ayMQOrZc0k7Zb
.redintelligence.net/	1970-01-20 16:33:00	Name: 8lcfmzhxc8d6_uid Value: 71adabf604f07f70
.office-partner.de/	1970-01-20 23:59:24	Name: source Value: {"webgains_webgains":{"timestamp":1693404239187,"clickCookie":false}}
.awin1.com/	1970-01-20 14:33:29	Name: awpv11601 Value: 113440\|1693404239\|10eaecc0-473e-11ee-b5a9-2261897cac57
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.w55c.net/	1970-01-20 23:55:05	Name: wfivefivec Value: E6hVVNpz1QBlNB5
.adform.net/	1970-01-20 15:08:02	Name: C Value: 1
.w55c.net/	1970-01-20 15:06:36	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 15:49:48	Name: uid Value: 5925803596173382487

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-8287694053987657&fa=3&ifi=10&uci=a!a&btvi=2 Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-8287694053987657&fa=4&ifi=11&uci=a!b&btvi=3 Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-8287694053987657&fa=1&ifi=12&uci=a!c&btvi=4 Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a.tribalfusion.com
ad.turn.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
bemblogado.com.br
c1.adform.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90005.redintelligence.net
ib.adnxs.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pv.medialead.de
r.turn.com
region1.analytics.google.com
s.tribalfusion.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
138.201.63.165
142.250.185.162
142.250.186.130
145.239.193.130
151.101.66.49
176.9.26.250
178.250.1.9
18.170.168.253
18.193.211.202
18.66.147.120
185.80.39.216
192.185.215.219
2.16.97.41
2.20.213.154
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.58.206.38
2606:4700::6812:18ad
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9d
2a05:d018:d29:3605:cca0:8b97:e855:348c
2a0b:4d07:102::1
3.33.220.150
3.9.22.61
35.204.158.49
37.157.2.234
37.252.172.123
51.75.86.98
52.28.44.182
85.114.159.118
99.86.4.36
011426f6c5b5be4d1d609555cb477dc3f139a464526650c11e09dece069936ab
03764450cebf44f072c4dca8e4dbbdb46bca61eb7882584bd58d0d1f5e5f000c
03ca8c38633872b885f1e54e729c4597da2f1c52d06f9a5289ddda7ca3a9930c
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
10584e906d8e60b49110307f45c191e6c3c09380309f3bb78da5608ed58684b2
113563e05072c4e53abdec78496fa358c7090aa9bef7954d1b782d58099fe39e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c3f7bc60c99d1b6b634d6cd16fbb0e26ae75ddda15d7a6e5106cd5dad83f14
1349c213766a5f6da0fb2866ac869b3d0a931cbdae3ddcedb800c2f3e55f2ba3
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
1642f2b4a67037010b80ea9f5f310bd36f51102f9c5e9861a3f4890358b2619d
164b1fab27fe0015d42e7d587173f250bd1f1a82b114df0a6ccfafb9b304eeef
16cb5bdf4fab9cae6686619fbf8ef1b240302bd7ee037e91ae036b35d2405a5e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
192811b11cab8b2d4254be60c82edeb3054b8c0a5aa7092b5a934adbd9e3320f
1c3409ece9059559d362395149fe2316a2df03316e2c6a937452ce3a8a79625e
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1ed04b57db325a6b0b65f70946443fdca03d2167f401118f3a74a0dfda0ea532
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2201fc3e9b5096b843187a77982f8203b6527a8c1b5d15379d84802b4de401c2
241969badcc1987bd3a8c5b3de7a81a51e9f497d040c4c35c640c7155eec43ee
2853c4347bad33b961a3c3b9cebd11c3b6fde1844b270e510c8471c4c8109483
2c033b052d10110dbc158af95d97b416ca296db88d9a41b01c70f25d468ef539
2c34c72649547631a667da33a6f1a5198c7005c5af2cf5ed2631db33150d1a58
2d5bee8dc7c6bdac4bdb83ee07757921bb514da8918b6267af23d4a4c5591fb7
2de41667b0b7fb1b162dd288fb0c464ae09d37af4fd01fff768354fef9c3159e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
37c936db1c8089eb69872a674a70f90171f3bd241c7c3834c9ddc555e249be19
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
385b2fc8ba9710ed54dbbe25d2d8d04a8d396f0c147ad88420bae9c260f8e71e
39ab1d55928c4d4d4e2a94697f0287c47174bbb17bd46d3315d959397b4f1471
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac71d91d40020b2ec8105c3877e90dbdac976122b1539716d7959c6b2f41ae5
3c64c244ff740b42a62b4c041be721224db62770ed7effd48954990593ded6cf
3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b
3f693849edf3db91546d7f6211a09e7b26af212848f7d20a2d5dd218ccf24c66
3fe16285450ca6ed378d7a7180a82ab212afa46aac33790ef66fd9637ab778ea
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74
4495611d44f774078042240d72cfbe7fe69e3fed3cca1ada8815e44df13f8bd6
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
482c112b0048b8d19f2d30ab6b8f140ae01848b62b375bfd74d3f5f7365fe0e5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49ebaf0bfad5aaf0c66de0bb84a2c7d1e32f33add8d6cb75897ae56cb07bcda9
4ad3c0040d1e298c85c03f87c602ae81cbcc7542ae34be056833713c77086adb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb7a3e2dd732c62832944233c630e7738da90051257cf7f5d1b76cd41907a33
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4c3ca291235f8e06df80f338ead76fcdf7d1375ced7d20ab90d6d18adc788783
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e973232b36706fd9741b51130b68c9b44f021ae5fdb2ba348185a3167d4e775
4edefaae0530f8e4876f4002cef896bf8eaec505584d8060b2a427122cc12493
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
51deddce2061e92e3f5354e9a1cfb6c44a34779ea37509e7fcd222a9af116ce2
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52a9debfb11e5fef64072dd58c0c8c7653377fe6c016dc11d049ae35c1dbdda5
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5518a5b78d133e548dcf9300456714d7489f769629ef07d245af24940ff380d3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bf10a1645567d3b7ed40204525c8dc89a32c5851adecce569f5fd5ed97b88b
5717914f6f7f40cdab0cb482dae99f9592102b1be240c4bdeb5426fa184ea480
57b9ed46db9f0404ccd138ab81ac7cb24d5a084103cfdc53b776792f1d487465
57bc92bcea74505f09f62432bfd540ecd444adb619d0a77dd7096e4966893bfa
589e90add70353ede27451e99490466f6b4f78a36a4144d07c017d2cb6e91b26
58dcea6b065f9657b98ae033d2c0a8056d4ec71f845ecc5c142b7974cc5e0696
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6373b977c2e74421978a4f4ec2ec6ea4259b5dcb5968b4b5cbe8df78c310e1a7
644f4de72ce5990828950602bf2c43043c45a410eb61c1b4321ecf6e12b8949f
652e00989d91f553eed9e1f559eeadfaa528f91683ce3fa9bda0da2e5304c7c6
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6b7646ab10a6d458f86cde5a321dcb0895d6f320d43ab10ed398806d42b337fc
6f458cc595c07157e118cfc1b0f09dd34aa02eb00fcab7688ca7eef7dababe27
6f68b3035837dc82e682f6e5fe5971ab572228c6c0fb12522d89193c96a97ba4
6fac165dbd30adee78af2ad7da67bae5ad46ac63ed6ed483134ec35459c75f8a
73dcf18fb3a519e95880a1f8444b7096160c2ffb1d6ab9201cfc8eaa95e1f907
76b097d6e0e8909b60f072b3ce1f49fe6e274494d45ae388d573019f29ebf573
775cbce49923f2cae3409769a61f094eb3ccc5069cdacd46af20695fba981e4d
77a8906be61f62bd50c983b56b128f0e3226cda5ef0f805b8b2f0699f90af184
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
78c687b56f5d4e4ffd0ba468c04468a42a5acb97260a311d250a2f33c3d0c950
7936c4b8e76f03f37864954baeec5caf74a79c5e35fbf38f96f87a785c2c271a
7a3a19faa84ab238ac542e09efa9a6e3575b46805b9a43343b3cb445e08b1ecc
7b20912745e6d992b37a820435a8a24ca66b475d1658c8aa02271e5468ecee4b
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c4ef03b2b0454099e6d2e427a1443e586b788b93faee318ac93c7fb722d34aa
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7ce1ed4b2294bbfed5444a906f04c5850f89b709740e2d2305bf0d6bd90377a7
7ce39a5734a975b27525d4e354be96df56b8a31664463955c11c27e0d21baa47
820c6a4627f2731479fbc2133d5047d493f71058bf20a445fac83a6a660444bc
856b57a15825aac97cbf4d74f9a64a6b07f38d3715e0888b2e3ae4a79537c9d3
86cda207bb9abf4e76744b003e3348daaee8577af83ea80b2f06e98d67a2f0e8
89a704664f801d9ff1f8d5e3f92003c8cdaa96661fa030a444f085cc80470768
8b282aff34d04a851b1396e4451d1ddb3d9b00a330f4c9907d4dbc8df632104e
8c0fb8b0ad3ef980d41b04107b821bd20880ac3c1cb8e7cbbd59fca89a01aa82
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d70cf48a26f2f086c468d1d2ea393414732104a89b02f55e01aadec7a56da52
8ee2d90035d4db2bfcea6b1bd82952d4e6702491a9c7fed6f43492036895f57d
8ef4f8257228435fa204e03cb2d8008d0dc7bf939152e22cbadae4cef79f8f08
8f49d0771ebfd74579d3e279beaba8cee49210cbd54e1a9636059ea0d9dd2f53
900c7bdac483b7fe96516c706e902bc1ca0c012526b42aeaf2b22927d6372060
90d4b4366f20b30c159f35b0dfc2796e64aceb9eb248f7731cac068ede8bc4c3
98ffa42ce3f18359719610b0ba6da67b159897622e9b8ce39cc028454ae446a4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b26f3907619129f01c8d8057788579e8c1ac5eb0667826a41980072a48ceb2b
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9fffbb005e41c0039515c83d8c548af523ecf7bcecfe748a59cc4fd7c94983fc
a02e9387b384e39654eee5bd75566bc5335799ea2339f2d4fea0821dacb58cb0
a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030
a1cda6441d6032222b35f93ae5f3bddff8eab851e5e8622049ef96f0b53bb01b
a5fe441b1f2f24379beb960b9fa252592b90fc01be7f2104588f1c65176423f9
a64b01d95264e4acae6862a8769b15613750d93c6435ade24925c8a069ea5b0b
a8642bcd147ba3528345f5bd17f788cd524931e093255b2c1c8344677a1ab505
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab14e945bc72af34e28b188ff288f89d5fff8049ef298cdaeb189af9eaf164e3
ab23df16e6bd97faec2100a832bfecf8ee5db9761fe87272854778e8fafb5184
ab5b3f4a39c764019f9eb7722ae293313626d9974a4217e589b6be59b3d8028b
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17546f7d80227a765f3c00e25a2fe71bf1219d0df08b58dfd4833fd51b53d33
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5
ba856c95ad83a1bd0b52407f7133fc982dcb73c0701d4e251ac6e6cb0fcf28f1
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
bf9f2d5bcce79d7840892c9d7e662802236736b019105c61e2b8e05935852a83
c1a14078be47bd4e4cf5ba42f7ebc1000a6ae1bfc084f1c7e6132f49823ed038
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c3a5c129a8eeeb7a4691be63260a36e4de189d1a3465767de7694a4e20d7e891
c5f0c019057159429eb97f14c854156b2b38eab91800dc9c916ef3164443d843
c77b3d6f3f352d01613fd1e5f0818eaabd659d90b6b7f03ef4abac2d8be8b073
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d0142ba30d0b7ae4c850070c3f547ee535342963bbbc4e3173d76a1e8f0384cc
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0751c0f8c9afc5945b9005fad0a30391084c66d5375bcac011009202d8e933d
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d3e0baa3df3f10fd3233f52ae33e18b84a1aa606dd6113594c22162a9b261fcb
d539a4e23ca0300e00a0cbac943f2b1ccd07149f59899a5858b67cb38002ba73
d5650637bb661b14d1bc3b6fa99383a374bb254026f1a95add4d6f468c467202
d5fe6f9d75522b1dee524bc628d2b0bef11c3e62d0017aa1686a147842a91eac
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8ce474bf0f5af6a1ce77f0710b2fc4a60b0d2c3276c5c666fff1571fa27a6bd
d98bdd8d9c4da34ca6f4639dbccbfd3d45154788793091ef016384411c97759f
db55133a67a89d7afa8eec358261698e5f831c82cdb2107973b8fe404f5ddc7b
db81762abc8ba52342ea14502070698fe831c0ca4ea9b5d50671181c2a3fb158
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e173360f5af3286284d8543def13aa486b8fa8b99ca2ebcaeadc8c17593a9623
e1eac998f8f98a950ef8d3c087cea35d3698ea3fa8c43f85c48ff761241581f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dfe34621f98e7cae324815381ac65a845987435fc9c5427eee09d068e4bc74
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5b06664cc498b43eba024fa0c055c01c109f02df0cf825a2f8824465df270a5
e7228a077f0c25993ee7599dd9788316135be1755cb02490dc6c880d03205676
e90e0d9376b600c05481203d9e81c73aea72d73d160892edd3ec6f52a1cd8a31
e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba
eb54cf6050a1ec0bee79457f8962e2d8195c510fc927fa30ab8d26192d4c014e
ebd4a78569ef1fab71b07e0f3e449819623ae220f0080fb6ec59fb66f2f65489
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32d3285eaf3023b465f2446c955f9cbc61b3416ecfa779d247cb5daa3cb1089
f4fc30c4e9f080778ac2f49816e7650fb6b13f26b1decef6dcfb55209b002274
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fc8df70123fd2c3752d9e3d07647700f9f0ed85c033a8e5d6553ce49bb1b4f07
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ff6a57fb71498826e9c37e64a6216349c3a637fc14a0ca1162ab548a453de078

bemblogado.com.br Open in urlscan Pro 192.185.215.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

292 Requests

91 %HTTPS

44 %IPv6

33 Domains

45 Subdomains

37 IPs

10 Countries

21132 kBTransfer

26772 kBSize

29 Cookies

5 Outgoing links

Page URL History

Redirected requests

292 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bemblogado.com.br Open in urlscan Pro
192.185.215.219 Public Scan

Screenshot
Live screenshot

Full Image

292
Requests

91 %
HTTPS

44 %
IPv6

33
Domains

45
Subdomains

37
IPs

10
Countries

21132 kB
Transfer

26772 kB
Size

29
Cookies

292 HTTP transactions
15 data transactions